[sork] Re[5]: [dev] commit please

Anton Nekhoroshikh anton at valuehost.ru
Fri Dec 6 22:36:40 2002


Hi, Eric !

ER> Quoting Anton Nekhoroshikh <anton@valuehost.ru>:

>> cvs diff Driver.php (in directory C:\projects\valuehost\horde\passwd\lib\)
>> Index: Driver.php
>> ===================================================================
>> RCS file: /repository/passwd/lib/Driver.php,v
>> retrieving revision 1.7
>> diff -r1.7 Driver.php
>> 100d99
>> <                 $encrypted = substr($encrypted, 7);
>> 101a101,103
>> >               if(preg_match('/^\$1\$(.*)\$(.*)/',$encrypted,$match)){
>> >                $salt='$1$'.$match[1].'$';
>> >               }
 
ER> Looks like the idea is to be able to support variable length salts, while
ER> the current code only supports 2-byte salts?  Is this the intent?

On mine without problems to organize in crypt:
CRYPT_STD_DES
CRYPT_EXT_DES
CRYPT_MD5
CRYPT_BLOWFISH

for example:

===================================================================
case 'crypt':
  $salt = substr($encrypted , 0, 2); // default method CRYPT_STD_DES
  if(preg_match('/^\$1\$(.*)\$(.*)/',$encrypted,$match)){ // if CRYPT_MD5
    $salt='$1$'.$match[1].'$';
  }
  if(preg_match('/^\$2\$(.*)\$(.*)/',$encrypted,$match)){ // if CRYPT_BLOWFISH
    $salt='$2$'.$match[1].'$';
  }
  if (
      ($encrypted == crypt($plaintext, $salt)  // for previos salt
      ||($encrypted == crypt($plaintext, substr($encrypted , 0, 9) )) {  // for CRYPT_EXT_DES
   return true;
  }
  break;
===================================================================

ER> I'm posting this to the mailing list for open comments.  Anyone using this
ER> stuff please let me know what you think.




-- 
 Anton                          mailto:anton@valuehost.ru



More information about the sork mailing list