Proposal to support new types of password encryption
Please add here why you believe this is needed and for which setups so we can gauge the perceived benefit benefit of this feature.
class LdapEntryProvisionSubscriber implements EventSubscriberInterface, LdapUserAttributesInterface {
....
private function fetchDrupalAccountAttribute(string $token): void {
// Trailing period to allow for empty value.
[
$attribute_type,
$attribute_name,
$attribute_conversion,
<strong>$attribute_salt_length</strong>,
] = explode('.', $token . '..'); <strong>// new: second point added</strong>
$value = NULL;
if ($attribute_type === 'field' || $attribute_type === 'property') {
$value = $this->fetchDrupalAccountField($attribute_name);
}
elseif ($attribute_type === 'password') {
$value = $this->fetchDrupalAccountPassword($attribute_name);
if (empty($value)) {
// Do not evaluate empty passwords, to avoid overwriting them.
return;
}
}
<strong>$attribute_salt_length = $attribute_salt_length == 0 ? 8 : intval($attribute_salt_length);
$salt = substr(crypt(uniqid(),'$6$azerty'), 15,$attribute_salt_length);</strong>
if ($attribute_conversion === 'to-md5') {
$value = md5($value);
}
elseif ($attribute_conversion === 'to-lowercase') {
$value = mb_strtolower($value);
} <strong>
elseif ($attribute_conversion === 'to-sha256') {
$value = crypt($value,'$5$'.$salt);
}
elseif ($attribute_conversion === 'to-sha512') {
$value = crypt($value,'$6$'.$salt);
}
elseif ($attribute_conversion === 'to-md4') {
// MD4 for MS-NT password
$value = strtoupper( hash( "md4", iconv( "UTF-8", "UTF-16LE", $value ) ) );
}</strong>
$this->tokens[sprintf('[%s]', $token)] = $value;
}
....
}
Closed: works as designed
4.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.