From: henoheno Date: Mon, 28 Mar 2005 14:23:41 +0000 (+0900) Subject: BugTrack/709: Investigating multi-scheme password X-Git-Tag: r1_5_0_rc1~453 X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=66c433245302a1c2c1261c4ab198f8058ac94858;p=pukiwiki%2Fpukiwiki.git BugTrack/709: Investigating multi-scheme password --- diff --git a/plugin/md5.inc.php b/plugin/md5.inc.php index e7aa1be..33227af 100644 --- a/plugin/md5.inc.php +++ b/plugin/md5.inc.php @@ -1,43 +1,88 @@ 'MD5', 'body'=>'Hash: ' . md5($key)); + $scheme = isset($post['scheme']) ? $post['scheme'] : ''; + $prefix = isset($post['prefix']); + $body = plugin_md5_compute($scheme, $key, $prefix); + return array('msg'=>'MD5', 'body'=>$body); + } else { - // If cmd=md5&md5=password, set only (Don't compute) + // If plugin=md4&md5=password, only set it (Don't compute) $value = isset($get['md5']) ? $get['md5'] : ''; - if ($value != '') { - plugin_md5_checklimit($value); - $value = 'value="' . htmlspecialchars($value) . '" '; - } - $form = << + + plugin_md5_checklimit($value); + if ($value != '') $value = 'value="' . htmlspecialchars($value) . '" '; + $self = get_script_uri(); + $form = ''; + if ($submit) $form .= 'NO PHRASE
'; + $form .= <<
- + +
+ +
+ +
+ +
+ +
+ +
+ +
-
EOD; return array('msg'=>'MD5', 'body'=>$form); } } +// Compute hash with php-functions, or compute like slappasswd (OpenLDAP) +function plugin_md5_compute($scheme = 'php_md5', $key = '', $prefix = FALSE) +{ + plugin_md5_checklimit($key); + + switch (strtolower($scheme)) { + case 'x-php-crypt' : /* FALLTHROUGH */ + case 'php_crypt' : + $hash = ($prefix ? '{x-php-crypt}' : '') . crypt($key); break; + case 'x-php-md5' : /* FALLTHROUGH */ + case 'php_md5' : + $hash = ($prefix ? '{x-php-md5}' : '') . md5($key); break; + case 'x-php-sha1' : /* FALLTHROUGH */ + case 'php_sha1' : + $hash = ($prefix ? '{x-php-sha1}' : '') . sha1($key); break; + case 'md5' : /* FALLTHROUGH */ + case 'ldap_md5' : + $hash = ($prefix ? '{MD5}' : '') . base64_encode(hex2bin(md5($key))); break; + case 'sha' : /* FALLTHROUGH */ + case 'ldap_sha' : + $hash = ($prefix ? '{SHA}' : '') . base64_encode(hex2bin(sha1($key))); break; + default: $hash = ''; break; + } + + return $hash; +} + function plugin_md5_checklimit($text) { if (strlen($text) > PLUGIN_MD5_LIMIT_LENGTH)