From 67723447f02824ff2df7daa0f1f97d8b289c5d7a Mon Sep 17 00:00:00 2001
From: Axel Angel <axel+git@vneko.ch>
Date: Sun, 4 May 2014 19:54:37 +0200
Subject: Hash and salt password with PassHash::ssha

Moved the block closer to the variable use (indent clearer)
---
 lib/plugins/authldap/auth.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'lib')

diff --git a/lib/plugins/authldap/auth.php b/lib/plugins/authldap/auth.php
index 5bdaf0446..ecbbc2a3a 100644
--- a/lib/plugins/authldap/auth.php
+++ b/lib/plugins/authldap/auth.php
@@ -288,10 +288,6 @@ class auth_plugin_authldap extends DokuWiki_Auth_Plugin {
         if(empty($changes['pass'])) {
             msg('The new password is not allow because it\'s empty');
             return false;
-        } else {
-            mt_srand((double)microtime()*1000000);
-            $salt = pack("CCCC", mt_rand(), mt_rand(), mt_rand(), mt_rand());
-            $hash = "{SSHA}" . base64_encode(pack("H*", sha1($changes['pass'] . $salt)) . $salt);
         }
 
         // find the old password of the user
@@ -317,6 +313,10 @@ class auth_plugin_authldap extends DokuWiki_Auth_Plugin {
             return false; // no otherway
         }
 
+        // Generate the salted hashed password for LDAP
+        $phash = new PassHash();
+        $hash = $phash->hash_ssha($changes['pass']);
+
         // change the password
         if(!@ldap_mod_replace($this->con, $dn,array('userpassword' => $hash))){
             msg('LDAP mod replace failed: '. htmlspecialchars($dn) .': '.htmlspecialchars(ldap_error($this->con)));
-- 
cgit v1.2.3