Fix for [ Bug #125985 ] Random Login Failure. Sometimes funky characters in

the onetimepad weren't coming back out of the session correctly.  The
onetimepad is now base64_encoded in the session.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@924 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/functions/strings.php b/functions/strings.php
index fc466528e902e0805844f777bd16c457e0af6620..2f89348fedbc4ce9dd5022c52bd0d744c74ab8ab 100644 (file)
--- a/functions/strings.php
+++ b/functions/strings.php
@@ -286,7 +286,8 @@
 
    // These functions are used to encrypt the passowrd before it is
    // stored in a cookie.
-   function OneTimePadEncrypt ($string, $pad) {
+   function OneTimePadEncrypt ($string, $epad) {
+      $pad = base64_decode($epad);
       for ($i = 0; $i < strlen ($string); $i++) {
         $encrypted .= chr (ord($string[$i]) ^ ord($pad[$i]));
       }
@@ -294,7 +295,8 @@
       return base64_encode($encrypted);
    }
 
-   function OneTimePadDecrypt ($string, $pad) {
+   function OneTimePadDecrypt ($string, $epad) {
+      $pad = base64_decode($epad);
       $encrypted = base64_decode ($string);
       
       for ($i = 0; $i < strlen ($encrypted); $i++) {
@@ -388,7 +390,7 @@
         $pad .= chr(mt_rand(0,255));
       }
 
-      return $pad;
+      return base64_encode($pad);
    }
 
    // Check if we have a required PHP-version. Return TRUE if we do,