Added Bcrypt support (#116)
* Set minimum PHP version to 5.5.0| Bcrypt Support * Added Bcrypt hash support * Update Install.md
This commit is contained in:
parent
fb437b037e
commit
bdfd68c3b6
@ -5,7 +5,7 @@ For install instructions in non-English languages, see the wiki:
|
|||||||
|
|
||||||
phpLDAPadmin requires the following:
|
phpLDAPadmin requires the following:
|
||||||
a. A web server (Apache, IIS, etc).
|
a. A web server (Apache, IIS, etc).
|
||||||
b. PHP 5.0.0 or newer (with LDAP support)
|
b. PHP 5.5.0 or newer (with LDAP support)
|
||||||
|
|
||||||
* To install
|
* To install
|
||||||
|
|
||||||
|
@ -8,7 +8,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
/** The minimum version of PHP required to run phpLDAPadmin. */
|
/** The minimum version of PHP required to run phpLDAPadmin. */
|
||||||
define('REQUIRED_PHP_VERSION','5.0.0');
|
define('REQUIRED_PHP_VERSION','5.5.0');
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The config class contains all our configuration settings for a session.
|
* The config class contains all our configuration settings for a session.
|
||||||
|
@ -2156,7 +2156,8 @@ function password_types() {
|
|||||||
|
|
||||||
return array(
|
return array(
|
||||||
''=>'clear',
|
''=>'clear',
|
||||||
'blowfish'=>'blowfish',
|
'bcrypt'=>'bcrypt',
|
||||||
|
'blowfish'=>'blowfish',
|
||||||
'crypt'=>'crypt',
|
'crypt'=>'crypt',
|
||||||
'ext_des'=>'ext_des',
|
'ext_des'=>'ext_des',
|
||||||
'md5'=>'md5',
|
'md5'=>'md5',
|
||||||
@ -2258,6 +2259,19 @@ function pla_password_hash($password_clear,$enc_type) {
|
|||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case 'bcrypt':
|
||||||
|
$options = [
|
||||||
|
'cost' => 8,
|
||||||
|
];
|
||||||
|
#Checking if password_hash() function is available.
|
||||||
|
if (function_exists('password_hash'))
|
||||||
|
$new_value = sprintf('{BCRYPT}%s',base64_encode(password_hash($password_clear, PASSWORD_BCRYPT, $options)));
|
||||||
|
else
|
||||||
|
error(_('Your PHP install does not have the password_hash() function. Cannot do BCRYPT hashes.'),'error','index.php');
|
||||||
|
|
||||||
|
break;
|
||||||
|
|
||||||
|
|
||||||
case 'smd5':
|
case 'smd5':
|
||||||
if (function_exists('mhash') && function_exists('mhash_keygen_s2k')) {
|
if (function_exists('mhash') && function_exists('mhash_keygen_s2k')) {
|
||||||
mt_srand((double)microtime()*1000000);
|
mt_srand((double)microtime()*1000000);
|
||||||
@ -2365,6 +2379,23 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
|
|||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
#BCRYPT hashed passwords
|
||||||
|
case 'bcrypt':
|
||||||
|
# Check php password_verify support before using it
|
||||||
|
if (function_exists('password_verify')) {
|
||||||
|
$hash = base64_decode($cryptedpassword);
|
||||||
|
if (password_verify($plainpassword, $hash)) {
|
||||||
|
return true;
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
} else {
|
||||||
|
error(_('Your PHP install does not have the password_verify() function. Cannot do Bcrypt hashes.'),'error','index.php');
|
||||||
|
}
|
||||||
|
|
||||||
|
break;
|
||||||
|
|
||||||
# Salted MD5
|
# Salted MD5
|
||||||
case 'smd5':
|
case 'smd5':
|
||||||
# Check php mhash support before using it
|
# Check php mhash support before using it
|
||||||
|
Loading…
Reference in New Issue
Block a user