Server side modifications

Fix bad implementation of PKDBF2 and HMAC
New protocol version (2)

server/functions.php

@@ -24,16 +24,11 @@
   
   Password is salted (3 random characters) and encrypted
 
-  All is encrypted with AES256 and key : sha256(master key)
+  All is encrypted with AES256 and key : PKDBF2(hmac_sha256, master key, url, 1000)
  */
 $MAX_ENTRY_LEN = 512;
 $USERS_PATH = "./users/";
 
-function get_mkey_hash($mkey)
-{
-    return bin2hex(hash("sha256", $mkey, true));
-}
-
 function open_crypto($mkey)
 {
     if (!isset($_SESSION['td']))
@@ -191,6 +186,8 @@ function add_entry($user, $login, $password)
 
     $result = $db->query("INSERT INTO gpass ('login', 'password') VALUES ('" . $login . "', '" . $password . "')");
 
+    $db->close();
+
     echo "OK";
 
     return true;
@@ -208,6 +205,8 @@ function delete_entry($user, $login)
 
     $db->query("DELETE FROM gpass WHERE login='" . $login . "'");
 
+    $db->close();
+
     echo "OK";
 
     return true;