composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-05-19 15:22:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into develop

Browse Source
This commit is contained in:
Pierre Goiffon
2019-04-29 11:26:52 +02:00
parent ab0c97621a 77f757995e
commit 15362df69a
2 changed files with 25 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/mutex.class.inc.php
View File

@@ -45,7 +45,7 @@ class iTopMutex
static protected $aAcquiredLocks = array(); // Number of instances of the Mutex, having the lock, in this page static protected $aAcquiredLocks = array(); // Number of instances of the Mutex, having the lock, in this page
public function __construct( public function __construct(
$sName, $sDBHost = null, $sDBUser = null, $sDBPwd = null, $bDBTlsEnabled = false, $sDBTlsCA = null $sName, $sDBHost = null, $sDBUser = null, $sDBPwd = null, $bDBTlsEnabled = null, $sDBTlsCA = null
) )
{ {
// Compute the name of a lock for mysql // Compute the name of a lock for mysql

45
core/simplecrypt.class.inc.php
View File

@@ -3,7 +3,7 @@
// //
// This file is part of iTop. // This file is part of iTop.
// //
// iTop is free software; you can redistribute it and/or modify // iTop is free software; you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by // it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or // the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version. // (at your option) any later version.
@@ -66,7 +66,7 @@ class SimpleCrypt
* Constructor * Constructor
* @param string $sEngineName Engine for encryption. Values: Simple, Mcrypt, Sodium or OpenSSL * @param string $sEngineName Engine for encryption. Values: Simple, Mcrypt, Sodium or OpenSSL
* @throws Exception This library is unkown * @throws Exception This library is unkown
*/ */
function __construct($sEngineName = 'Mcrypt') function __construct($sEngineName = 'Mcrypt')
{ {
switch($sEngineName){ switch($sEngineName){
@@ -101,30 +101,30 @@ class SimpleCrypt
$sEngineName = 'SimpleCrypt' . $sEngineName . 'Engine'; $sEngineName = 'SimpleCrypt' . $sEngineName . 'Engine';
$this->oEngine = new $sEngineName; $this->oEngine = new $sEngineName;
} }
/** /**
* Encrypts the string with the given key * Encrypts the string with the given key
* @param string $key * @param string $key
* @param string $sString Plaintext string * @param string $sString Plaintext string
* @return string Ciphered string * @return string Ciphered string
*/ */
function Encrypt($key, $sString) function Encrypt($key, $sString)
{ {
return $this->oEngine->Encrypt($key,$sString); return $this->oEngine->Encrypt($key,$sString);
} }
/** /**
* Decrypts the string by the given key * Decrypts the string by the given key
* @param string $key * @param string $key
* @param string $string Ciphered string * @param string $string Ciphered string
* @return string Plaintext string * @return string Plaintext string
*/ */
function Decrypt($key, $string) function Decrypt($key, $string)
{ {
return $this->oEngine->Decrypt($key,$string); return $this->oEngine->Decrypt($key,$string);
} }
/** /**
* Returns a random "salt" value, to be used when "hashing" a password * Returns a random "salt" value, to be used when "hashing" a password
* using a one-way encryption algorithm, to prevent an attack using a "rainbow table" * using a one-way encryption algorithm, to prevent an attack using a "rainbow table"
@@ -135,9 +135,9 @@ class SimpleCrypt
{ {
// Copied from http://www.php.net/manual/en/function.mt-rand.php#83655 // Copied from http://www.php.net/manual/en/function.mt-rand.php#83655
