[ Index ]

PHP Cross Reference of MantisBT

title

Body

[close]

/admin/check/ -> check_crypto_inc.php (source)

[Summary view] [Print] [Text view] 

   1  <?php
   2  # MantisBT - A PHP based bugtracking system
   3  
   4  # MantisBT is free software: you can redistribute it and/or modify
   5  # it under the terms of the GNU General Public License as published by
   6  # the Free Software Foundation, either version 2 of the License, or
   7  # (at your option) any later version.
   8  #
   9  # MantisBT is distributed in the hope that it will be useful,
  10  # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  # GNU General Public License for more details.
  13  #
  14  # You should have received a copy of the GNU General Public License
  15  # along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * @package MantisBT
  19   * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
  20   * @copyright Copyright (C) 2002 - 2011  MantisBT Team - mantisbt-dev@lists.sourceforge.net
  21   * @link http://www.mantisbt.org
  22   *
  23   * @uses check_api.php
  24   * @uses config_api.php
  25   * @uses constant_inc.php
  26   */
  27  
  28  if ( !defined( 'CHECK_CRYPTO_INC_ALLOW' ) ) {
  29      return;
  30  }
  31  
  32  /**
  33   * MantisBT Check API
  34   */
  35  require_once ( 'check_api.php' );
  36  require_api( 'config_api.php' );
  37  require_api( 'constant_inc.php' );
  38  
  39  check_print_section_header_row( 'Cryptography' );
  40  
  41  check_print_test_row(
  42      'Master salt value has been specified',
  43      strlen( config_get_global( 'crypto_master_salt' ) ) >= 16,
  44      array( false => 'The crypto_master_salt option needs to be specified in config_inc.php with a minimum string length of 16 characters.' )
  45  );
  46  
  47  check_print_test_row(
  48      'login_method is not equal to CRYPT_FULL_SALT',
  49      config_get_global( 'login_method' ) != CRYPT_FULL_SALT,
  50      array( false => 'Login method CRYPT_FULL_SALT has been deprecated and should not be used.' )
  51  );
  52  
  53  if( config_get_global( 'login_method' ) != LDAP ) {
  54      check_print_test_warn_row(
  55          'login_method is set to MD5',
  56          config_get_global( 'login_method' ) == MD5,
  57          'MD5 password encryption is currently the strongest password storage method supported by MantisBT.'
  58      );
  59  }

Body

Body

Body

Body


Generated: Thu Jul 28 15:48:31 2011 Cross-referenced by PHPXref 0.7