$res->{key} = $1;
} elsif ($kvp =~ m/^url=(\S+)$/) {
$res->{url} = $1;
+ } elsif ($kvp =~ m/^digits=([6|7|8])$/) {
+ $res->{digits} = $1;
+ } elsif ($kvp =~ m/^step=([1-9]\d+)$/) {
+ $res->{step} = $1;
} else {
return undef;
}
return $res;
}
+my $salt_starter = time();
+
sub encrypt_pw {
my ($pw) = @_;
- my $time = substr(Digest::SHA::sha1_base64 (time), 0, 8);
- return crypt(encode("utf8", $pw), "\$5\$$time\$");
+ $salt_starter++;
+ my $salt = substr(Digest::SHA::sha1_base64(time() + $salt_starter + $$), 0, 8);
+
+ # crypt does not want '+' in salt (see 'man crypt')
+ $salt =~ s/\+/X/g;
+
+ return crypt(encode("utf8", $pw), "\$5\$$salt\$");
}
my $defaultData = {
sub write_config {
my ($class, $filename, $cfg) = @_;
- delete $cfg->{ids}->{pve};
- delete $cfg->{ids}->{pam};
-
foreach my $realm (keys %{$cfg->{ids}}) {
my $data = $cfg->{ids}->{$realm};
if ($data->{comment}) {