[sork] Re[5]: [dev] commit please
Anton Nekhoroshikh
anton at valuehost.ru
Fri Dec 6 22:36:40 2002
Hi, Eric !
ER> Quoting Anton Nekhoroshikh <anton@valuehost.ru>:
>> cvs diff Driver.php (in directory C:\projects\valuehost\horde\passwd\lib\)
>> Index: Driver.php
>> ===================================================================
>> RCS file: /repository/passwd/lib/Driver.php,v
>> retrieving revision 1.7
>> diff -r1.7 Driver.php
>> 100d99
>> < $encrypted = substr($encrypted, 7);
>> 101a101,103
>> > if(preg_match('/^\$1\$(.*)\$(.*)/',$encrypted,$match)){
>> > $salt='$1$'.$match[1].'$';
>> > }
ER> Looks like the idea is to be able to support variable length salts, while
ER> the current code only supports 2-byte salts? Is this the intent?
On mine without problems to organize in crypt:
CRYPT_STD_DES
CRYPT_EXT_DES
CRYPT_MD5
CRYPT_BLOWFISH
for example:
===================================================================
case 'crypt':
$salt = substr($encrypted , 0, 2); // default method CRYPT_STD_DES
if(preg_match('/^\$1\$(.*)\$(.*)/',$encrypted,$match)){ // if CRYPT_MD5
$salt='$1$'.$match[1].'$';
}
if(preg_match('/^\$2\$(.*)\$(.*)/',$encrypted,$match)){ // if CRYPT_BLOWFISH
$salt='$2$'.$match[1].'$';
}
if (
($encrypted == crypt($plaintext, $salt) // for previos salt
||($encrypted == crypt($plaintext, substr($encrypted , 0, 9) )) { // for CRYPT_EXT_DES
return true;
}
break;
===================================================================
ER> I'm posting this to the mailing list for open comments. Anyone using this
ER> stuff please let me know what you think.
--
Anton mailto:anton@valuehost.ru
More information about the sork
mailing list