// get 128 pseudorandom bits in a string of 16 bytes // get 128 pseudorandom bits in a string of 16 bytes
$sRandomBits = null; $sRandomBits = null;
// Unix/Linux platform? // Unix/Linux platform?
$fp = @fopen('/dev/urandom','rb'); $fp = @fopen('/dev/urandom','rb');
if ($fp !== FALSE) if ($fp !== FALSE)
@@ -156,14 +156,14 @@ class SimpleCrypt
{ {
$CAPI_Util = new COM('CAPICOM.Utilities.1'); $CAPI_Util = new COM('CAPICOM.Utilities.1');
$sBase64RandomBits = ''.$CAPI_Util->GetRandom(16,0); $sBase64RandomBits = ''.$CAPI_Util->GetRandom(16,0);
// if we ask for binary data PHP munges it, so we // if we ask for binary data PHP munges it, so we
// request base64 return value. We squeeze out the // request base64 return value. We squeeze out the
// redundancy and useless ==CRLF by hashing... // redundancy and useless ==CRLF by hashing...
if ($sBase64RandomBits) if ($sBase64RandomBits)
{ {
//echo "Random bits got from CAPICOM.Utilities.1<br/>\n"; //echo "Random bits got from CAPICOM.Utilities.1<br/>\n";
$sRandomBits = md5($sBase64RandomBits, TRUE); $sRandomBits = md5($sBase64RandomBits, TRUE);
} }
} }
catch (Exception $ex) catch (Exception $ex)
@@ -182,10 +182,10 @@ class SimpleCrypt
{ {
$sRandomBits .= sprintf('%04x', mt_rand(0, 65535)); $sRandomBits .= sprintf('%04x', mt_rand(0, 65535));
} }
} }
return $sRandomBits; return $sRandomBits;
} }
} }
@@ -221,7 +221,7 @@ class SimpleCryptSimpleEngine implements CryptEngine
$char = chr(ord($char)+ord($keychar)); $char = chr(ord($char)+ord($keychar));
$result.=$char; $result.=$char;
} }
return $result; return $result;
} }
public function Decrypt($key, $encrypted_data) public function Decrypt($key, $encrypted_data)
@@ -235,7 +235,7 @@ class SimpleCryptSimpleEngine implements CryptEngine
$result.=$char; $result.=$char;
} }
return $result; return $result;
} }
} }
/** /**
@@ -258,10 +258,13 @@ class SimpleCryptMcryptEngine implements CryptEngine
{ {
$this->td = mcrypt_module_open($this->alg,'','cbc',''); $this->td = mcrypt_module_open($this->alg,'','cbc','');
} }
public function Encrypt($key, $sString) public function Encrypt($key, $sString)
{ {
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($this->td), MCRYPT_RAND_URANDOM); // MCRYPT_RAND_URANDOM is now useable since itop requires php >= 5.6 $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($this->td), MCRYPT_DEV_URANDOM); // MCRYPT_DEV_URANDOM is now useable since itop requires php >= 5.6
if (false === $iv) {
throw new Exception('IV generation failed');
}
mcrypt_generic_init($this->td, $key, $iv); mcrypt_generic_init($this->td, $key, $iv);
if (empty($sString)) if (empty($sString))
{ {
@@ -275,7 +278,7 @@ class SimpleCryptMcryptEngine implements CryptEngine
public function Decrypt($key, $encrypted_data) public function Decrypt($key, $encrypted_data)
{ {
$iv = substr($encrypted_data, 0, mcrypt_enc_get_iv_size($this->td)); $iv = substr($encrypted_data, 0, mcrypt_enc_get_iv_size($this->td));
$string = substr($encrypted_data, mcrypt_enc_get_iv_size($this->td)); $string = substr($encrypted_data, mcrypt_enc_get_iv_size($this->td));
$r = mcrypt_generic_init($this->td, $key, $iv); $r = mcrypt_generic_init($this->td, $key, $iv);
if (($r < 0) || ($r === false)) if (($r < 0) || ($r === false))
{ {
@@ -288,7 +291,7 @@ class SimpleCryptMcryptEngine implements CryptEngine
} }
return $decrypted_data; return $decrypted_data;
} }
public function __destruct() public function __destruct()
{ {
mcrypt_module_close($this->td); mcrypt_module_close($this->td);