[sork] patch for passwd/lib/Driver.php

Fri Sep 26 13:26:27 PDT 2003

When the $show_encryption parameter was added so that the administrator could
decided whether to include the encryption type or not, it was added to the end
of the string instead of the beginning (LDAP won't work like that).  This patch
changes it so that the encryption type is put first, then the encrypted
password.

Amith
-------------- next part --------------
Index: lib/Driver.php
===================================================================
RCS file: /repository/passwd/lib/Driver.php,v
retrieving revision 1.31
diff -u -r1.31 Driver.php

--- lib/Driver.php	5 Sep 2003 11:07:17 -0000	1.31
+++ lib/Driver.php	26 Sep 2003 20:33:49 -0000
@@ -171,35 +171,35 @@
             case 'crypt-des':
                 $salt = substr(md5(mt_rand()), 0, 2);
                 $new_password = crypt($new_password, $salt);
-                $new_password .= ($show_encryption ? '{crypt}' : '');
+                $new_password = ($show_encryption ? '{crypt}' : '') . $new_password;
                 break;
             case 'crypt-md5':
                 $salt = '$1$' . substr(md5(mt_rand()), 0, 8) . '$';
                 $new_password = crypt($new_password, $salt);
-                $new_password .= ($show_encryption ? '{crypt}' : '');
+                $new_password = ($show_encryption ? '{crypt}' : '') . $new_password;
                 break;
             case 'crypt-blowfish':
                 $salt = '$2$' . substr(md5(mt_rand()), 0, 12) . '$';
                 $new_password = crypt($new_password, $salt);
-                $new_password .= ($show_encryption ? '{crypt}' : '');
+                $new_password = ($show_encryption ? '{crypt}' : '') . $new_password;
                 break;
             case 'sha':
                 $new_password = base64_encode(mHash(MHASH_SHA1, $new_password));
-                $new_password .= ($show_encryption ? '{SHA}' : '');
+                $new_password = ($show_encryption ? '{SHA}' : '') . $new_password;
                 break;
             case 'md5-base64':
                 $new_password = base64_encode(mHash(MHASH_MD5, $new_password));
-                $new_password .= ($show_encryption ? '{MD5}' : '');
+                $new_password = ($show_encryption ? '{MD5}' : '') . $new_password;
                 break;
             case 'ssha':
                 $salt = mhash_keygen_s2k(MHASH_SHA1, $new_password, substr(pack("h*", md5(mt_rand())), 0, 8), 4);
                 $new_password = base64_encode(mHash(MHASH_SHA1, $new_password . $salt) . $salt);
-                $new_password .= ($show_encryption ? '{SSHA}' : '');
+                $new_password = ($show_encryption ? '{SSHA}' : '') . $new_password;
                 break;
             case 'smd5':
                 $salt = mhash_keygen_s2k(MHASH_MD5, $new_password, substr(pack("h*", md5(mt_rand())), 0, 8), 4);
                 $new_password = base64_encode(mHash(MHASH_SMD5, $new_password . $salt) . $salt);
-                $new_password .= ($show_encryption ? '{SMD5}' : '');
+                $new_password = ($show_encryption ? '{SMD5}' : '') . $new_password;
                 break;
             default:
                 return PEAR::raiseError(_("Password module is not properly configured."));
