From 777486d74cd0fe6a8aae9e64373a2e2e46ec1d9b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 6 Oct 2017 13:13:51 +0200 Subject: [PATCH] Keep usage of function dol_hash to encrypt a non encrypted data --- htdocs/adherents/class/adherent.class.php | 4 +++- htdocs/core/lib/security.lib.php | 1 - 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 40fa2da6088..d5fed99701e 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -2028,7 +2028,9 @@ class Adherent extends CommonObject if (empty($conf->global->MAIN_SECURITY_HASH_ALGO)) { if ($this->pass_indatabase_crypted && ! empty($conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED)) { - $info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass_indatabase_crypted, 5); // Create OpenLDAP MD5 password from Dolibarr MD5 password + // Create OpenLDAP MD5 password from Dolibarr MD5 password + // Note: This suppose that "pass_indatabase_crypted" is a md5 (guaranted by the previous test if "(empty($conf->global->MAIN_SECURITY_HASH_ALGO))" + $info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED] = '{md5}'.base64_encode(hex2bin($this->pass_indatabase_crypted)); } } } diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 6f5cc75c39b..11232f37ea7 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -88,7 +88,6 @@ function dol_hash($chain,$type=0) else if ($type == 2) return sha1(md5($chain)); else if ($type == 3) return md5($chain); else if ($type == 4) return '{md5}'.base64_encode(mhash(MHASH_MD5,$chain)); // For OpenLdap with md5 (based on an unencrypted password in base) - else if ($type == 5) return '{md5}'.base64_encode(hex2bin($chain)); // For OpenLdap with md5 (based on a md5 encrypted password in base) else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1') return sha1($chain); else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1md5') return sha1(md5($chain));