From 8a3f8592cc3be2bd84ccc264305e9d3489669bc7 Mon Sep 17 00:00:00 2001
From: Serghey Rodin <serghey.rodin@gmail.com>
Date: Sat, 4 Apr 2015 16:49:10 +0300
Subject: [PATCH] sha-512 passwords func

---
 bin/v-add-mail-account             |  9 ++++----
 bin/v-change-mail-account-password |  8 +++----
 bin/v-check-user-password          | 13 +----------
 bin/v-generate-password-hash       | 36 ++++++++++++++++++++++++++++++
 4 files changed, 44 insertions(+), 22 deletions(-)
 create mode 100755 bin/v-generate-password-hash

diff --git a/bin/v-add-mail-account b/bin/v-add-mail-account
index 0897bb16c..892fe9f7a 100755
--- a/bin/v-add-mail-account
+++ b/bin/v-add-mail-account
@@ -48,12 +48,11 @@ is_password_valid
 #                       Action                             #
 #----------------------------------------------------------#
 
-if [ -x '/usr/bin/doveadm' ]; then
-    md5=$(/usr/bin/doveadm pw -s md5 -p "$password")
-else
-    md5=$(/usr/sbin/dovecotpw -s md5 -p "$password")
-fi
+# Generating hashed password
+salt=$(gen_password "$PW_MATRIX" "8")
+md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"
 
+# Adding account info into password file
 if [[ "$MAIL_SYSTEM" =~ exim ]]; then
     str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
     echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
diff --git a/bin/v-change-mail-account-password b/bin/v-change-mail-account-password
index e7a769876..143468971 100755
--- a/bin/v-change-mail-account-password
+++ b/bin/v-change-mail-account-password
@@ -47,11 +47,9 @@ is_password_valid
 #                       Action                             #
 #----------------------------------------------------------#
 
-if [ -x '/usr/bin/doveadm' ]; then
-    md5=$(/usr/bin/doveadm pw -s md5 -p "$password")
-else
-    md5=$(/usr/sbin/dovecotpw -s md5 -p "$password")
-fi
+# Generating hashed password
+salt=$(gen_password "$PW_MATRIX" "8")
+md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"
 
 if [[ "$MAIL_SYSTEM" =~ exim ]]; then
     sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
diff --git a/bin/v-check-user-password b/bin/v-check-user-password
index 2f3b48d28..f3594fab1 100755
--- a/bin/v-check-user-password
+++ b/bin/v-check-user-password
@@ -43,17 +43,6 @@ if [[ -z "$password" ]]; then
     exit 9
 fi
 
-# Checking mkpasswd command
-which mkpasswd >/dev/null 2>&1
-if [ $? -ne 0 ]; then
-    # Activating fallback procedure
-    if [ -e "/usr/bin/yum" ]; then
-        yum install -y expect >/dev/null 2>&1
-    else
-        apt-get install -y expect >/dev/null 2>&1
-    fi
-fi
-
 
 #----------------------------------------------------------#
 #                       Action                             #
@@ -68,7 +57,7 @@ if [[ -z "$salt" ]] || [[ "${#salt}" -gt 8 ]]; then
 fi
 
 # Generating SHA-512
-hash=$(mkpasswd -m sha-512 -S $salt -s <<< $password)
+hash=$($BIN/v-generate-password-hash sha-512 $salt <<< $password)
 if [[ -z "$hash" ]]; then
     echo "Error: password missmatch"
     echo "$DATE $user $ip failed to login" >> $VESTA/log/auth.log
diff --git a/bin/v-generate-password-hash b/bin/v-generate-password-hash
new file mode 100755
index 000000000..1c454cd5a
--- /dev/null
+++ b/bin/v-generate-password-hash
@@ -0,0 +1,36 @@
+#!/usr/local/vesta/php/bin/php
+<?php
+//# info: generate password  hash
+//# options: HASH-METHOD SALT PASSWORD
+//
+//# The function generates password hash
+
+// Checking arguments
+if ((empty($argv[1])) || (empty($argv[2]))) {
+    echo "Error: not enought arguments\n";
+    echo "Usage: " . $argv[0] ." HASH-METHOD SALT PASSWORD\n";
+    exit(1);
+}
+
+$crypt = $argv[1];
+$salt = $argv[2];
+if (empty($argv[3])) {
+    $password = file_get_contents("php://stdin");
+    $password = str_replace("\n",'',$password);
+} else {
+    $password = $argv[3];
+}
+
+// Generating MD5 hash
+if ($crypt == 'md5' ) {
+    $hash = crypt($password,  '$1$'.$salt.'$');
+}
+
+// Generating SHA-512 hash
+if ($crypt == 'sha-512' ) {
+    $hash = crypt($password,  '$6$rounds=5000$'.$salt.'$');
+    $hash = str_replace('$rounds=5000','',$hash);
+}
+
+// Printing result
+echo $hash . "\n";