SF Bug #3003779 - Unable to check password for NT and LN samba hashed

This commit is contained in:
Deon George 2011-04-27 21:53:47 +10:00
parent 4cf6b17ba3
commit 9e9960bc3d
3 changed files with 28 additions and 6 deletions

View File

@ -18,6 +18,7 @@ $request['componentid'] = get_request('componentid','REQUEST');
$request['hash'] = get_request('hash','REQUEST');
$request['password'] = get_request('check_password','REQUEST');
$request['action'] = get_request('action','REQUEST');
$request['attribute'] = get_request('attr','REQUEST');
if (get_request('base64','REQUEST')) {
$request['hash'] = base64_decode($request['hash']);
@ -30,6 +31,7 @@ printf('<h3 class="subtitle">%s</h3>',_('Password Checker Tool'));
echo '<form action="password_checker.php" method="post">';
echo '<input type="hidden" name="action" value="compare" />';
printf('<input type="hidden" name="attr" value="%s" />',$request['attribute']);
echo '<table class="forminput" width="100%" border="0">';
@ -53,7 +55,7 @@ echo '<td><input type="submit" value="Compare" />';
if ($request['action'] == 'compare') {
echo '&nbsp;&nbsp;&nbsp;&nbsp;<b>';
if (password_check($request['hash'],$request['password']))
if (password_check($request['hash'],$request['password'],$request['attribute']))
printf('<span class="good">%s</span>',_('Passwords match!'));
else
printf('<span class="bad">%s</span>',_('Passwords do not match!'));

View File

@ -2376,9 +2376,9 @@ function deleteAttribute(attrName,friendlyName,i)
# Add the javascript so we can call check password later.
echo '
<script type="text/javascript">
function passwordComparePopup(component_id) {
function passwordComparePopup(component_id,attr) {
mywindow = open(\'password_checker.php\',\'myname\',\'resizable=no,width=500,height=200,scrollbars=1\');
mywindow.location.href = \'password_checker.php?componentid=\'+component_id;
mywindow.location.href = \'password_checker.php?componentid=\'+component_id+\'&attr=\'+attr;
if (mywindow.opener == null) mywindow.opener = self;
}
</script>';
@ -2391,8 +2391,8 @@ function deleteAttribute(attrName,friendlyName,i)
protected function drawCheckLinkPasswordAttribute($attribute,$component_id) {
if (DEBUGTMP) printf('<font size=-2>%s</font><br />',__METHOD__);
printf('<small><a href="javascript:passwordComparePopup(\'%s\')">%s...</a></small><br />',
$component_id,_('Check password'));
printf('<small><a href="javascript:passwordComparePopup(\'%s\',\'%s\')">%s...</a></small><br />',
$component_id,$attribute->getName(),_('Check password'));
}
/** RANDOM PASSWORD **/

View File

@ -2198,10 +2198,30 @@ function password_hash($password_clear,$enc_type) {
* @param String The password in clear text to test.
* @return Boolean True if the clear password matches the hash, and false otherwise.
*/
function password_check($cryptedpassword,$plainpassword) {
function password_check($cryptedpassword,$plainpassword,$attribute='userpassword') {
if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
if (in_array($attribute,array('sambalmpassword','sambantpassword'))) {
$smb = new smbHash;
switch($attribute) {
case 'sambalmpassword':
if (strcmp($smb->lmhash($plainpassword),$cryptedpassword) == 0)
return true;
else
return false;
case 'sambantpassword':
if (strcmp($smb->nthash($plainpassword),$cryptedpassword) == 0)
return true;
else
return false;
}
return false;
}
if (preg_match('/{([^}]+)}(.*)/',$cryptedpassword,$matches)) {
$cryptedpassword = $matches[2];
$cypher = strtolower($matches[1]);