diff options
| author | Jan-Philipp Litza <janphilipp@litza.de> | 2012-12-12 02:31:54 +0100 |
|---|---|---|
| committer | Jan-Philipp Litza <janphilipp@litza.de> | 2012-12-12 02:40:12 +0100 |
| commit | db95fe6485f13c0041bbafbb0004b171cd9122e7 (patch) | |
| tree | f5dbbc05f7ad6490dfe9586a5f3d4304ab537204 /includes/sys_auth.php | |
| parent | 697b756c4ea5925ebb23e31b08ff851d024ae26d (diff) | |
new authentication framework with stronger passwords and real salts - please proofread!
Diffstat (limited to 'includes/sys_auth.php')
| -rw-r--r-- | includes/sys_auth.php | 50 |
1 files changed, 38 insertions, 12 deletions
diff --git a/includes/sys_auth.php b/includes/sys_auth.php index e1869029..68cf17e4 100644 --- a/includes/sys_auth.php +++ b/includes/sys_auth.php @@ -28,15 +28,40 @@ function load_auth() { $privileges = isset ($user) ? privileges_for_user($user['UID']) : privileges_for_group(-1); } -function PassCrypt($passwort) { - global $crypt_system; - - switch ($crypt_system) { - case "crypt" : - return "{crypt}" . crypt($passwort, "77"); - case "md5" : - return md5($passwort); +// generate a salt (random string) of arbitrary length suitable for the use with crypt() +function generate_salt($length = 16) { + $alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + $salt = ""; + for ($i = 0; $i < $length; $i++) { + $salt .= $alphabet[rand(0, strlen($alphabet)-1)]; } + return $salt; +} + +// set the password of a user +function set_password($uid, $password) { + $res = sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, CRYPT_ALG . '$' . generate_salt(16) . '$')) . "' WHERE `UID` = " . intval($uid) . " LIMIT 1"); + return $res && (mysql_affected_rows() > 0); +} + +// verify a password given a precomputed salt. +// if $uid is given and $salt is an old-style salt (plain md5), we convert it automatically +function verify_password($password, $salt, $uid = false) { + $correct = false; + if (substr($salt, 0, 1) == '$') // new-style crypt() + $correct = crypt($password, $salt) == $salt; + elseif (substr($salt, 0, 7) == '{crypt}') // old-style crypt() with DES and static salt - not used anymore + $correct = crypt($password, '77') == $salt; + elseif (strlen($salt) == 32) // old-style md5 without salt - not used anymore + $correct = md5($password) == $salt; + + if($correct && substr($salt, 0, strlen(CRYPT_ALG)) != CRYPT_ALG && $uid) { + // this password is stored in another format than we want it to be. + // let's update it! + // we duplicate the query from the above set_password() function to have the extra safety of checking the old hash + sql_query("UPDATE `User` SET `Passwort` = '" . sql_escape(crypt($password, CRYPT_ALG . '$' . generate_salt() . '$')) . "' WHERE `UID` = " . intval($uid) . " AND `Passwort` = '" . sql_escape($salt) . "' LIMIT 1"); + } + return $correct; } // JSON Authorisierungs-Schnittstelle @@ -50,11 +75,12 @@ function json_auth_service() { $SourceOuth = $_REQUEST['so']; if (isset ($CurrentExternAuthPass) && $SourceOuth == $CurrentExternAuthPass) { - $sql = "SELECT * FROM `User` WHERE `Nick`='" . sql_escape($User) . "'"; - $Erg = sql_query($sql); + $sql = "SELECT `UID`, `Passwort` FROM `User` WHERE `Nick`='" . sql_escape($User) . "'"; + $Erg = sql_select($sql); - if (mysql_num_rows($Erg) == 1) { - if (mysql_result($Erg, 0, "Passwort") == PassCrypt($Pass)) { + if (count($Erg) == 1) { + $Erg = $Erg[0]; + if (verify_password($Pass, $Erg["Passwort"], $Erg["UID"])) { $UID = mysql_result($Erg, 0, "UID"); $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($UID) . ";"); |