Coen’s blog

Although the current semester is almost over, we’re still working very hard on our project (in Dutch), and today I finished a password reset function for users of the portal. The tricky thing for me is that the user passwords are stored in LDAP, so I had to figure out how to write to a LDAP database, and how to create a SSHA password hash in php.
I found that there is very little documentation about the ldap functionality in php, let alone how to create a SSHA hash. There was, however, one post on php.net where I found half of my answer: http://nl.php.net/manual/en/function.sha1.php#52365 . The only thing I had to change was:

// this
$salt = pack("CCCC", mt_rand(), mt_rand(), mt_rand(), mt_rand());
// into this
$salt = pack("CCCCCCCC", mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand());

So, the complete code now looks like this:

mt_srand((double)microtime()*1000000);
$salt = pack("CCCCCCCC", mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand());
$sshaPassword = "{SSHA}" . base64_encode( pack("H*", sha1($newpasswd . $salt)) . $salt);
// bind using the configged options
$ldap->bind();
$ldap->save($userDn , array("userPassword" => $sshaPassword));

So finally, the password reset functionality works and users won’t have to worry if they’ve lost their password.

2 Comments »

And there it is: the year 2009.
Thing is, I don’t really have a clue as to how to write this particular post, but there are a few things that I want to mention because I’m really really really excited about them
First of, I’m going to graduate this year, starting February 2nd. I plan to do that at Sogyo, and I’ve got a very cool assignment: I am going to do research after the available tools of code generation and DSL, and build proof of concept code in case the already available tools don’t suffice. Also, I think I will get my first Java certificate (SCJP).

Although these things all have a high nerd factor, I’ve a plan that can top that. In the summer holidays, I’ve decided to go to Hacking At Random, which will be in The Netherlands this year. I think that my friends and classmates (who also will be there) and I will have a *lot* of fun. As a matter of fact, I promise to show you some pictures afterwards.

While I’m thinking about it, my learning-by-cheating idea didn’t go as well as I thought: I didn’t finish that little project (but alas, that’s one of many). What did come out of it is Sentry. The Sentry core is actually nothing more than a library loader, but is has some nice features. Each plug-in (or library) can provide a number of hookpoints, where other plug-in commands can hook onto. Nice thing about this is that you can create a completely event-driven application, and anyone is free to create their own plug-ins. At this moment, I’m using it to create an IRC bot that is kind of able to control what’s happening in a channel and also to give my c++ knowledge a boost If you’re interested: you can take a quick look at my websvn subdomain, the repository is sentry_cpp, and it’s also possible to svn co it from the svn subdomain.

That’s all for now, happy 2009 y’all!

No Comments »