head 1.6;
access;
symbols
pkgsrc-2024Q1:1.5.0.16
pkgsrc-2024Q1-base:1.5
pkgsrc-2023Q4:1.5.0.14
pkgsrc-2023Q4-base:1.5
pkgsrc-2023Q3:1.5.0.12
pkgsrc-2023Q3-base:1.5
pkgsrc-2023Q2:1.5.0.10
pkgsrc-2023Q2-base:1.5
pkgsrc-2023Q1:1.5.0.8
pkgsrc-2023Q1-base:1.5
pkgsrc-2022Q4:1.5.0.6
pkgsrc-2022Q4-base:1.5
pkgsrc-2022Q3:1.5.0.4
pkgsrc-2022Q3-base:1.5
pkgsrc-2022Q2:1.5.0.2
pkgsrc-2022Q2-base:1.5
pkgsrc-2022Q1:1.4.0.10
pkgsrc-2022Q1-base:1.4
pkgsrc-2021Q4:1.4.0.8
pkgsrc-2021Q4-base:1.4
pkgsrc-2021Q3:1.4.0.6
pkgsrc-2021Q3-base:1.4
pkgsrc-2021Q2:1.4.0.4
pkgsrc-2021Q2-base:1.4
pkgsrc-2021Q1:1.4.0.2
pkgsrc-2021Q1-base:1.4
pkgsrc-2020Q4:1.3.0.42
pkgsrc-2020Q4-base:1.3
pkgsrc-2020Q3:1.3.0.40
pkgsrc-2020Q3-base:1.3
pkgsrc-2020Q2:1.3.0.36
pkgsrc-2020Q2-base:1.3
pkgsrc-2020Q1:1.3.0.16
pkgsrc-2020Q1-base:1.3
pkgsrc-2019Q4:1.3.0.38
pkgsrc-2019Q4-base:1.3
pkgsrc-2019Q3:1.3.0.34
pkgsrc-2019Q3-base:1.3
pkgsrc-2019Q2:1.3.0.32
pkgsrc-2019Q2-base:1.3
pkgsrc-2019Q1:1.3.0.30
pkgsrc-2019Q1-base:1.3
pkgsrc-2018Q4:1.3.0.28
pkgsrc-2018Q4-base:1.3
pkgsrc-2018Q3:1.3.0.26
pkgsrc-2018Q3-base:1.3
pkgsrc-2018Q2:1.3.0.24
pkgsrc-2018Q2-base:1.3
pkgsrc-2018Q1:1.3.0.22
pkgsrc-2018Q1-base:1.3
pkgsrc-2017Q4:1.3.0.20
pkgsrc-2017Q4-base:1.3
pkgsrc-2017Q3:1.3.0.18
pkgsrc-2017Q3-base:1.3
pkgsrc-2017Q2:1.3.0.14
pkgsrc-2017Q2-base:1.3
pkgsrc-2017Q1:1.3.0.12
pkgsrc-2017Q1-base:1.3
pkgsrc-2016Q4:1.3.0.10
pkgsrc-2016Q4-base:1.3
pkgsrc-2016Q3:1.3.0.8
pkgsrc-2016Q3-base:1.3
pkgsrc-2016Q2:1.3.0.6
pkgsrc-2016Q2-base:1.3
pkgsrc-2016Q1:1.3.0.4
pkgsrc-2016Q1-base:1.3
pkgsrc-2015Q4:1.3.0.2
pkgsrc-2015Q4-base:1.3
pkgsrc-2013Q2:1.2.0.2
pkgsrc-2013Q2-base:1.2
pkgsrc-2013Q1:1.1.0.4
pkgsrc-2013Q1-base:1.1
pkgsrc-2012Q4:1.1.0.2;
locks; strict;
comment @# @;
1.6
date 2024.05.08.21.32.20; author khorben; state dead;
branches;
next 1.5;
commitid s6avpFPjuIYP2f9F;
1.5
date 2022.04.16.03.11.28; author khorben; state Exp;
branches
1.5.16.1;
next 1.4;
commitid YnlKa1hpkiM6anAD;
1.4
date 2021.02.21.22.22.22; author khorben; state Exp;
branches;
next 1.3;
commitid llap5vf1ixRV0DIC;
1.3
date 2015.11.29.11.25.53; author taca; state Exp;
branches;
next 1.2;
commitid 1Y74ed3ULhW5OYKy;
1.2
date 2013.04.02.16.00.11; author taca; state dead;
branches;
next 1.1;
1.1
date 2013.01.21.12.43.23; author taca; state Exp;
branches
1.1.2.1;
next ;
1.5.16.1
date 2024.06.07.13.52.43; author bsiegert; state dead;
branches;
next ;
commitid NKAXcmd6MwCPy3dF;
1.1.2.1
date 2013.01.21.12.43.23; author tron; state dead;
branches;
next 1.1.2.2;
1.1.2.2
date 2013.01.23.20.18.31; author tron; state Exp;
branches;
next ;
desc
@@
1.6
log
@phpldapadmin: update to version 1.2.6.7
This fixes an XSS vulnerability when importing using a file upload without a
valid LDIF.
