paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Web] Use preg_replace to detect passwd schema case-insensitive, sorry for wasting some ms cpu time

master
André 2018-07-11 22:12:22 +02:00
parent 1b47ae55f1
commit de00654a0a
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
data/web/inc/functions.inc.php
View File

@ -130,9 +130,7 @@ function generate_tlsa_digest($hostname, $port, $starttls = null) {
}
function verify_ssha256($hash, $password) {
// Remove tag if any
if (substr($hash, 0, strlen('{SSHA256}')) == '{SSHA256}') {
$hash = substr($hash, strlen('{SSHA256}'));
}
$hash = preg_replace('/^{SSHA256}/i', '', $hash);
// Decode hash
$dhash = base64_decode($hash);
// Get first 32 bytes of binary which equals a SHA256 hash