Changeset 2041 for trunk/LATMOS-Accounts
- Timestamp:
- 06/13/17 19:28:43 (7 years ago)
- Location:
- trunk/LATMOS-Accounts
- Files:
-
- 8 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LATMOS-Accounts/lib/LATMOS/Accounts.pm
r2033 r2041 142 142 my %params = 143 143 map { $_ => ($self->val($section, $_)) } 144 $self->Parameters($section);144 ($self->Parameters($section), $self->Parameters('_default_')); 145 145 146 146 my %defattr = -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases.pm
r1992 r2041 7 7 use LATMOS::Accounts::Bases::Attributes; 8 8 use LATMOS::Accounts::Log; 9 use LATMOS::Accounts::Utils qw( exec_command to_ascii );9 use LATMOS::Accounts::Utils qw( exec_command to_ascii ); 10 10 11 11 our $VERSION = (q$Rev$ =~ /^Rev: (\d+) /)[0]; … … 1155 1155 } 1156 1156 1157 =head2 passCrypt($clear_pass) 1158 1159 Return an encrypted password using method set in config 1160 1161 =cut 1162 1163 sub passCrypt { 1164 my ($self, $clear_pass) = @_; 1165 1166 my $method = $self->config('crypt_method'); 1167 1168 LATMOS::Accounts::Utils::Crypt($clear_pass, $method); 1169 } 1170 1157 1171 =head2 connect($username, $password) 1158 1172 -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Ldap/User.pm
r1983 r2041 276 276 my ($self, $clear_pass) = @_; 277 277 278 my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9), '/', '.');279 my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1 .. 8));280 278 # openldap use prefix to identify encryption passwd 281 279 # {CRYPT} is system dependant, eg use crypt from system … … 283 281 # as we use perl crypt() which does the same 284 282 # This code will have to be changed if we use openldap on other UNIX 285 my $ md5 = '{CRYPT}' . crypt($clear_pass, '$1$' . $salt);283 my $crypt = '{CRYPT}' . $self->base->passCrypt($clear_pass); 286 284 287 285 my ($lm, $nt) = ntlmgen $clear_pass; 288 286 289 287 my $res = $self->set_fields( 290 userPassword => $ md5,288 userPassword => $crypt, 291 289 sambaLMPassword => $lm, 292 290 sambaNTPassword => $nt, -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Objects.pm
r2005 r2041 543 543 my ($self, $clear_pass) = @_; 544 544 if (my $attribute = $self->base->attribute($self->type, 'userPassword')) { 545 my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9), '/', '.'); 546 my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1 .. 8)); 547 my $res = $self->set_fields($attribute->iname, crypt($clear_pass, '$1$' . $salt)); 545 my $res = $self->set_fields($attribute->iname, $self->base->passCrypt($clear_pass)); 548 546 $self->base->log(LA_NOTICE, 'Mot de passe changé pour %s', $self->id) 549 547 if($res); -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Sql/User.pm
r2040 r2041 1947 1947 } 1948 1948 1949 my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9), '/', '.'); 1950 my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1 .. 8)); 1951 my $res = $self->set_fields($field, crypt($clear_pass, '$1$' . $salt)); 1949 my $res = $self->set_fields($field, $self->base->passCrypt($clear_pass)); 1952 1950 if ($res) { 1953 1951 if ($self->base->get_global_value('rsa_public_key')) { -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Utils.pm
r2008 r2041 370 370 } 371 371 372 =head2 Crypt($password, $method) 373 374 Build an encrypted password using standard crypt(), $method is the encrypted method to use: 375 376 =over 4 377 378 =item DES: the old DES method, do not use 379 380 =item 1 or md5 381 382 =item 5 or sha-256 383 384 =item 6 or sha-512 385 386 =back 387 388 =cut 389 390 sub Crypt { 391 my ($clearpassword, $method) = @_; 392 393 $method ||= ''; 394 my $methNumber = { 395 'des' => -1, 396 'md5' => 1, 397 'sha-256' => 5, 398 'sha-512' => 6, 399 }->{lc($method)} || $method || 1; 400 401 402 if ($methNumber > 0) { 403 # Good we're secure 404 my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9), '/', '.'); 405 my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1 .. 8)); 406 407 return crypt($clearpassword, '$' . $methNumber . '$' . $salt); 408 } else { 409 # Grumpf DES 410 my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9)); 411 my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1,2)); 412 413 return crypt($clearpassword, $salt); 414 } 415 } 416 372 417 =head2 buildLogin([$cb, ] @names) 373 418 -
trunk/LATMOS-Accounts/man/man5/latmos-accounts.ini.pod
r1958 r2041 50 50 This parameter is dedicate to set the company or institute name. It is used to 51 51 build the subject of mail send by application. 52 53 =head3 crypt_method 54 55 Specify the C<crypt()> algorythm to use to encrypt password when the work is 56 done on application side. Can be DES, MD5, SHA-256 or SHA-512, default to MD5. 57 58 Can be specified per base. 52 59 53 60 =head2 [_defattr_] SECTION -
trunk/LATMOS-Accounts/t/05_utils.t
r1985 r2041 1 1 use strict; 2 2 use warnings; 3 use Test::More tests => 32;3 use Test::More tests => 44; 4 4 use File::Temp qw(mkstemp); 5 5 … … 77 77 is(LATMOS::Accounts::Utils::buildLogin(sub { length($_[0]) > 9 }, 'TotoTataTiti'), 'tototatati', "buildLogin return 8 byte length login"); 78 78 79 my $clearpass = 'passwd'; 80 my $password = ''; 81 $password = LATMOS::Accounts::Utils::Crypt($clearpass, 'DES'); 82 like($password, qr/^\w\w.*/, 'Password encrypted using DES'); 83 is(crypt($clearpass, $password), $password); 84 85 $password = LATMOS::Accounts::Utils::Crypt($clearpass, 'MD5'); 86 like($password, qr/^\$1\$.*/, 'Password encrypted using MD5'); 87 is(crypt($clearpass, $password), $password); 88 89 $password = LATMOS::Accounts::Utils::Crypt($clearpass, 'sha-256'); 90 like($password, qr/^\$5\$.*/, 'Password encrypted using SHA-256'); 91 is(crypt($clearpass, $password), $password); 92 93 $password = LATMOS::Accounts::Utils::Crypt($clearpass, 'SHA-512'); 94 like($password, qr/^\$6\$.*/, 'Password encrypted using SHA-512'); 95 is(crypt($clearpass, $password), $password); 96 97 $password = LATMOS::Accounts::Utils::Crypt($clearpass, '5'); 98 like($password, qr/^\$5\$.*/, 'Password encrypted using SHA-256 (number)'); 99 is(crypt($clearpass, $password), $password); 100 101 $password = LATMOS::Accounts::Utils::Crypt($clearpass); 102 like($password, qr/^\$1\$.*/, 'Password encrypted using MD5 (default)'); 103 is(crypt($clearpass, $password), $password); 104 79 105 is(yesno('yes'), 1, 'yes is true'); 80 106 is(yesno('true'), 1, 'true is true');
Note: See TracChangeset
for help on using the changeset viewer.