Tested on NetBSD/amd64, Darwin/amd64.
@
text
@$NetBSD: patch-lib_functions.php,v 1.5 2022/04/16 03:11:28 khorben Exp $
Fix for PHP 5.5 and later:
https://bugzilla.redhat.com/show_bug.cgi?id=974928
--- lib/functions.php.orig 2022-04-15 22:45:43.000000000 +0000
+++ lib/functions.php
@@@@ -130,12 +130,13 @@@@ function app_error_handler($errno,$errst
debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
/**
- * error_reporting will be 0 if the error context occurred
- * within a function call with '@@' preprended (ie, @@ldap_bind() );
+ * error_reporting will be only the non-ignorable error number bits
+ * if the error context occurred within a function call with '@@'
+ * preprended (ie, @@ldap_bind() );
* So, don't report errors if the caller has specifically
* disabled them with '@@'
*/
- if (ini_get('error_reporting') == 0 || error_reporting() == 0)
+ if (!(ini_get('error_reporting') & error_reporting() & $errno))
return;
$file = basename($file);
@@@@ -928,7 +929,7 @@@@ function get_cached_item($index,$item,$s
*
* Returns true on success of false on failure.
*/
-function set_cached_item($index,$item,$subitem='null',$data) {
+function set_cached_item($index,$data,$item,$subitem='null') {
if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
@@@@ -2032,8 +2033,8 @@@@ function ldap_error_msg($msg,$errnum) {
*
* Usage Examples:
*
- * draw_jpeg_photo(0,'cn=Bob,ou=People,dc=example,dc=com',"jpegPhoto",0,true,array('img_opts'=>"border: 1px; width: 150px"));
- * draw_jpeg_photo(1,'cn=Fred,ou=People,dc=example,dc=com',null,1);
+ * draw_jpeg_photo(0,'cn=Bob,ou=People,dc=example,dc=com',0,"jpegPhoto",true,array('img_opts'=>"border: 1px; width: 150px"));
+ * draw_jpeg_photo(1,'cn=Fred,ou=People,dc=example,dc=com',1,null);
*
*
* @@param object The Server to get the image from.
@@@@ -2046,7 +2047,7 @@@@ function ldap_error_msg($msg,$errnum) {
* @@param array Specifies optional image and CSS style attributes for the table tag. Supported keys are
* fixed_width, fixed_height, img_opts.
*/
-function draw_jpeg_photo($server,$dn,$attr_name='jpegphoto',$index,$draw_delete_buttons=false,$options=array()) {
+function draw_jpeg_photo($server,$dn,$index,$attr_name='jpegphoto',$draw_delete_buttons=false,$options=array()) {
if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
@
1.5
log
@phpldapadmin: package version 1.2.6.3
This changes the upstream to leenooks/phpLDAPadmin on GitHub.
This also includes a patch from Debian at
https://packages.debian.org/source/sid/phpldapadmin
(phpldapadmin_1.2.6.3-0.2.debian.tar.xz) in order to support newer
versions of PHP. This package had become unusable with the version
of PHP shipped by pkgsrc by default (7.4 as of today).
Tested on NetBSD/amd64, Darwin/amd64.
