1) { $trunc_len = $components[0]; $trunc_password = $components[1]; return substr($password, 0, $trunc_len) == $trunc_password; } else { return $password == $hash; } case "SHA": case "SHA1": case "SHA256": case "SHA512": // SHA is an alias for SHA1 $scheme = $scheme == "SHA" ? "sha1" : strtolower($scheme); $hash = base64_decode($hash); return hash_equals(hash($scheme, $password, true), $hash); case "SMD5": return verify_salted_hash($hash, $password, 'md5', 16); case "SSHA": return verify_salted_hash($hash, $password, 'sha1', 20); case "SSHA256": return verify_salted_hash($hash, $password, 'sha256', 32); case "SSHA512": return verify_salted_hash($hash, $password, 'sha512', 64); default: return false; } } return false; } public function authenticate($username, $servername, $password) { $database_type = 'mysql'; $database_sock = '/var/run/mysqld/mysqld.sock'; $database_user = '__DBUSER__'; $database_pass = '__DBPASS__'; $database_name = '__DBNAME__'; $dsn = $database_type . ":unix_socket=" . $database_sock . ";dbname=" . $database_name; $opt = [ PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, PDO::ATTR_EMULATE_PREPARES => false ]; try { $pdo = new PDO($dsn, $database_user, $database_pass, $opt); } catch (PDOException $e) { return false; } if (!filter_var($username, FILTER_VALIDATE_EMAIL) && !ctype_alnum(str_replace(array('_', '.', '-'), '', $username))) { return false; } $username = strtolower(trim($username)); $stmt = $pdo->prepare("SELECT `password` FROM `mailbox` INNER JOIN domain on mailbox.domain = domain.domain WHERE `kind` NOT REGEXP 'location|thing|group' AND `mailbox`.`active`= '1' AND `domain`.`active`= '1' AND `domain`.`xmpp` = '1' AND JSON_UNQUOTE(JSON_VALUE(`mailbox`.`attributes`, '$.xmpp_access')) = '1' AND CONCAT(`domain`.`xmpp_prefix`, '.', `domain`.`domain`) = :servername AND `username` = CONCAT(:local_part, '@', `domain`.`domain`)"); $stmt->execute(array(':local_part' => $username, ':servername' => $servername)); $rows = $stmt->fetchAll(PDO::FETCH_ASSOC); foreach ($rows as $row) { if (self::verify_hash($row['password'], $password) !== false) { return true; } } return false; } /** * Check if a user exists * * @param string $username * @param string $servername * * @return bool */ public function userExists($username, $servername) { return true; } /** * Set a password for a user * * @param string $username * @param string $servername * @param string $password * * @return bool */ public function setPassword($username, $servername, $password) { return false; } /** * Register a user * * @param string $username * @param string $servername * @param string $password * * @return bool */ public function register($username, $servername, $password) { return false; } /** * Delete a user * * @param string $username * @param string $servername * * @return bool */ public function removeUser($username, $servername) { return false; } /** * Delete a user with password validation * * @param string $username * @param string $servername * @param string $password * * @return bool */ public function removeUserWithPassword($username, $servername, $password) { return false; } }