Merge branch 'master' into future

* master: (162 commits)
  fixed revision JS for images
  upgraded SimplePie to 1.3.1 FS#2708
  removed obsolete browser plugin (migrate does it)
  adjust spacing to match standard 1.4em grid
  added comment on use of whitelist vs blacklist
  Updated idfilter() function for IIS
  use var and remove suggestions when needed Use variable for maximum number of suggestions for quicksearch. And hide suggestions when search field is emptied, or when no suggestion are found.
  added 'home' class to first link in hierarchical breadcrumbs
  reduced required max width to go into tablet mode
  re-added linear gradients for firefox
  added missing styling for disabled form elements (FS#2705)
  fixed acronyms in italics (FS#2684)
  improved print styles (includes fixes for FS#2645 and FS#2707)
  basic styles improvements
  Greek language update
  Use list in acl help text, for more structure
  Galician language update
  touch the config on save, even if no changes were made
  unwind the width narrowing commit
  put some whitespace between form submit button and fieldset bottom border
  ...

Conflicts:
	lib/plugins/config/admin.php
	lib/plugins/config/settings/config.class.php

1 files changed, 56 insertions, 12 deletions

diff --git a/inc/PassHash.class.php b/inc/PassHash.class.php
index 13be479cc..080fb4778 100644
--- a/inc/PassHash.class.php
+++ b/inc/PassHash.class.php
@@ -4,7 +4,7 @@
  *
  * This class implements various mechanisms used to hash passwords
  *
- * @author Andreas Gohr <andi@splitbrain.org>
+ * @author  Andreas Gohr <andi@splitbrain.org>
  * @license LGPL2
  */
 class PassHash {
@@ -58,6 +58,12 @@ class PassHash {
         } elseif(substr($hash, 0, 6) == '{SMD5}') {
             $method = 'lsmd5';
             $salt   = substr(base64_decode(substr($hash, 6)), 16);
+        } elseif(preg_match('/^:B:(.+?):.{32}$/', $hash, $m)) {
+            $method = 'mediawiki';
+            $salt   = $m[1];
+        } elseif(preg_match('/^\$6\$(.+?)\$/', $hash, $m)) {
+            $method = 'sha512';
+            $salt   = $m[1];
         } elseif($len == 32) {
             $method = 'md5';
         } elseif($len == 40) {
@@ -101,14 +107,18 @@ class PassHash {
      * Initialize the passed variable with a salt if needed.
      *
      * If $salt is not null, the value is kept, but the lenght restriction is
-     * applied.
+     * applied (unless, $cut is false).
      *
      * @param string &$salt The salt, pass null if you want one generated
-     * @param int    $len The length of the salt
+     * @param int    $len   The length of the salt
+     * @param bool   $cut   Apply length restriction to existing salt?
      */
-    public function init_salt(&$salt, $len = 32) {
-        if(is_null($salt)) $salt = $this->gen_salt($len);
-        if(strlen($salt) > $len) $salt = substr($salt, 0, $len);
+    public function init_salt(&$salt, $len = 32, $cut = true) {
+        if(is_null($salt)) {
+            $salt = $this->gen_salt($len);
+            $cut  = true; // for new hashes we alway apply length restriction
+        }
+        if(strlen($salt) > $len && $cut) $salt = substr($salt, 0, $len);
     }
 
     // Password hashing methods follow below
@@ -263,7 +273,7 @@ class PassHash {
      *
      * This method was used by old MySQL systems
      *
-     * @link http://www.php.net/mysql
+     * @link   http://www.php.net/mysql
      * @author <soren at byu dot edu>
      * @param string $clear The clear text to hash
      * @return string Hashed password
@@ -327,9 +337,9 @@ class PassHash {
      * an exception.
      *
      * @link  http://www.openwall.com/phpass/
-     * @param string $clear The clear text to hash
-     * @param string $salt  The salt to use, null for random
-     * @param string $magic The hash identifier (P or H)
+     * @param string $clear   The clear text to hash
+     * @param string $salt    The salt to use, null for random
+     * @param string $magic   The hash identifier (P or H)
      * @param int    $compute The iteration count for new passwords
      * @throws Exception
      * @return string Hashed password
@@ -430,8 +440,8 @@ class PassHash {
      * will break. When no salt is given, the iteration count can be set
      * through the $compute variable.
      *
-     * @param string $clear The clear text to hash
-     * @param string $salt  The salt to use, null for random
+     * @param string $clear   The clear text to hash
+     * @param string $salt    The salt to use, null for random
      * @param int    $compute The iteration count (between 4 and 31)
      * @throws Exception
      * @return string Hashed password
@@ -450,4 +460,38 @@ class PassHash {
         return crypt($clear, $salt);
     }
 
+    /**
+     * Password hashing method SHA512
+     *
+     * This is only supported on PHP 5.3.2 or higher and will throw an exception if
+     * the needed crypt support is not available
+     *
+     * @param string $clear The clear text to hash
+     * @param string $salt  The salt to use, null for random
+     * @return string Hashed password
+     * @throws Exception
+     */
+    public function hash_sha512($clear, $salt = null) {
+        if(!defined('CRYPT_SHA512') || CRYPT_SHA512 != 1) {
+            throw new Exception('This PHP installation has no SHA512 support');
+        }
+        $this->init_salt($salt, 8, false);
+        return crypt($clear, '$6$'.$salt.'$');
+    }
+
+    /**
+     * Password hashing method 'mediawiki'
+     *
+     * Uses salted MD5, this is referred to as Method B in MediaWiki docs. Unsalted md5
+     * method 'A' is not supported.
+     *
+     * @link  http://www.mediawiki.org/wiki/Manual_talk:User_table#user_password_column
+     * @param string $clear The clear text to hash
+     * @param string $salt  The salt to use, null for random
+     * @return string Hashed password
+     */
+    public function hash_mediawiki($clear, $salt = null) {
+        $this->init_salt($salt, 8, false);
+        return ':B:'.$salt.':'.md5($salt.'-'.md5($clear));
+    }
 }