@
text
@d1 1
a1 1
$NetBSD: patch-lib_functions.php,v 1.4 2021/02/21 22:22:22 khorben Exp $
@
1.5.16.1
log
@Pullup ticket #6857 - requested by taca
databases/phpldapadmin: security fix
Revisions pulled up:
- databases/phpldapadmin/Makefile 1.48
- databases/phpldapadmin/distinfo 1.21
- databases/phpldapadmin/patches/patch-htdocs_collapse.php deleted
- databases/phpldapadmin/patches/patch-htdocs_draw__tree__node.php deleted
- databases/phpldapadmin/patches/patch-htdocs_expand.php deleted
- databases/phpldapadmin/patches/patch-htdocs_refresh.php deleted
- databases/phpldapadmin/patches/patch-lib_Attribute.php deleted
- databases/phpldapadmin/patches/patch-lib_AttributeFactory.php deleted
- databases/phpldapadmin/patches/patch-lib_BinaryAttribute.php deleted
- databases/phpldapadmin/patches/patch-lib_DateAttribute.php deleted
- databases/phpldapadmin/patches/patch-lib_DnAttribute.php deleted
- databases/phpldapadmin/patches/patch-lib_GidAttribute.php deleted
- databases/phpldapadmin/patches/patch-lib_MultiLineAttribute.php deleted
- databases/phpldapadmin/patches/patch-lib_ObjectClassAttribute.php deleted
- databases/phpldapadmin/patches/patch-lib_PLAAttribute.php 1.2
- databases/phpldapadmin/patches/patch-lib_PageRender.php deleted
- databases/phpldapadmin/patches/patch-lib_PasswordAttribute.php deleted
- databases/phpldapadmin/patches/patch-lib_SelectionAttribute.php deleted
- databases/phpldapadmin/patches/patch-lib_ShadowAttribute.php deleted
- databases/phpldapadmin/patches/patch-lib_TemplateRender.php 1.3
- databases/phpldapadmin/patches/patch-lib_Tree.php deleted
- databases/phpldapadmin/patches/patch-lib_Visitor.php deleted
- databases/phpldapadmin/patches/patch-lib_common.php deleted
- databases/phpldapadmin/patches/patch-lib_ds__ldap.php deleted
- databases/phpldapadmin/patches/patch-lib_ds__ldap__pla.php deleted
- databases/phpldapadmin/patches/patch-lib_functions.php deleted
- databases/phpldapadmin/patches/patch-lib_page.php 1.1
- databases/phpldapadmin/patches/patch-lib_schema__functions.php 1.1
- databases/phpldapadmin/patches/patch-lib_xmlTemplates.php 1.2
---
Module Name: pkgsrc
Committed By: khorben
Date: Wed May 8 21:32:20 UTC 2024
Modified Files:
pkgsrc/databases/phpldapadmin: Makefile distinfo
pkgsrc/databases/phpldapadmin/patches: patch-lib_PLAAttribute.php
patch-lib_xmlTemplates.php
Added Files:
pkgsrc/databases/phpldapadmin/patches: patch-lib_TemplateRender.php
patch-lib_page.php patch-lib_schema__functions.php
Removed Files:
pkgsrc/databases/phpldapadmin/patches: patch-htdocs_collapse.php
patch-htdocs_draw__tree__node.php patch-htdocs_expand.php
patch-htdocs_refresh.php patch-lib_Attribute.php
patch-lib_AttributeFactory.php patch-lib_BinaryAttribute.php
patch-lib_DateAttribute.php patch-lib_DnAttribute.php
patch-lib_GidAttribute.php patch-lib_MultiLineAttribute.php
patch-lib_ObjectClassAttribute.php patch-lib_PageRender.php
patch-lib_PasswordAttribute.php patch-lib_SelectionAttribute.php
patch-lib_ShadowAttribute.php patch-lib_Tree.php
patch-lib_Visitor.php patch-lib_common.php patch-lib_ds__ldap.php
patch-lib_ds__ldap__pla.php patch-lib_functions.php
Log Message:
phpldapadmin: update to version 1.2.6.7
This fixes an XSS vulnerability when importing using a file upload without a
valid LDIF.
Tested on NetBSD/amd64, Darwin/amd64.
@
text
@d1 1
a1 1
$NetBSD: patch-lib_functions.php,v 1.5 2022/04/16 03:11:28 khorben Exp $
@
1.4
log
@phpldapadmin: import fixes for PHP > 5.5, 7.2, 7.3
With help from the patches available at
https://packages.debian.org/source/sid/phpldapadmin.
