mirror of
https://github.com/alextselegidis/easyappointments.git
synced 2024-12-28 17:42:27 +03:00
Set protocol configuration before creating a new LDAP binding
This commit is contained in:
parent
08f8315313
commit
3a488c2238
1 changed files with 1 additions and 29 deletions
|
@ -38,34 +38,6 @@ class Ldap_client
|
|||
$this->CI->load->library('accounts');
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate the provided password with an LDAP hashed password.
|
||||
*
|
||||
* @param string $password
|
||||
* @param string $hashed_password
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function validate_password(string $password, string $hashed_password): bool
|
||||
{
|
||||
if (empty($hashed_password) || ($hashed_password[0] !== '{' && $password === $hashed_password)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (str_starts_with($hashed_password, '{MD5}')) {
|
||||
$encrypted_password = '{MD5}' . base64_encode(md5($password, true));
|
||||
} elseif (str_starts_with($hashed_password, '{SHA1}')) {
|
||||
$encrypted_password = '{SHA}' . base64_encode(sha1($password, true));
|
||||
} elseif (str_starts_with($hashed_password, '{SSHA}')) {
|
||||
$salt = substr(base64_decode(substr($hashed_password, 6)), 20);
|
||||
$encrypted_password = '{SSHA}' . base64_encode(sha1($password . $salt, true) . $salt);
|
||||
} else {
|
||||
throw new RuntimeException('Unsupported password hash format');
|
||||
}
|
||||
|
||||
return $hashed_password === $encrypted_password;
|
||||
}
|
||||
|
||||
/**
|
||||
* Try authenticating the user with LDAP
|
||||
*
|
||||
|
@ -106,7 +78,7 @@ class Ldap_client
|
|||
$ldap_port = (int) setting('ldap_port');
|
||||
|
||||
$connection = @ldap_connect($ldap_host, $ldap_port);
|
||||
|
||||
@ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
$user_bind = @ldap_bind($connection, $user['ldap_dn'], $password);
|
||||
|
||||
if ($user_bind) {
|
||||
|
|
Loading…
Reference in a new issue