1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
<?php
/**
* Copyright 2000-2017 Horde LLC (http://www.horde.org/)
*
* See the enclosed file COPYING for license information (GPL). If you
* did not receive this file, see http://www.horde.org/licenses/gpl.
*
* @category Horde
* @copyright 2002-2017 Horde LLC
* @license http://www.horde.org/licenses/gpl GPL
* @package Passwd
*/
/**
* The API for implementing password change systems for Passwd.
*
* @author Mike Cochrane <mike@graftonhall.co.nz>
* @author Eric Rostetter <eric.rostetter@physics.utexas.edu>
* @category Horde
* @copyright 2002-2017 Horde LLC
* @license http://www.horde.org/licenses/gpl GPL
* @package Passwd
*/
abstract class Passwd_Driver
{
/**
* Hash containing configuration parameters.
*
* @var array
*/
protected $_params = array();
/**
* Constructor.
*
* @param $params A hash containing connection parameters.
*/
public function __construct(array $params = array())
{
$this->_params = $params;
}
/**
* Compares a plaintext password with an encrypted password.
*
* @param string $encrypted An encrypted password.
* @param string $plaintext An unencrypted password.
*
* @throws Passwd_Exception if passwords don't match.
*/
protected function _comparePasswords($encrypted, $plaintext)
{
if (preg_match('/^{([^}]+)}(.*)/', $encrypted, $match)) {
$encryption = Horde_String::lower($match[1]);
if (!$this->_params['show_encryption']) {
$encrypted = $match[2];
}
} else {
$encryption = $this->_params['encryption'];
}
$hashed = Horde_Auth::getCryptedPassword(
$plaintext,
$encrypted,
$encryption,
$this->_params['show_encryption']
);
if ($this->_params['show_encryption']) {
/* Convert the hashing algorithm in both strings to uppercase. */
$encrypted = preg_replace('/^({.*?})/e', "Horde_String::upper('\\1')", $encrypted);
$hashed = preg_replace('/^({.*?})/e', "Horde_String::upper('\\1')", $hashed);
}
if ($encrypted != $hashed) {
throw new Passwd_Exception(_("Incorrect old password."));
}
}
/**
* Encrypts a password.
*
* @param string $plaintext A plaintext password.
*
* @return string The encrypted password.
*/
protected function _encryptPassword($plaintext)
{
return Horde_Auth::getCryptedPassword(
$plaintext,
'',
$this->_params['encryption'],
$this->_params['show_encryption']
);
}
/**
* Changes the user's password.
*
* @param string $user The user for which to change the password.
* @param string $oldpass The old (current) user password.
* @param string $newpass The new user password to set.
*
* @throws Passwd_Exception
*/
public function changePassword($user, $oldpass, $newpass)
{
try {
$user = Horde::callHook('username', array($user, $this), 'passwd');
} catch (Horde_Exception_HookNotSet $e) {}
$this->_changePassword($user, $oldpass, $newpass);
}
/**
* Changes the user's password.
*
* @param string $user The user for which to change the password
* (converted to backend username).
* @param string $oldpass The old (current) user password.
* @param string $newpass The new user password to set.
*
* @throws Passwd_Exception
*/
abstract protected function _changePassword($user, $oldpass, $newpass);
}
|
