Merge pull request #42 from ptomulik/crypt-sha

add support for SHA-256 and SHA-512 via crypt(3)
2016-10-30 16:47:44 +08:00 · 2016-10-30 16:47:44 +08:00 · 4fefe2aa8c
commit 4fefe2aa8c
parent fa88250f0e ee9034f24c
1 changed files with 18 additions and 1 deletions
--- a/lib/functions.php
+++ b/lib/functions.php
@ -2116,6 +2116,8 @@ function password_types() {
 		'smd5'=>'smd5',
 		'ssha'=>'ssha',
 		'sha512'=>'sha512',
+		'sha256crypt'=>'sha256crypt',
+		'sha512crypt'=>'sha512crypt',
 	);
 }

@ -2124,7 +2126,8 @@ function password_types() {
 *
 * @param string The password to hash in clear text.
 * @param string Standard LDAP encryption type which must be one of
- *        crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear.
+ *        crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512,
+ *        sha256crypt, sha512crypt, or clear.
 * @return string The hashed password.
 */
 function pla_password_hash($password_clear,$enc_type) {
@ -2227,6 +2230,20 @@ function pla_password_hash($password_clear,$enc_type) {

 			break;

+		case 'sha256crypt':
+			if (! defined('CRYPT_SHA256') || CRYPT_SHA256 == 0)
+				error(_('Your system crypt library does not support sha256crypt encryption.'),'error','index.php');
+			$new_value = sprintf('{CRYPT}%s',crypt($password_clear,'$5$'.random_salt(8)));
+
+			break;
+
+		case 'sha512crypt':
+			if (! defined('CRYPT_SHA512') || CRYPT_SHA512 == 0)
+				error(_('Your system crypt library does not support sha512crypt encryption.'),'error','index.php');
+			$new_value = sprintf('{CRYPT}%s',crypt($password_clear,'$6$'.random_salt(8)));
+
+			break;
+
 		case 'clear':
 		default:
 			$new_value = $password_clear;