sha-512 passwords func

2025-08-19 21:04:07 -07:00 · 2015-04-04 16:49:10 +03:00 · 2015-04-04 16:49:10 +03:00 · 8a3f8592cc
commit 8a3f8592cc
parent 1a7612cc66
4 changed files with 44 additions and 22 deletions
--- a/bin/v-add-mail-account
+++ b/bin/v-add-mail-account
@ -48,12 +48,11 @@ is_password_valid
 #                       Action                             #
 #----------------------------------------------------------#

-if [ -x '/usr/bin/doveadm' ]; then
-    md5=$(/usr/bin/doveadm pw -s md5 -p "$password")
-else
-    md5=$(/usr/sbin/dovecotpw -s md5 -p "$password")
-fi
+# Generating hashed password
+salt=$(gen_password "$PW_MATRIX" "8")
+md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"

+# Adding account info into password file
 if [[ "$MAIL_SYSTEM" =~ exim ]]; then
    str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
    echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
--- a/bin/v-change-mail-account-password
+++ b/bin/v-change-mail-account-password
@ -47,11 +47,9 @@ is_password_valid
 #                       Action                             #
 #----------------------------------------------------------#

-if [ -x '/usr/bin/doveadm' ]; then
-    md5=$(/usr/bin/doveadm pw -s md5 -p "$password")
-else
-    md5=$(/usr/sbin/dovecotpw -s md5 -p "$password")
-fi
+# Generating hashed password
+salt=$(gen_password "$PW_MATRIX" "8")
+md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"

 if [[ "$MAIL_SYSTEM" =~ exim ]]; then
    sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
--- a/bin/v-check-user-password
+++ b/bin/v-check-user-password
@ -43,17 +43,6 @@ if [[ -z "$password" ]]; then
    exit 9
 fi

-# Checking mkpasswd command
-which mkpasswd >/dev/null 2>&1
-if [ $? -ne 0 ]; then
-    # Activating fallback procedure
-    if [ -e "/usr/bin/yum" ]; then
-        yum install -y expect >/dev/null 2>&1
-    else
-        apt-get install -y expect >/dev/null 2>&1
-    fi
-fi
-

 #----------------------------------------------------------#
 #                       Action                             #
@ -68,7 +57,7 @@ if [[ -z "$salt" ]] || [[ "${#salt}" -gt 8 ]]; then
 fi

 # Generating SHA-512
-hash=$(mkpasswd -m sha-512 -S $salt -s <<< $password)
+hash=$($BIN/v-generate-password-hash sha-512 $salt <<< $password)
 if [[ -z "$hash" ]]; then
    echo "Error: password missmatch"
    echo "$DATE $user $ip failed to login" >> $VESTA/log/auth.log
--- a/bin/v-generate-password-hash
+++ b/bin/v-generate-password-hash
@ -0,0 +1,36 @@
+#!/usr/local/vesta/php/bin/php
+<?php
+//# info: generate password  hash
+//# options: HASH-METHOD SALT PASSWORD
+//
+//# The function generates password hash
+
+// Checking arguments
+if ((empty($argv[1])) || (empty($argv[2]))) {
+    echo "Error: not enought arguments\n";
+    echo "Usage: " . $argv[0] ." HASH-METHOD SALT PASSWORD\n";
+    exit(1);
+}
+
+$crypt = $argv[1];
+$salt = $argv[2];
+if (empty($argv[3])) {
+    $password = file_get_contents("php://stdin");
+    $password = str_replace("\n",'',$password);
+} else {
+    $password = $argv[3];
+}
+
+// Generating MD5 hash
+if ($crypt == 'md5' ) {
+    $hash = crypt($password,  '$1$'.$salt.'$');
+}
+
+// Generating SHA-512 hash
+if ($crypt == 'sha-512' ) {
+    $hash = crypt($password,  '$6$rounds=5000$'.$salt.'$');
+    $hash = str_replace('$rounds=5000','',$hash);
+}
+
+// Printing result
+echo $hash . "\n";