PVE::Tools::encrypt_pw() - new helper copied from pve-access-control

[pve-common.git] / src / PVE / Tools.pm

diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm
index fe35ef225e46f35d52d5c374c00e3738b8b3871b..406aa2aa7834bba3af1bd6796b196ab90408c385 100644 (file)
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@@ -1443,4 +1443,18 @@ sub enter_systemd_scope {
     die "systemd job never completed\n" if !$done;
 }
 
+my $salt_starter = time();
+
+sub encrypt_pw {
+    my ($pw) = @_;
+
+    $salt_starter++;
+    my $salt = substr(Digest::SHA::sha1_base64(time() + $salt_starter + $$), 0, 8);
+
+    # crypt does not want '+' in salt (see 'man crypt')
+    $salt =~ s/\+/X/g;
+
+    return crypt(encode("utf8", $pw), "\$5\$$salt\$");
+}
+
 1;