@
text
@d1 1
a1 1
$NetBSD: patch-lib_functions.php,v 1.3 2015/11/29 11:25:53 taca Exp $
d6 1
a6 1
--- lib/functions.php.orig 2012-10-01 06:54:14.000000000 +0000
d8 2
a9 12
@@@@ -51,7 +51,7 @@@@ if (file_exists(LIBDIR.'functions.custom
/**
* Loads class definition
*/
-function __autoload($className) {
+function pla_autoload($className) {
if (file_exists(HOOKSDIR."classes/$className.php"))
require_once(HOOKSDIR."classes/$className.php");
elseif (file_exists(LIBDIR."$className.php"))
@@@@ -66,6 +66,12 @@@@ function __autoload($className) {
'type'=>'error'));
}
d11 12
a22 11
+if (version_compare(phpversion(), '7.0', '>=')) {
+ spl_autoload_register('pla_autoload');
+} else {
+ eval('function __autoload($className) {pla_autoload($className);}');
+}
+
/**
* Strips all slashes from the specified array in place (pass by ref).
* @@param Array The array to strip slashes from, typically one of
@@@@ -994,6 +1000,22 @@@@ function get_custom_file($index,$filenam
}
d24 2
a25 18
/**
+ * Replacement for create_function() which is deprecated as of PHP 7.2
+ *
+ * @@param string The function arguments
+ * @@param string The function code
+ */
+function pla_create_function($args, $code) {
+ if (version_compare(phpversion(), '7.0', '>=')) {
+ # anonymous functions were introduced in PHP 5.3.0
+ return eval("return function(".$args."){".$code."};");
+ } else {
+ # create_function is deprecated in PHP 7.2
+ return create_function($args, $code);
+ }
+}
+
+/**
* Sort a multi dimensional array.
d27 6
a32 2
* @@param array Multi demension array passed by reference
@@@@ -1080,7 +1102,7 @@@@ function masort(&$data,$sortby,$rev=0) {
d34 14
a47 10
$code .= 'return $c;';
- $CACHE[$sortby] = create_function('$a, $b',$code);
+ $CACHE[$sortby] = pla_create_function('$a, $b',$code);
}
uasort($data,$CACHE[$sortby]);
@@@@ -2127,7 +2149,7 @@@@ function password_types() {
* crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear.
* @@return string The hashed password.
d49 2
a50 2
-function password_hash($password_clear,$enc_type) {
+function pla_password_hash($password_clear,$enc_type) {
a53 44
@@@@ -2318,7 +2340,7 @@@@ function password_check($cryptedpassword
# SHA crypted passwords
case 'sha':
- if (strcasecmp(password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
+ if (strcasecmp(pla_password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
return true;
else
return false;
@@@@ -2327,7 +2349,7 @@@@ function password_check($cryptedpassword
# MD5 crypted passwords
case 'md5':
- if( strcasecmp(password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
+ if( strcasecmp(pla_password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
return true;
else
return false;
@@@@ -2392,7 +2414,7 @@@@ function password_check($cryptedpassword
# SHA512 crypted passwords
case 'sha512':
- if (strcasecmp(password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
+ if (strcasecmp(pla_password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
return true;
else
return false;
@@@@ -2565,12 +2587,14 @@@@ function dn_unescape($dn) {
$a = array();
foreach ($dn as $key => $rdn)
- $a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn);
+ $a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
+ function ($matches) { return chr(hexdec($matches[1])); }, $rdn );
return $a;
} else {
- return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn);
+ return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
+ function ($matches) { return chr(hexdec($matches[1])); }, $dn);
}
}
@
1.3
log
@Allow work on PHP 5.5/5.6. Patch is based on patch
on https://bugzilla.redhat.com/show_bug.cgi?id=974928.
@
text
@d1 1
a1 1
$NetBSD$
d8 55
a62 1
@@@@ -2127,7 +2127,7 @@@@ function password_types() {
d71 1
a71 1
@@@@ -2318,7 +2318,7 @@@@ function password_check($cryptedpassword
d80 1
a80 1
@@@@ -2327,7 +2327,7 @@@@ function password_check($cryptedpassword
d89 10
a98 1
@@@@ -2565,12 +2565,14 @@@@ function dn_unescape($dn) {
@
1.2
log
@Update phpldapadmin to 1.2.3.
* There was a mistake in patches/patch-lib_functions.php, droping "ssha"
password type.
