Simplify crypt() calls, always assume SHA512 is available, use default value for rounds
Hanno Böck commited on 2021-01-13 10:32:52
Zeige 3 geänderte Dateien mit 3 Einfügungen und 26 Löschungen.
- modules/email/include/common.php 5191b5d..b883448
- modules/ftpusers/include/ftpusers.php a3a7455..35e24e1
- session/checkuser.php 8d527ec..6bb2e79
| ... | ... |
@@ -18,16 +18,7 @@ function encrypt_mail_password($newpass) |
| 18 | 18 |
{
|
| 19 | 19 |
DEBUG("unencrypted PW: »".$newpass."«");
|
| 20 | 20 |
require_once('inc/base.php');
|
| 21 |
- if (defined("CRYPT_SHA512") && CRYPT_SHA512 == 1) {
|
|
| 22 |
- $rounds = rand(1000, 5000); |
|
| 23 |
- $salt = "rounds=".$rounds."$".random_string(8); |
|
| 24 |
- DEBUG("crypt(\"{$newpass}\", \"\$6\${$salt}\$\");");
|
|
| 25 |
- $newpass = crypt($newpass, "\$6\${$salt}\$");
|
|
| 26 |
- } else {
|
|
| 27 |
- $salt = random_string(8); |
|
| 28 |
- DEBUG("crypt(\"{$newpass}\", \"\$1\${$salt}\$\");");
|
|
| 29 |
- $newpass = crypt($newpass, "\$1\${$salt}\$");
|
|
| 30 |
- } |
|
| 21 |
+ $newpass = crypt($newpass, '$6$'.random_string(8).'$'); |
|
| 31 | 22 |
DEBUG("encrypted PW: ".$newpass);
|
| 32 | 23 |
return chop($newpass); |
| 33 | 24 |
} |
| ... | ... |
@@ -79,14 +79,7 @@ function save_ftpuser($data) |
| 79 | 79 |
if ($result !== true) {
|
| 80 | 80 |
system_failure("Unsicheres Passwort: ".$result);
|
| 81 | 81 |
} |
| 82 |
- if (defined("CRYPT_SHA512") && CRYPT_SHA512 == 1) {
|
|
| 83 |
- $rounds = rand(1000, 5000); |
|
| 84 |
- $salt = "rounds=".$rounds."$".random_string(8); |
|
| 85 |
- $password_hash = crypt($data['password'], "\$6\${$salt}\$");
|
|
| 86 |
- } else {
|
|
| 87 |
- $salt = random_string(8); |
|
| 88 |
- $password_hash = crypt($data['password'], "\$1\${$salt}\$");
|
|
| 89 |
- } |
|
| 82 |
+ $password_hash = crypt($data['password'], '$6$'.random_string(8).'$'); |
|
| 90 | 83 |
$set_password = true; |
| 91 | 84 |
} elseif (! $data['id']) {
|
| 92 | 85 |
system_failure('Wenn Sie einen neuen Zugang anlegen, müssen Sie ein Passwort setzen');
|
| ... | ... |
@@ -264,14 +264,7 @@ function set_systemuser_password($uid, $newpass) |
| 264 | 264 |
{
|
| 265 | 265 |
$uid = (int) $uid; |
| 266 | 266 |
require_once('inc/base.php');
|
| 267 |
- if (defined("CRYPT_SHA512") && CRYPT_SHA512 == 1) {
|
|
| 268 |
- $rounds = rand(1000, 5000); |
|
| 269 |
- $salt = "rounds=".$rounds."$".random_string(8); |
|
| 270 |
- $newpass = crypt($newpass, "\$6\${$salt}\$");
|
|
| 271 |
- } else {
|
|
| 272 |
- $salt = random_string(8); |
|
| 273 |
- $newpass = crypt($newpass, "\$1\${$salt}\$");
|
|
| 274 |
- } |
|
| 267 |
+ $newpass = crypt($newpass, '$6$'.random_string(8).'$'); |
|
| 275 | 268 |
db_query("UPDATE system.passwoerter SET passwort=:newpass WHERE uid=:uid", array(":newpass" => $newpass, ":uid" => $uid));
|
| 276 | 269 |
logger(LOG_INFO, "session/checkuser", "pwchange", "changed user's password."); |
| 277 | 270 |
} |
| 278 | 271 |