robin.thoni
/
docker-pdns-server
Слідкувати 1
В обрані 0
Форк 0
Код Проблеми 4 Запити на злиття 0 Релізи 8 Вікі Активність
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
27 Коміти
2 Гілки
Дерево: 22b2ff372f
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з '22b2ff372f'
${ noResults }
docker-pdns-server/poweradmin/poweradmin-2.1.8/vendor/poweradmin/Password.php

Password.php 4.5KB
Історія Неформатований

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154 
  1. <?php

  2. /*  Poweradmin, a friendly web-based admin tool for PowerDNS.

  3.  *  See <http://www.poweradmin.org> for more details.

  4.  *

  5.  *  Copyright 2007-2009  Rejo Zenger <rejo@zenger.nl>

  6.  *  Copyright 2010-2016  Poweradmin Development Team

  7.  *      <http://www.poweradmin.org/credits.html>

  8.  *

  9.  *  This program is free software: you can redistribute it and/or modify

  10.  *  it under the terms of the GNU General Public License as published by

  11.  *  the Free Software Foundation, either version 3 of the License, or

  12.  *  (at your option) any later version.

  13.  *

  14.  *  This program is distributed in the hope that it will be useful,

  15.  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

  16.  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  17.  *  GNU General Public License for more details.

  18.  *

  19.  *  You should have received a copy of the GNU General Public License

  20.  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.

  21.  */

  22. 

  23. /**

  24.  *  Password functions

  25.  *

  26.  * @package     Poweradmin

  27.  * @copyright   2007-2010 Rejo Zenger <rejo@zenger.nl>

  28.  * @copyright   2010-2016 Poweradmin Development Team

  29.  * @license     http://opensource.org/licenses/GPL-3.0 GPL

  30.  */

  31. 

  32. namespace Poweradmin;

  33. 

  34. class Password {

  35. 

  36.     /**

  37.      * Generate random salt for encryption

  38.      *

  39.      * @param int $len salt length (default=5)

  40.      *

  41.      * @return string salt string

  42.      */

  43.     public static function salt($len = 5) {

  44.         $valid_characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890@#$%^*()_-!';

  45.         $valid_len = strlen($valid_characters) - 1;

  46.         $salt = '';

  47. 

  48.         for ($i = 0; $i < $len; $i++) {

  49.             $salt .= $valid_characters[mt_rand(0, $valid_len)];

  50.         }

  51. 

  52.         return $salt;

  53.     }

  54. 

  55.     public static function hash($password) {

  56.         global $password_encryption, $password_encryption_cost;

  57. 

  58.         if ($password_encryption === 'md5salt') {

  59.             return self::gen_mix_salt($password);

  60.         } elseif ($password_encryption === 'bcrypt') {

  61.             return password_hash($password, PASSWORD_BCRYPT, array('cost' => $password_encryption_cost));

  62.         } else {

  63.             return md5($password);

  64.         }

  65.     }

  66. 

  67.     public static function verify($password, $hash) {

  68.         global $password_encryption;

  69. 

  70.         if ($password_encryption === 'md5salt') {

  71.             return self::_strsafecmp(self::mix_salt(self::extract_salt($hash), $password), $hash);

  72.         } elseif ($password_encryption === 'bcrypt') {

  73.             return password_verify($password, $hash);

  74.         } else {

  75.             return self::_strsafecmp(md5($password), $hash);

  76.         }

  77.     }

  78. 

  79.     public static function needs_rehash($hash) {

  80.         // @todo

  81.     }

  82. 

  83.     /**

  84.      * Generate random salt and salted password

  85.      *

  86.      * @param string $pass password

  87.      *

  88.      * @return string salted password

  89.      */

  90.     private static function gen_mix_salt($pass) {

  91.         $salt = self::salt();

  92.         return self::mix_salt($salt, $pass);

  93.     }

  94. 

  95.     /**

  96.      * Generate salted password

  97.      *

  98.      * @param string $salt salt

  99.      * @param string $pass password

  100.      *

  101.      * @return string salted password

  102.      */

  103.     private static function mix_salt($salt, $pass) {

  104.         return md5($salt . $pass) . ':' . $salt;

  105.     }

  106. 

  107.     /**

  108.      * Extract salt from password

  109.      *

  110.      * @param string $password salted password

  111.      *

  112.      * @return string salt

  113.      */

  114.     private static function extract_salt($password) {

  115.         return substr(strstr($password, ':'), 1);

  116.     }

  117. 

  118.     /**

  119.      * Count the number of bytes in a string

  120.      * @see https://github.com/ircmaxell/password_compat

  121.      *

  122.      * @param string $binary_string The input string

  123.      *

  124.      * @return int The number of bytes

  125.      */

  126.     private static function _strlen($binary_string) {

  127.         if (function_exists('mb_strlen')) {

  128.             return mb_strlen($binary_string, '8bit');

  129.         }

  130.         return strlen($binary_string);

  131.     }

  132. 

  133.     /**

  134.      *

  135.      * @see https://github.com/ircmaxell/password_compat

  136.      *

  137.      * @param string $str1 The first string

  138.      * @param string $str2 The second string

  139.      *

  140.      * @return bool true if they are equal, otherwise - false

  141.      */

  142.     private static function _strsafecmp($str1, $str2) {

  143.         if (!is_string($str1) || !is_string($str2) || self::_strlen($str1) !== self::_strlen($str2)) {

  144.             return false;

  145.         }

  146. 

  147.         $status = 0;

  148.         for ($i = 0; $i < self::_strlen($str1); $i++) {

  149.             $status |= (ord($str1[$i]) ^ ord($str2[$i]));

  150.         }

  151. 

  152.         return $status === 0;

  153.     }

  154. }