2012-10-01 Release 1.2.3 master RELEASE-1.2.3
2012-10-01 Update template to show multiselect values
2012-09-06 Language update from launchpad for 1.2.3 (also see #30)
2012-09-05 SF Bug #3531956 - Search / Show Attributes must be lowercase
2012-09-05 SF Bug #3518548 - Missing attributes on some custom forms
2012-09-05 SF Bug #3513210 - Export to VCARD only exports the last entry in the list
2012-09-05 SF Bug #3510648 - Cannot copy between servers
2012-09-05 SF Bug #3510114 - Unable to check passwords when samba hashes are in lowercase
2012-09-05 SF Bug #3452416 - templates non-functional
2012-09-05 SF Bug #3427748 - value id is ignored in select attribute
2012-09-04 SF Bug #3448530 - Treat krbExtraData and krbPrincipalKe as binary
2012-09-02 SF Bug #3497660 - XSS flaws via 'export', 'add_value_form' and 'dn' variables
2012-09-02 SF Bug #3426575 - clicking 'logout' does not unset _SESSION['ACTIVITY']
2012-09-01 SF Feature #3555472 - User-friendly items in entry chooser window.
2012-09-01 SF Feature #3509651 - Add support for SHA512 with OpenLDAP
2012-08-29 SF Patch #3469148 - Display mass edit actions as buttons
2012-01-24 SF Bug #3477910 - XSS vulnerability in query
@
text
@d1 1
a1 1
$NetBSD: patch-lib_functions.php,v 1.1 2013/01/21 12:43:23 taca Exp $
d3 2
a4 2
* Add support for SHA512 with OpenLDAP from repository,
21959715c3d6f204dd6c35b2e313eb2d4a01d22a.
d6 1
a6 1
--- lib/functions.php.orig 2011-10-27 02:07:09.000000000 +0000
d8 2
a9 30
@@@@ -1471,10 +1471,10 @@@@ function get_next_number($base,$attr,$in
for ($i=0;$i $num+1)
- return $autonum[$i] >= $num ? $num+1 : $num;
+ /* If we're at the end of the list, or we've found a gap between this number and the
+ following, use the next available number in the gap. */
+ if ($i+1 == count($autonum) || $autonum[$i+1] > $num+1)
+ return $autonum[$i] >= $num ? $num+1 : $num;
}
# If we didnt find a suitable gap and are all above the minNumber, we'll just return the $minNumber
@@@@ -2114,7 +2114,7 @@@@ function password_types() {
'md5crypt'=>'md5crypt',
'sha'=>'sha',
'smd5'=>'smd5',
- 'ssha'=>'ssha'
+ 'ssh512'=>'ssh512'
);
}
@@@@ -2123,7 +2123,7 @@@@ function password_types() {
*
* @@param string The password to hash in clear text.
* @@param string Standard LDAP encryption type which must be one of
- * crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, or clear.
+ * crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear.
d12 39
a50 4
function password_hash($password_clear,$enc_type) {
@@@@ -2216,6 +2216,16 @@@@ function password_hash($password_clear,$
break;
a51 38
+ case 'sha512':
+ if (function_exists('openssl_digest') && function_exists('base64_encode')) {
+ $new_value = sprintf('{SHA512}%s', base64_encode(openssl_digest($password_clear, 'sha512', true)));
+
+ } else {
+ error(_('Your PHP install doest not have the openssl_digest() or base64_encode() function. Cannot do SHA512 hashes. '),'error','index.php');
+ }
+
+ break;
+
case 'clear':
default:
$new_value = $password_clear;
@@@@ -2379,6 +2389,15 @@@@ function password_check($cryptedpassword
break;
+ # SHA512 crypted passwords
+ case 'sha512':
+ if (strcasecmp(password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
+ return true;
+ else
+ return false;
+
+ break;
+
# No crypt is given assume plaintext passwords are used
default:
if ($plainpassword == $cryptedpassword)
@@@@ -2782,7 +2801,7 @@@@ function draw_formatted_dn($server,$entr
$formats = $_SESSION[APPCONFIG]->getValue('appearance','tree_display_format');
- foreach ($formats as $format) {
+ foreach ($formats as $format) {
$has_none = false;
preg_match_all('/%[a-zA-Z_0-9]+/',$format,$tokens);
$tokens = $tokens[0];
@
1.1
log
@Add some patches from development repository.
* Add fix for CVE-2012-1114/CVE-2012-1115 from repository.
* Unset $_SESSION['ACTIVITY'] on logout from repository.
* Fix XSS in query from repository.
* Add support for SHA512 with OpenLDAP from repository.
Bump PKGREVISION.
