function loginUser($u, $p) { global $_SESSION; if (!file_exists($this->passwd_filename)) { $this->signed_username = Null; unset($_SESSION['username']); return FALSE; } else { FMWK_include_once("pear/pear.inc.php"); include_once "File/Passwd.php"; $passwd =& File_Passwd::factory('Cvs'); $passwd->setFile($this->passwd_filename); $passwd->load(); $res = $passwd->verifyPasswd($u, $p); if (!is_object($res) & $res) { $_SESSION['username'] = $u; $this->signed_username = $u; return TRUE; } else { $this->signed_username = Null; unset($_SESSION['username']); return FALSE; } } }
/** * Load and initialize the File_Passwd object * * @return object File_Passwd_Cvs|PEAR_Error */ function &_load() { static $pw_obj; if (!isset($pw_obj)) { $pw_obj = File_Passwd::factory('Cvs'); if (PEAR::isError($pw_obj)) { return $pw_obj; } $pw_obj->setFile($this->pwfile); $res = $pw_obj->load(); if (PEAR::isError($res)) { return $res; } } return $pw_obj; }
/** * APR compatible MD5 encryption * * @access public * @return mixed * @param string $plain plaintext to crypt * @param string $salt the salt to use for encryption */ function crypt_apr_md5($plain, $salt = null) { if (is_null($salt)) { $salt = File_Passwd::salt(8); } elseif (preg_match('/^\\$apr1\\$/', $salt)) { $salt = preg_replace('/^\\$apr1\\$([^$]+)\\$.*/', '\\1', $salt); } else { $salt = substr($salt, 0, 8); } $length = strlen($plain); $context = $plain . '$apr1$' . $salt; if (PEAR_ZE2) { $binary = md5($plain . $salt . $plain, true); } else { $binary = pack('H32', md5($plain . $salt . $plain)); } for ($i = $length; $i > 0; $i -= 16) { $context .= substr($binary, 0, min(16, $i)); } for ($i = $length; $i > 0; $i >>= 1) { $context .= $i & 1 ? chr(0) : $plain[0]; } if (PEAR_ZE2) { $binary = md5($plain . $salt . $plain, true); } else { $binary = pack('H32', md5($plain . $salt . $plain)); } for ($i = 0; $i < 1000; $i++) { $new = $i & 1 ? $plain : $binary; if ($i % 3) { $new .= $salt; } if ($i % 7) { $new .= $plain; } $new .= $i & 1 ? $binary : $plain; $binary = PEAR_ZE2 ? md5($new, true) : pack('H32', md5($new)); } $p = array(); for ($i = 0; $i < 5; $i++) { $k = $i + 6; $j = $i + 12; if ($j == 16) { $j = 5; } $p[] = File_Passwd::_64(ord($binary[$i]) << 16 | ord($binary[$k]) << 8 | ord($binary[$j]), 5); } return '$apr1$' . $salt . '$' . implode($p) . File_Passwd::_64(ord($binary[11]), 3); }
/** * Regression test for File_Passwd.staticAuth method * @access public */ function teststaticAuth() { foreach ($GLOBALS['_EXT_'] as $ext) { $pwfile = 'passwd.' . strToLower($ext) . '.txt'; $option = $ext == 'Authdigest' ? 'realm1' : ($ext == 'Smb' ? 'nt' : 'des'); $error = File_Passwd::staticAuth($ext, $pwfile, 'mike', 123, $option); $this->assertTrue($error); if (PEAR::isError($error)) { echo "File_Passwd_{$ext}::staticAuth() " . $error->getMessage() . "\n"; } } }
/** * Load and initialize the File_Passwd object * * @return object File_Passwd_Cvs|PEAR_Error */ function &_load() { static $pw_obj; if (!isset($pw_obj)) { $this->log('Instanciating File_Password object of type ' . $this->options['type'], AUTH_LOG_DEBUG); $pw_obj = File_Passwd::factory($this->options['type']); if (PEAR::isError($pw_obj)) { return $pw_obj; } $pw_obj->setFile($this->pwfile); $res = $pw_obj->load(); if (PEAR::isError($res)) { return $res; } } return $pw_obj; }
/** * Generate crypted password * * @static * @access public * @return string the crypted password * @param string $pass new plaintext password * @param string $salt new crypted password from which to gain the salt */ function generatePasswd($pass, $salt = null) { return File_Passwd::crypt_des($pass, $salt); }
/** * Generate password with htpasswd executable * * @access private * @return string the crypted password * @param string $pass the plaintext password * @param string $salt the salt to use * @param string $mode encyption mode, usually determined from * <var>$this->_mode</var> */ function _genPass($pass, $salt = null, $mode = null) { $mode = is_null($mode) ? utf8_strtolower($this->_mode) : utf8_strtolower($mode); if ($mode == 'md5') { return File_Passwd::crypt_apr_md5($pass, $salt); } elseif ($mode == 'des') { return File_Passwd::crypt_des($pass, $salt); } elseif ($mode == 'sha') { return File_Passwd::crypt_sha($pass, $salt); } return PEAR::raiseError(sprintf(FILE_PASSWD_E_INVALID_ENC_MODE_STR, $mode), FILE_PASSWD_E_INVALID_ENC_MODE); }
function teststaticAuth() { $this->assertTrue(true === File_Passwd::staticAuth('authbasic', 'passwd.authbasic.txt', 'mike', 123, 'des')); $this->assertTrue(false === File_Passwd::staticAuth('authbasic', 'passwd.authbasic.txt', 'mike', 'abc', 'des')); $this->assertFalse(File_Passwd::staticAuth('authbasic', 'passwd.authbasic.txt', 'nonexist', 'asd', 'des')); }
function teststaticAuth() { $this->assertTrue(true === File_Passwd::staticAuth('authdigest', 'passwd.authdigest.txt', 'mike', 123, 'realm1')); $this->assertTrue(false === File_Passwd::staticAuth('authdigest', 'passwd.authdigest.txt', 'mike', 'abc', 'realm1')); $this->assertFalse(File_Passwd::staticAuth('authdigest', 'passwd.authdigest.txt', 'nonexist', 'asd', 'norealm')); }
function teststaticAuth() { $this->assertTrue(true === File_Passwd::staticAuth('Custom', 'passwd.custom.txt', 'mike', 'mikespass', array(array('File_Passwd', 'crypt_plain'), '|'))); $this->assertTrue(false === File_Passwd::staticAuth('Custom', 'passwd.custom.txt', 'mike', 'abc', array(array('File_Passwd', 'crypt_plain'), '|'))); $this->assertTrue(PEAR::isError(File_Passwd::staticAuth('Custom', 'passwd.custom.txt', 'mike', 'mikespass'))); }
function teststaticAuth() { $this->assertTrue(true === File_Passwd::staticAuth('cvs', 'passwd.cvs.txt', 'mike', 123)); $this->assertTrue(false === File_Passwd::staticAuth('cvs', 'passwd.cvs.txt', 'mike', 'abc')); $this->assertFalse(File_Passwd::staticAuth('cvs', 'passwd.cvs.txt', 'nonexist', 'asd')); }