Use XXTEA for permanent login

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1287 7c3ca157-0c34-0410-bff1-cbf682f78f5c

adminer/include/auth.inc.php

@@ -7,7 +7,7 @@ if (isset($_POST["server"])) {
 		cookie("adminer_permanent",
 			base64_encode($_POST["server"])
 			. ":" . base64_encode($_POST["username"])
-			. ":" . base64_encode(cipher_password($_POST["password"], pack("H*", sha1(str_pad($_POST["username"], 1) . $adminer->permanentLogin())))) // str_pad - to hide original key
+			. ":" . base64_encode(encrypt_string($_POST["password"], $adminer->permanentLogin()))
 		);
 	}
 	if (count($_POST) == 3 + ($_POST["permanent"] ? 1 : 0)) { // 3 - server, username, password
@@ -40,36 +40,13 @@ if (isset($_POST["server"])) {
 	if (!strlen($_GET["server"]) || $server == $_GET["server"]) {
 		session_regenerate_id(); // defense against session fixation
 		$_SESSION["usernames"][$server] = $username;
-		$_SESSION["passwords"][$server] = decipher_password($cipher, pack("H*", sha1(str_pad($username, 1) . $adminer->permanentLogin())));
+		$_SESSION["passwords"][$server] = decrypt_string($cipher, $adminer->permanentLogin());
 		if (!$_POST && $server != $_GET["server"]) {
 			redirect(preg_replace('~^([^?]*).*~', '\\1', ME) . '?server=' . urlencode($server));
 		}
 	}
 }
 
-/** Cipher password
-* @param string plain-text password
-* @param string binary key, should be longer than $password
-* @return string binary cipher
-*/
-function cipher_password($password, $key) {
-	$password2 = strlen($password) . ":" . str_pad($password, 17);
-	$repeat = ceil(strlen($password2) / strlen($key));
-	return $password2 ^ str_repeat($key, $repeat);
-}
-
-/** Decipher password
-* @param string binary cipher
-* @param string binary key
-* @return string plain-text password
-*/
-function decipher_password($cipher, $key) {
-	$repeat = ceil(strlen($cipher) / strlen($key));
-	$password2 = $cipher ^ str_repeat($key, $repeat);
-	list($length, $password) = explode(":", $password2, 2);
-	return substr($password, 0, $length);
-}
-
 function auth_error($exception = null) {
 	global $connection, $adminer;
 	$session_name = session_name();

adminer/include/bootstrap.inc.php

@@ -85,6 +85,7 @@ include "./include/adminer.inc.php";
 include "../adminer/include/design.inc.php";
 include "../adminer/include/pdo.inc.php";
 include "../adminer/include/mysql.inc.php";
+include "../adminer/include/xxtea.inc.php";
 include "../adminer/include/auth.inc.php";
 include "./include/connect.inc.php";
 include "./include/editing.inc.php";

adminer/include/functions.inc.php

@@ -201,7 +201,7 @@ function where_link($i, $column, $value) {
 * @return bool
 */
 function cookie($name, $value) {
-	$params = array($name, $value, time() + 2592000, preg_replace('~\\?.*~', '', ME), "", (bool) $_SERVER["HTTPS"]); // 2592000 = 30 * 24 * 60 * 60
+	$params = array($name, $value, time() + 2592000, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"]), "", (bool) $_SERVER["HTTPS"]); // 2592000 = 30 * 24 * 60 * 60
 	if (version_compare(PHP_VERSION, '5.2.0') >= 0) {
 		$params[] = true; // HttpOnly
 	}

adminer/include/version.inc.php

@@ -1,2 +1,2 @@
 <?php
-$VERSION = "2.2.2-dev";
+$VERSION = "2.3.0-dev";

adminer/include/xxtea.inc.php

@@ -0,0 +1,96 @@
+<?php
+/** PHP implementation of XXTEA encryption algorithm.
+* @author Ma Bingyao <andot@ujn.edu.cn>
+* @link http://www.coolcode.cn/?action=show&id=128
+*/
+
+function int32($n) {
+	while ($n >= 2147483648) {
+		$n -= 4294967296;
+	}
+	while ($n <= -2147483649) {
+		$n += 4294967296;
+	}
+	return (int) $n;
+}
+
+function long2str($v, $w) {
+	$s = '';
+	foreach ($v as $val) {
+		$s .= pack('V', $val);
+	}
+	if ($w) {
+		return substr($s, 0, end($v));
+	}
+	return $s;
+}
+
+function str2long($s, $w) {
+	$v = array_values(unpack('V*', str_pad($s, 4 * ceil(strlen($s) / 4), "\0")));
+	if ($w) {
+		$v[] = strlen($s);
+	}
+	return $v;
+}
+
+function xxtea_mx($z, $y, $sum, $k) {
+	return int32((($z >> 5 & 0x7FFFFFF) ^ $y << 2) + (($y >> 3 & 0x1FFFFFFF) ^ $z << 4)) ^ int32(($sum ^ $y) + ($k ^ $z));
+}
+
+/** Cipher
+* @param string plain-text password
+* @param array 4 integers
+* @return string binary cipher
+*/
+function encrypt_string($str, $key) {
+	$v = str2long($str, true);
+	$n = count($v) - 1;
+	$z = $v[$n];
+	$y = $v[0];
+	$q = floor(6 + 52 / ($n + 1));
+	$sum = 0;
+	while ($q-- > 0) {
+		$sum = int32($sum + 0x9E3779B9);
+		$e = $sum >> 2 & 3;
+		for ($p=0; $p < $n; $p++) {
+			$y = $v[$p + 1];
+			$mx = xxtea_mx($z, $y, $sum, $key[$p & 3 ^ $e]);
+			$z = int32($v[$p] + $mx);
+			$v[$p] = $z;
+		}
+		$y = $v[0];
+		$mx = xxtea_mx($z, $y, $sum, $key[$p & 3 ^ $e]);
+		$z = int32($v[$n] + $mx);
+		$v[$n] = $z;
+	}
+	return long2str($v, false);
+}
+
+/** Decipher
+* @param string binary cipher
+* @param array 4 integers
+* @return string plain-text password
+*/
+function decrypt_string($str, $key) {
+	$v = str2long($str, false);
+	$n = count($v) - 1;
+	$z = $v[$n];
+	$y = $v[0];
+	$q = floor(6 + 52 / ($n + 1));
+	$sum = int32($q * 0x9E3779B9);
+	while ($sum) {
+		$e = $sum >> 2 & 3;
+		for ($p=$n; $p > 0; $p--) {
+			$z = $v[$p - 1];
+			$mx = xxtea_mx($z, $y, $sum, $key[$p & 3 ^ $e]);
+			$y = int32($v[$p] - $mx);
+			$v[$p] = $y;
+		}
+		$z = $v[$n];
+		$mx = xxtea_mx($z, $y, $sum, $key[$p & 3 ^ $e]);
+		$y = int32($v[0] - $mx);
+		$v[0] = $y;
+		$sum = int32($sum - 0x9E3779B9);
+	}
+	return long2str($v, true);
+}

changes.txt

@@ -1,9 +1,10 @@
-Adminer 2.2.2-dev:
+Adminer 2.3.0-dev:
 Support for permanent login (customization required)
+Show status variables
 Add Delete button to Edit page (regression from 2.0.0)
 Simplify SQL syntax error message
-Print SQL query info if available
-Delete length when changing type
+Show SQL query info if available
+Delete length when changing type in alter table
 
 Adminer 2.2.1 (released 2009-11-26):
 Highlight current links