@
text
@d1 1
a1 1
$NetBSD$
@
1.1.2.1
log
@file patch-lib_functions.php was added on branch pkgsrc-2012Q4 on 2013-01-23 20:18:31 +0000
@
text
@d1 82
@
1.1.2.2
log
@Pullup ticket #4033 - requested by taca
pkgsrc/databases/phpldapadmin: security patch
Revisions pulled up:
- databases/phpldapadmin/Makefile 1.34
- databases/phpldapadmin/distinfo 1.12-1.13
- databases/phpldapadmin/patches/patch-htdocs_add__value__form.php 1.1
- databases/phpldapadmin/patches/patch-htdocs_export.php 1.1
- databases/phpldapadmin/patches/patch-htdocs_logout.php 1.1
- databases/phpldapadmin/patches/patch-lib_QueryRender.php 1.1-1.2
- databases/phpldapadmin/patches/patch-lib_export__functions.php 1.1
- databases/phpldapadmin/patches/patch-lib_functions.php 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Jan 21 12:43:23 UTC 2013
Modified Files:
pkgsrc/databases/phpldapadmin: Makefile distinfo
Added Files:
pkgsrc/databases/phpldapadmin/patches:
patch-htdocs_add__value__form.php patch-htdocs_export.php
patch-htdocs_logout.php patch-lib_QueryRender.php
patch-lib_export__functions.php patch-lib_functions.php
Log Message:
Add some patches from development repository.
* Add fix for CVE-2012-1114/CVE-2012-1115 from repository.
* Unset $_SESSION['ACTIVITY'] on logout from repository.
* Fix XSS in query from repository.
* Add support for SHA512 with OpenLDAP from repository.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: obache
Date: Tue Jan 22 11:49:33 UTC 2013
Modified Files:
pkgsrc/databases/phpldapadmin: distinfo
pkgsrc/databases/phpldapadmin/patches: patch-lib_QueryRender.php
Log Message:
Note CVE-2012-0834
@
text
@a0 82
$NetBSD$
* Add support for SHA512 with OpenLDAP from repository,
21959715c3d6f204dd6c35b2e313eb2d4a01d22a.
--- lib/functions.php.orig 2011-10-27 02:07:09.000000000 +0000
+++ lib/functions.php
@@@@ -1471,10 +1471,10 @@@@ function get_next_number($base,$attr,$in
for ($i=0;$i $num+1)
- return $autonum[$i] >= $num ? $num+1 : $num;
+ /* If we're at the end of the list, or we've found a gap between this number and the
+ following, use the next available number in the gap. */
+ if ($i+1 == count($autonum) || $autonum[$i+1] > $num+1)
+ return $autonum[$i] >= $num ? $num+1 : $num;
}
# If we didnt find a suitable gap and are all above the minNumber, we'll just return the $minNumber
@@@@ -2114,7 +2114,7 @@@@ function password_types() {
'md5crypt'=>'md5crypt',
'sha'=>'sha',
'smd5'=>'smd5',
- 'ssha'=>'ssha'
+ 'ssh512'=>'ssh512'
);
}
@@@@ -2123,7 +2123,7 @@@@ function password_types() {
*
* @@param string The password to hash in clear text.
* @@param string Standard LDAP encryption type which must be one of
- * crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, or clear.
+ * crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear.
* @@return string The hashed password.
*/
function password_hash($password_clear,$enc_type) {
@@@@ -2216,6 +2216,16 @@@@ function password_hash($password_clear,$
break;
+ case 'sha512':
+ if (function_exists('openssl_digest') && function_exists('base64_encode')) {
+ $new_value = sprintf('{SHA512}%s', base64_encode(openssl_digest($password_clear, 'sha512', true)));
+
+ } else {
+ error(_('Your PHP install doest not have the openssl_digest() or base64_encode() function. Cannot do SHA512 hashes. '),'error','index.php');
+ }
+
+ break;
+
case 'clear':
default:
$new_value = $password_clear;
@@@@ -2379,6 +2389,15 @@@@ function password_check($cryptedpassword
break;
+ # SHA512 crypted passwords
+ case 'sha512':
+ if (strcasecmp(password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
+ return true;
+ else
+ return false;
+
+ break;
+
# No crypt is given assume plaintext passwords are used
default:
if ($plainpassword == $cryptedpassword)
@@@@ -2782,7 +2801,7 @@@@ function draw_formatted_dn($server,$entr
$formats = $_SESSION[APPCONFIG]->getValue('appearance','tree_display_format');
- foreach ($formats as $format) {
+ foreach ($formats as $format) {
$has_none = false;
preg_match_all('/%[a-zA-Z_0-9]+/',$format,$tokens);
$tokens = $tokens[0];
@