From f82558216b5676e2fcc8725b348e1c094b10f151 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Fri, 9 Mar 2012 20:58:42 +0100
Subject: [PATCH] Try a different CreateCryptSalt approach

---
 Util.pm    | 21 ++++++++++-----------
 update.cgi |  2 +-
 2 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/Util.pm b/Util.pm
index 2b230ab..27060d7 100644
--- a/Util.pm
+++ b/Util.pm
@@ -33,27 +33,26 @@ sub CreateKey {
 }
 
 sub CreateCryptSalt {
+  # CreateCryptSalt(type = 0, skip_header = 0)
   # this can create either a DES type salt or a MD5 salt
-  # 0 for DES, 1 for MD5 salt and 2 for apache MD5 salt
-  my $type = shift;
+  # 0 for DES, 1 for MD5 salt
+  # if skip_header is 0, does not add $1$ for md5 salts.
+  my $md5 = shift; # do we want a MD5 salt?
+  my $no_crypttype_header = shift;
   my $validstr = './0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
   my @valid = split(//,$validstr);
   my ($in, $out);
-  
-  my $cryptsaltlen = 2;
-  if (($type == 1)||($type == 2)) {
-    $cryptsaltlen = 8;
-  }
-  
+
+  my $cryptsaltlen = ($md5 ? 8 : 2);
+
   open (F, "</dev/urandom") || die &HTMLError("No /dev/urandom found!");
   foreach (1..$cryptsaltlen) {
     read(F, $in, 1);
     $out .= $valid[ord($in) % ($#valid + 1)];
   }
   close F;
-  my $md5 = $out;
-  if ($type == 1) { $md5 = "\$1\$$out\$"; }
-  return $md5
+  if ($md5 == 1 && !$no_crypttype_header) { $out = "\$1\$$out\$"; }
+  return $out
 }
 
 sub Encrypt { 
diff --git a/update.cgi b/update.cgi
index 02d3a5b..f1f82f9 100755
--- a/update.cgi
+++ b/update.cgi
@@ -249,7 +249,7 @@ if (!($query->param('doupdate'))) {
     }
 
     # create a md5 crypted password
-    $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateCryptSalt(2));
+    $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateCryptSalt(1, 1));
     
     &Util::LDAPUpdate($ldap, $editdn, 'webPassword', $newwebpassword);
   }  
-- 
2.20.1