| 1 |
<?php |
<?php |
| 2 |
// $Id$ |
// $Id $ |
| 3 |
|
|
| 4 |
function aes_install() { |
function aes_install() { |
| 5 |
|
|
| 6 |
/* |
if ($GLOBALS['db_type'] == "mysql" || $GLOBALS['db_type'] == "mysqli") { |
| 7 |
Creating an initialization vector. If you ever need to migrate your system or load in a backup, make sure you still have this, along with the key of course. You need both to be able to unlock your passwords. |
db_query("CREATE TABLE `{aes_passwords}` ( |
| 8 |
*/ |
`uid` INT NOT NULL , |
| 9 |
$iv = variable_get("aes_encryption_iv", null); |
`pass` VARCHAR( 128 ) NOT NULL , |
| 10 |
if (empty($iv)) { |
PRIMARY KEY ( `uid` ) |
| 11 |
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, "", MCRYPT_MODE_CBC, ""); |
)"); |
|
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_URANDOM); |
|
|
mcrypt_module_close($td); |
|
|
variable_set("aes_encryption_iv", base64_encode($iv)); |
|
|
drupal_set_message(t("New initialization vector created for the AES module.")); |
|
| 12 |
} |
} |
| 13 |
else { |
else if ($GLOBALS['db_type'] == "pgsql") { |
| 14 |
drupal_set_message(t("An old initialization vector was found for the AES module. Not creating a new one to avoid overwriting the existing one.")); |
db_query("CREATE TABLE {aes_passwords} ( |
| 15 |
|
uid integer NOT NULL, |
| 16 |
|
pass character varying(128) |
| 17 |
|
)"); |
| 18 |
|
|
| 19 |
|
db_query("ALTER TABLE ONLY {aes_passwords} ADD CONSTRAINT {aes_passwords}_pkey PRIMARY KEY (uid)"); |
| 20 |
} |
} |
|
|
|
|
variable_set("aes_convert", "false"); |
|
|
variable_set("aes_key_storage_method", "database"); |
|
| 21 |
|
|
| 22 |
|
variable_set("aes_key_storage_method", "Database"); |
| 23 |
|
variable_set("aes_cipher", "rijndael-128"); |
| 24 |
|
variable_set("aes_convert", "true"); |
| 25 |
|
variable_set("aes_viewing_method", "collapsible"); |
| 26 |
|
|
| 27 |
|
drupal_set_message(t("AES installed.")); |
| 28 |
} |
} |
| 29 |
|
|
|
/* |
|
|
At uninstall we remake all the AES strings into MD5 hashes. |
|
|
*/ |
|
| 30 |
function aes_uninstall() { |
function aes_uninstall() { |
| 31 |
//delete keyfile |
//delete keyfile |
| 32 |
if (variable_get("aes_key_storage_method", "") == "File") { |
if (variable_get("aes_key_storage_method", "") == "File") { |
| 33 |
unlink(variable_get("aes_key_path", "")); |
unlink(variable_get("aes_key_path", "")); |
| 34 |
} |
} |
| 35 |
|
|
| 36 |
|
db_query("DROP TABLE {aes_passwords}"); |
| 37 |
|
|
| 38 |
//delete variables |
//delete variables |
| 39 |
|
variable_del("aes_key"); |
| 40 |
variable_del("aes_convert"); |
variable_del("aes_convert"); |
| 41 |
variable_del("aes_key_storage_method"); |
variable_del("aes_key_storage_method"); |
| 42 |
variable_del("aes_key_path"); |
variable_del("aes_key_path"); |
| 43 |
variable_del("aes_key"); |
variable_del("aes_key"); |
| 44 |
variable_del("aes_encryption_iv"); |
variable_del("aes_encryption_iv"); |
| 45 |
|
variable_del("aes_cipher"); |
| 46 |
|
variable_del("aes_viewing_method"); |
| 47 |
|
|
| 48 |
|
drupal_set_message(t("AES uninstalled.")); |
| 49 |
|
} |
| 50 |
|
|
| 51 |
|
function aes_update_1() { |
| 52 |
|
if ($GLOBALS['db_type'] == "mysql" || $GLOBALS['db_type'] == "mysqli") { |
| 53 |
|
$return[] = update_sql("CREATE TABLE `{aes_passwords}` ( |
| 54 |
|
`uid` INT NOT NULL , |
| 55 |
|
`pass` VARCHAR( 128 ) NOT NULL , |
| 56 |
|
PRIMARY KEY ( `uid` ) |
| 57 |
|
)"); |
| 58 |
|
} |
| 59 |
|
else if ($GLOBALS['db_type'] == "pgsql") { |
| 60 |
|
$return[] = update_sql("CREATE TABLE {aes_passwords} ( |
| 61 |
|
uid integer NOT NULL, |
| 62 |
|
pass character varying(128) |
| 63 |
|
)"); |
| 64 |
|
|
| 65 |
|
$return[] = update_sql("ALTER TABLE ONLY {aes_passwords} ADD CONSTRAINT {aes_passwords}_pkey PRIMARY KEY (uid)"); |
| 66 |
|
} |
| 67 |
|
|
| 68 |
|
$result = db_query("SELECT uid, pass FROM {users} WHERE uid != 0"); |
| 69 |
|
|
| 70 |
|
while ($user = db_fetch_array($result)) { |
| 71 |
|
if (strlen($user['pass']) != 32) { |
| 72 |
|
|
| 73 |
|
$td = mcrypt_module_open("rijndael-128", "", MCRYPT_MODE_CBC, ""); |
| 74 |
|
$iv = base64_decode(variable_get("aes_encryption_iv", "")); |
| 75 |
|
$ks = mcrypt_enc_get_key_size($td); |
| 76 |
|
|
| 77 |
|
$storage_method = variable_get("aes_key_storage_method", "database"); |
| 78 |
|
if ($storage_method == "Database") { |
| 79 |
|
$key = variable_get("aes_key", false); |
| 80 |
|
} |
| 81 |
|
if ($storage_method == "File") { |
| 82 |
|
$key = file_get_contents(variable_get("aes_key_path", "")); |
| 83 |
|
} |
| 84 |
|
|
| 85 |
|
$key = substr(sha1($key), 0, $ks); |
| 86 |
|
|
| 87 |
|
mcrypt_generic_init($td, $key, $iv); |
| 88 |
|
$plain_pass = mdecrypt_generic($td, base64_decode($user['pass'])); |
| 89 |
|
mcrypt_generic_deinit($td); |
| 90 |
|
mcrypt_module_close($td); |
| 91 |
|
|
| 92 |
|
$md5_pass = md5(trim($plain_pass)); |
| 93 |
|
db_query("INSERT INTO {aes_passwords} (uid, pass) VALUES (%d, '%s')", $user['uid'], $user['pass']); |
| 94 |
|
db_query("UPDATE {users} SET pass='%s' WHERE uid=%d", $md5_pass, $user['uid']); |
| 95 |
|
} |
| 96 |
|
} |
| 97 |
|
|
| 98 |
|
variable_set("aes_viewing_method", "collapsible"); |
| 99 |
|
|
| 100 |
|
drupal_set_message(t('AES updated (1.0 -> 1.1).')); |
| 101 |
|
|
| 102 |
drupal_set_message("AES uninstalled."); |
return $return; |
| 103 |
} |
} |
| 104 |
|
|
Parent Directory
| 
Revision Log
| 
Revision Graph
| 
Patch