Ignore:
Timestamp:
06/13/17 19:28:43 (7 years ago)
Author:
nanardon
Message:

Allow to choose crypt algorythm per configuration

Location:
trunk/LATMOS-Accounts/lib/LATMOS
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • trunk/LATMOS-Accounts/lib/LATMOS/Accounts.pm

    r2033 r2041  
    142142    my %params = 
    143143        map { $_ => ($self->val($section, $_)) } 
    144         $self->Parameters($section); 
     144        ($self->Parameters($section), $self->Parameters('_default_')); 
    145145  
    146146    my %defattr = 

  • trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases.pm

    r1992 r2041  
    77use LATMOS::Accounts::Bases::Attributes; 
    88use LATMOS::Accounts::Log; 
    9 use LATMOS::Accounts::Utils qw(exec_command to_ascii ); 
     9use LATMOS::Accounts::Utils qw( exec_command to_ascii ); 
    1010 
    1111our $VERSION = (q$Rev$ =~ /^Rev: (\d+) /)[0]; 
     
    11551155} 
    11561156 
     1157=head2 passCrypt($clear_pass) 
     1158 
     1159Return an encrypted password using method set in config 
     1160 
     1161=cut 
     1162 
     1163sub passCrypt { 
     1164    my ($self, $clear_pass) = @_; 
     1165 
     1166    my $method = $self->config('crypt_method'); 
     1167 
     1168    LATMOS::Accounts::Utils::Crypt($clear_pass, $method); 
     1169} 
     1170 
    11571171=head2 connect($username, $password) 
    11581172 

  • trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Ldap/User.pm

    r1983 r2041  
    276276    my ($self, $clear_pass) = @_; 
    277277 
    278     my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9), '/', '.'); 
    279     my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1 .. 8)); 
    280278    # openldap use prefix to identify encryption passwd 
    281279    # {CRYPT} is system dependant, eg use crypt from system 
     
    283281    # as we use perl crypt() which does the same 
    284282    # This code will have to be changed if we use openldap on other UNIX 
    285     my $md5 = '{CRYPT}' . crypt($clear_pass, '$1$' . $salt); 
     283    my $crypt = '{CRYPT}' . $self->base->passCrypt($clear_pass); 
    286284 
    287285    my ($lm, $nt) = ntlmgen $clear_pass; 
    288286 
    289287    my $res = $self->set_fields( 
    290         userPassword    => $md5, 
     288        userPassword    => $crypt, 
    291289        sambaLMPassword => $lm, 
    292290        sambaNTPassword => $nt, 

  • trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Objects.pm

    r2005 r2041  
    543543    my ($self, $clear_pass) = @_; 
    544544    if (my $attribute = $self->base->attribute($self->type, 'userPassword')) { 
    545         my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9), '/', '.'); 
    546         my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1 .. 8)); 
    547         my $res = $self->set_fields($attribute->iname, crypt($clear_pass, '$1$' . $salt)); 
     545        my $res = $self->set_fields($attribute->iname, $self->base->passCrypt($clear_pass)); 
    548546        $self->base->log(LA_NOTICE, 'Mot de passe changé pour %s', $self->id) 
    549547            if($res); 

  • trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Sql/User.pm

    r2040 r2041  
    19471947        } 
    19481948 
    1949         my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9), '/', '.'); 
    1950         my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1 .. 8)); 
    1951         my $res = $self->set_fields($field, crypt($clear_pass, '$1$' . $salt)); 
     1949        my $res = $self->set_fields($field, $self->base->passCrypt($clear_pass)); 
    19521950        if ($res) { 
    19531951            if ($self->base->get_global_value('rsa_public_key')) { 

  • trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Utils.pm

    r2008 r2041  
    370370} 
    371371 
     372=head2 Crypt($password, $method) 
     373 
     374Build an encrypted password using standard crypt(), $method is the encrypted method to use: 
     375 
     376=over 4 
     377 
     378=item DES: the old DES method, do not use 
     379 
     380=item 1 or md5 
     381 
     382=item 5 or sha-256 
     383 
     384=item 6 or sha-512 
     385 
     386=back 
     387 
     388=cut 
     389 
     390sub Crypt { 
     391    my ($clearpassword, $method) = @_; 
     392 
     393    $method ||= ''; 
     394    my $methNumber = { 
     395        'des'     => -1, 
     396        'md5'     =>  1, 
     397        'sha-256' =>  5, 
     398        'sha-512' =>  6, 
     399    }->{lc($method)} || $method || 1; 
     400 
     401 
     402    if ($methNumber > 0) { 
     403        # Good we're secure 
     404        my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9), '/', '.'); 
     405        my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1 .. 8)); 
     406 
     407        return crypt($clearpassword, '$' . $methNumber . '$' . $salt); 
     408    } else { 
     409        # Grumpf DES 
     410        my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9)); 
     411        my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1,2)); 
     412 
     413        return crypt($clearpassword, $salt); 
     414    } 
     415} 
     416 
    372417=head2 buildLogin([$cb, ] @names) 
    373418 
Note: See TracChangeset for help on using the changeset viewer.