fix ftp user passwords

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

lib/Froxlor/Api/Commands/Ftps.php

@@ -172,7 +172,7 @@ class Ftps extends ApiCommand implements ResourceEntity
 				Response::standardError('passwordshouldnotbeusername', '', true);
 			} else {
 				$path = FileDir::makeCorrectDir($customer['documentroot'] . '/' . $path);
-				$cryptPassword = Crypt::makeCryptPassword($password);
+				$cryptPassword = Crypt::makeCryptPassword($password, false, true);
 
 				$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_USERS . "`
 						(`customerid`, `username`, `description`, `password`, `homedir`, `login_enabled`, `uid`, `gid`, `shell`)
@@ -441,7 +441,7 @@ class Ftps extends ApiCommand implements ResourceEntity
 			if ($password == $result['username']) {
 				Response::standardError('passwordshouldnotbeusername', '', true);
 			}
-			$cryptPassword = Crypt::makeCryptPassword($password);
+			$cryptPassword = Crypt::makeCryptPassword($password, false, true);
 
 			$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
 				SET `password` = :password

lib/Froxlor/System/Crypt.php

@@ -206,11 +206,10 @@ class Crypt
 	 *            Password to be encrypted
 	 * @param bool $htpasswd
 	 *            optional whether to generate a SHA1 password for directory protection
+	 * @param bool $openssl
+	 *            optional generates $htpasswd like strings but for proftpd
 	 *
-	 * @return string encrypted password
+	 * @return string encrypted password)
-	 * @author Michal Wojcik <m.wojcik@sonet3.pl>
-	 * @author Michael Kaufmann <mkaufmann@nutime.de>
-	 * @author Froxlor team <team@froxlor.org> (2010-)
 	 *
 	 *         0 - default crypt (depends on system configuration)
 	 *         1 - MD5 $1$
@@ -219,10 +218,10 @@ class Crypt
 	 *         4 - SHA-512 $6$
 	 *
 	 */
-	public static function makeCryptPassword($password, $htpasswd = false)
+	public static function makeCryptPassword($password, $htpasswd = false, $openssl = false)
 	{
-		if ($htpasswd) {
+		if ($htpasswd || $openssl) {
-			return '{SHA}' . base64_encode(sha1($password, true));
+			return '{SHA' . ($openssl ? '1' : '') . '}' . base64_encode(sha1($password, true));
 		}
 		$algo = Settings::Get('system.passwordcryptfunc') !== null ? Settings::Get('system.passwordcryptfunc') : PASSWORD_DEFAULT;
 		return password_hash($password, $algo);

lib/configfiles/bionic.xml

@@ -4261,7 +4261,7 @@ SQLEngine on
 SQLAuthenticate on
 #
 # Use both an encrypted or plaintext password
-SQLAuthTypes Crypt
+SQLAuthTypes Crypt OpenSSL
 
 SQLAuthenticate users* groups*
 

lib/configfiles/bookworm.xml

@@ -2900,7 +2900,7 @@ SQLEngine on
 SQLAuthenticate on
 #
 # Use both an encrypted or plaintext password
-SQLAuthTypes Crypt
+SQLAuthTypes Crypt OpenSSL
 
 SQLAuthenticate users* groups*
 

lib/configfiles/bullseye.xml

@@ -4472,7 +4472,7 @@ SQLEngine on
 SQLAuthenticate on
 #
 # Use both an encrypted or plaintext password
-SQLAuthTypes Crypt
+SQLAuthTypes Crypt OpenSSL
 
 SQLAuthenticate users* groups*
 

lib/configfiles/buster.xml

@@ -4463,7 +4463,7 @@ SQLEngine on
 SQLAuthenticate on
 #
 # Use both an encrypted or plaintext password
-SQLAuthTypes Crypt
+SQLAuthTypes Crypt OpenSSL
 
 SQLAuthenticate users* groups*
 

lib/configfiles/focal.xml

@@ -3678,7 +3678,7 @@ SQLEngine on
 SQLAuthenticate on
 #
 # Use both an encrypted or plaintext password
-SQLAuthTypes Crypt
+SQLAuthTypes Crypt OpenSSL
 
 SQLAuthenticate users* groups*
 

lib/configfiles/gentoo.xml

@@ -3453,7 +3453,7 @@ AllowOverwrite			on
 </Directory>
 
 # SQL settings
-SQLAuthTypes Crypt
+SQLAuthTypes Crypt OpenSSL
 SQLAuthenticate users* groups*
 SQLConnectInfo <SQL_DB>@<SQL_HOST> <SQL_UNPRIVILEGED_USER> <SQL_UNPRIVILEGED_PASSWORD>
 SQLUserInfo ftp_users username password uid gid homedir shell

lib/configfiles/jammy.xml

@@ -3678,7 +3678,7 @@ SQLEngine on
 SQLAuthenticate on
 #
 # Use both an encrypted or plaintext password
-SQLAuthTypes Crypt
+SQLAuthTypes Crypt OpenSSL
 
 SQLAuthenticate users* groups*