-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
e2e1146
commit a100c7e
Showing
1 changed file
with
61 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
<?php | ||
|
||
// .htpasswd file functions | ||
// Copyright (C) 2004-2006 Jarno Elonen <[email protected]> | ||
// Copyright (C) 2004,2005 Jarno Elonen <[email protected]> | ||
// | ||
// Redistribution and use in source and binary forms, with or without modification, | ||
// are permitted provided that the following conditions are met: | ||
|
@@ -34,6 +34,11 @@ | |
// | ||
// $pass_array[$new_user] = rand_salt_crypt($new_pass); | ||
// save_htpasswd($pass_array); | ||
// | ||
// $pass_array[$new_user2] = rand_salt_sha1($new_pass2); | ||
// save_htpasswd($pass_array); | ||
// | ||
// Thanks to Jonas Wagner for SHA1 support. | ||
|
||
define("HTPASSWDFILE", ".htpasswd"); | ||
|
||
|
@@ -56,9 +61,12 @@ function load_htpasswd() | |
} | ||
|
||
// Saves the array given by load_htpasswd | ||
// Returns true on success, false on failure | ||
function save_htpasswd( $pass_array ) | ||
{ | ||
ignore_user_abort(true); | ||
$result = true; | ||
|
||
ignore_user_abort(true); | ||
$fp = fopen(HTPASSWDFILE, "w+"); | ||
if (flock($fp, LOCK_EX)) | ||
{ | ||
|
@@ -68,29 +76,74 @@ function save_htpasswd( $pass_array ) | |
} | ||
else | ||
{ | ||
print "<strong>ERROR! Could not save (lock) .htpasswd!</strong><br>"; | ||
trigger_error("Could not save (lock) .htpasswd", E_USER_WARNING); | ||
$result = false; | ||
} | ||
fclose($fp); | ||
ignore_user_abort(false); | ||
return $result; | ||
} | ||
|
||
// Generates a htpasswd compatible crypted password string. | ||
function rand_salt_crypt( $pass ) | ||
{ | ||
// Randomize a 2-letter crypt() salt: | ||
$cset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./"; | ||
$salt = substr($cset, time() & 63, 1) . | ||
substr($cset, time()/64 & 63, 1); | ||
$salt = ""; | ||
mt_srand((double)microtime()*1000000); | ||
for ($i=0; $i<CRYPT_SALT_LENGTH; $i++) | ||
$salt .= substr("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./", mt_rand() & 63, 1); | ||
return crypt($pass, $salt); | ||
} | ||
|
||
// Generates a htpasswd compatible sha1 password hash | ||
function rand_salt_sha1( $pass ) | ||
{ | ||
mt_srand((double)microtime()*1000000); | ||
$salt = pack("CCCC", mt_rand(), mt_rand(), mt_rand(), mt_rand()); | ||
return "{SSHA}" . base64_encode(pack("H*", sha1($pass . $salt)) . $salt); | ||
} | ||
|
||
// Generate a SHA1 password hash *without* salt | ||
function non_salted_sha1( $pass ) | ||
{ | ||
return "{SHA}" . base64_encode(pack("H*", sha1($pass))); | ||
} | ||
|
||
// Returns true if the user exists and the password matches, false otherwise | ||
function test_htpasswd( $pass_array, $user, $pass ) | ||
{ | ||
if ( !isset($pass_array[$user])) | ||
return False; | ||
$crypted = $pass_array[$user]; | ||
return crypt( $pass, substr($crypted,0,2) ) == $crypted; | ||
|
||
// Determine the password type | ||
// TODO: Support for MD5 Passwords | ||
if ( substr($crypted, 0, 6) == "{SSHA}" ) | ||
{ | ||
$ohash = base64_decode(substr($crypted, 6)); | ||
return substr($ohash, 0, 20) == pack("H*", sha1($pass . substr($ohash, 20))); | ||
} | ||
else if ( substr($crypted, 0, 5) == "{SHA}" ) | ||
return (non_salted_sha1($pass) == $crypted); | ||
else | ||
return crypt( $pass, substr($crypted,0,CRYPT_SALT_LENGTH) ) == $crypted; | ||
} | ||
|
||
// Internal test | ||
function internal_unit_test() | ||
{ | ||
$pwds = Array( "Test" => rand_salt_crypt("testSecret!"), | ||
"fish" => rand_salt_crypt("sest Ticret"), | ||
"Generated" => "/uieo1ANOvsdA", | ||
"Generated2" => "Q3cbHUBgm7aYk"); | ||
|
||
assert( test_htpasswd( $pwds, "Test", "testSecret!" )); | ||
assert( !test_htpasswd( $pwds, "Test", "wrong pass" )); | ||
assert( test_htpasswd( $pwds, "fish", "sest Ticret" )); | ||
assert( !test_htpasswd( $pwds, "fish", "wrong pass" )); | ||
assert( test_htpasswd( $pwds, "Generated", "withHtppasswdCmd" )); | ||
assert( !test_htpasswd( $pwds, "Generated", "" )); | ||
assert( test_htpasswd( $pwds, "Generated2", "" )); | ||
assert( !test_htpasswd( $pwds, "Generated2", "this is wrong too" )); | ||
} | ||
|
||
?> |