From: Armand A. V. <ar...@us...> - 2001-07-19 20:51:55
|
Update of /cvsroot/ispman/ispman-utils/lib/ISPMan In directory usw-pr-cvs1:/tmp/cvs-serv4296 Modified Files: UserMan.pm Log Message: Last one, I think I now have moved all instances of password manipulation to use encryptPassWithMethod. Cyrus, Proftpd, and mod_ldap.c as found in this cvs all deal with this fine. Be sure though to have Digest::MD5 and Digest::SHA1 if you decide to use the md5 or sha algorithms to store passwords. If you stick with either crypt or clear you don't need any extra software present. Be aware that crypt may have incompatibilities across platforms that can cause you headaches (able to login on machine X, but not on machine Y...) md5 and sha don't have this problem. Index: UserMan.pm =================================================================== RCS file: /cvsroot/ispman/ispman-utils/lib/ISPMan/UserMan.pm,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -r1.6 -r1.7 *** UserMan.pm 2001/05/20 18:21:28 1.6 --- UserMan.pm 2001/07/19 20:51:52 1.7 *************** *** 77,84 **** # lets crypt the pass ! my $userpassword=$r->param("userpassword"); ! if ($userpassword!~ /^\{crypt\}/) { ! $userpassword='{crypt}' . crypt($userpassword, join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]); ! } $r->param("userpassword", $userpassword); --- 77,81 ---- # lets crypt the pass ! my $userpassword=$self->encryptPassWithMethod($r->param("userpassword"),$self->getConf('userPassHashMethod')); $r->param("userpassword", $userpassword); *************** *** 188,195 **** my $r=shift; my $dn=$r->param("dn"); ! my $userpassword=$r->param("userpassword"); ! if ($userpassword!~ /^\{crypt\}/) { ! $userpassword='{crypt}' . crypt($userpassword, join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]); ! } $r->param("userpassword", $userpassword); --- 185,189 ---- my $r=shift; my $dn=$r->param("dn"); ! my $userpassword=$self->encryptPassWithMethod($r->param("userpassword"),$self->getConf('userPassHashMethod')); $r->param("userpassword", $userpassword); |