Skip to content
This repository has been archived by the owner on Jul 3, 2024. It is now read-only.

Commit

Permalink
Move to old hashing algorithm (backward compatibility), fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@TheJKM
TheJKM committed May 25, 2020
1 parent cf87bea commit 2d4ceaa
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 3 deletions.
2 changes: 1 addition & 1 deletion clientapi/php/client.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -227,7 +227,7 @@
array('paththree', "Laufwerk Z"),
array('infotext', $result['comment']),
array('room', $config['room']),
array('machinename', $config['machine']),
array('machinename', $config['name']),
array('groupfolders', $groupfolders));
if ($config['requiresLogin'] == '0') {
array_push($data, array('servicemode', 'noPasswordRequired'));
Expand Down
2 changes: 1 addition & 1 deletion clientapi/php/functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ function checkUserPassword($username, $password) {
}
$response = $stmt->get_result();
$result = $response->fetch_assoc();
if (password_verify($password, $result["unix_hash"])) {
if (check_unix($password, $result["unix_hash"])) {
return true;
}
return false;
Expand Down
12 changes: 11 additions & 1 deletion clientapi/php/hash.php
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,18 @@
<?php
function unix($input) {
return password_hash($input, PASSWORD_BCRYPT);
$salt = substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789', 4)), 0, 4);
return '{SSHA}' . base64_encode(sha1($input.$salt, TRUE).$salt);
}
function samba($input) {
return strtoupper(bin2hex(mhash(MHASH_MD4, iconv("UTF-8", "UTF-16LE", $input))));
}
function check_unix($password, $hash) {
if ($hash == "") {
return false;
}
$salt = substr(base64_decode(substr($hash,6)),20);
$encrypted_password = '{SSHA}' . base64_encode(sha1( $password.$salt, TRUE ). $salt);
if ($hash == $encrypted_password) return true;
return false;
}
?>
1 change: 1 addition & 0 deletions clientapi/php/register.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
/* Backend for PhilleConnect client registration
© 2017 - 2020 Johannes Kreutz.*/
require "dbconnect.php";
require "hash.php";
require "functions.php";
if (!isUserUnique($_POST["uname"])) {
echo "error";
Expand Down

0 comments on commit 2d4ceaa

Please sign in to comment.