Better salt

[mirror/userdir-ldap-cgi.git] / Util.pm

diff --git a/Util.pm b/Util.pm
index 374a592..f6be1ed 100644 (file)
--- a/Util.pm
+++ b/Util.pm
@@ -7,7 +7,7 @@ package Util;
 
 use strict;
 use Date::Manip qw(ParseDate);
-use Net::LDAP qw(:all);
+use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);
 use English;
 
 my $blocksize = 8; # A blowfish block is 8 bytes
@@ -50,6 +50,22 @@ sub CreateCryptSalt {
   return ($md5 ? "\$1\$$out\$" : $out);
 }
 
+sub CreateMD5Salt {
+  my $validstr = './0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+  my @valid = split(//,$validstr);
+  my ($in, $out);
+  
+  my $cryptsaltlen = 8;
+  
+  open (F, "</dev/urandom") || die &HTMLError("No /dev/urandom found!");
+  foreach (1..$cryptsaltlen) {
+    read(F, $in, 1);
+    $out .= $valid[ord($in) % ($#valid + 1)];
+  }
+  close F;
+  return $out;
+}
+
 sub Encrypt { 
   # blowfish only encrypts things in blocks of 8 bytes, so we
   # need a custom routine that handles longer strings....
@@ -359,7 +375,7 @@ sub UpgradeConnection($) {
   $mesg->sync;
   if ($mesg->code != LDAP_SUCCESS) {
     print "Content-type: text/html; charset=utf-8\n\n";
-    print "<html><body><h1>STARTTLS failed: "..$mesg->error."</h1></body></html>\n";
+    print "<html><body><h1>STARTTLS failed: ".$mesg->error."</h1></body></html>\n";
     exit(1);
   };
 };