Handle DES passwords

setaou · setaou · commit ea22b393caf2 · 2016-04-22T16:37:59.000+02:00
diff --git a/bin/v-check-user-password b/bin/v-check-user-password
@@ -49,13 +49,24 @@ fi
 #----------------------------------------------------------#
 
 # Parsing user's salt
-shadow=$(grep "^$user:" /etc/shadow)
-salt=$(echo "$shadow" |cut -f 3 -d \$)
-method=$(echo "$shadow" |cut -f 2 -d \$)
-if [ "$method" -eq '1' ]; then
-    method='md5'
+shadow=$(grep "^$user:" /etc/shadow | cut -f 2 -d :)
+
+if echo "$shadow" | grep -qE '^\$[0-9a-z]+\$[^\$]+\$'
+then
+    salt=$(echo "$shadow" |cut -f 3 -d \$)
+    method=$(echo "$shadow" |cut -f 2 -d \$)
+    if [ "$method" -eq '1' ]; then
+        method='md5'
+    elif [ "$method" -eq '6' ]; then
+        method='sha-512'
+    else
+        echo "Error: password missmatch"
+        echo "$DATE $TIME $user $ip failed to login" >> $VESTA/log/auth.log
+        exit 9
+    fi
 else
-    method='sha-512'
+    salt=${shadow:0:2}
+    method='des'
 fi
 
 if [ -z "$salt" ]; then
@@ -64,7 +75,7 @@ if [ -z "$salt" ]; then
     exit 9
 fi
 
-# Generating SHA-512
+# Generating hash
 hash=$($BIN/v-generate-password-hash $method $salt <<< $password)
 if [[ -z "$hash" ]]; then
     echo "Error: password missmatch"
diff --git a/bin/v-generate-password-hash b/bin/v-generate-password-hash
@@ -37,5 +37,10 @@ if ($crypt == 'htpasswd' ) {
     $hash = crypt($password, base64_encode($password));
 }
 
+// Generating DES hash
+if ($crypt == 'des' ) {
+    $hash = crypt($password, $salt);
+}
+
 // Printing result
 echo $hash . "\n";
