summaryrefslogtreecommitdiff
path: root/plugins/password/drivers/ldap.php
diff options
context:
space:
mode:
authoralecpl <alec@alec.pl>2011-02-16 10:48:11 +0000
committeralecpl <alec@alec.pl>2011-02-16 10:48:11 +0000
commit207cc0b9b3cfdfb29e4f02e83014320fd12eeb68 (patch)
tree2409f20c1b1d83413f39a274333df59137052617 /plugins/password/drivers/ldap.php
parent1a2754d18ca079ea55e4c272d7cdc9dc33c00179 (diff)
- Applied plugin changes since 0.5-stable release
Diffstat (limited to 'plugins/password/drivers/ldap.php')
-rw-r--r--plugins/password/drivers/ldap.php57
1 files changed, 41 insertions, 16 deletions
diff --git a/plugins/password/drivers/ldap.php b/plugins/password/drivers/ldap.php
index e4d91fe1b..a18f349d7 100644
--- a/plugins/password/drivers/ldap.php
+++ b/plugins/password/drivers/ldap.php
@@ -62,43 +62,59 @@ function password_save($curpass, $passwd)
return PASSWORD_CONNECT_ERROR;
}
- // Crypting new password
- $newCryptedPassword = hashPassword($passwd, $rcmail->config->get('password_ldap_encodage'));
- if (!$newCryptedPassword) {
+ $crypted_pass = hashPassword($passwd, $rcmail->config->get('password_ldap_encodage'));
+ $force = $rcmail->config->get('password_ldap_force_replace');
+ $pwattr = $rcmail->config->get('password_ldap_pwattr');
+ $lchattr = $rcmail->config->get('password_ldap_lchattr');
+ $smbpwattr = $rcmail->config->get('password_ldap_samba_pwattr');
+ $smblchattr = $rcmail->config->get('password_ldap_samba_lchattr');
+ $samba = $rcmail->config->get('password_ldap_samba');
+
+ // Support password_ldap_samba option for backward compat.
+ if ($samba && !$smbpwattr) {
+ $smbpwattr = 'sambaNTPassword';
+ $smblchattr = 'sambaPwdLastSet';
+ }
+
+ // Crypt new password
+ if (!$crypted_pass) {
return PASSWORD_CRYPT_ERROR;
}
+ // Crypt new samba password
+ if ($smbpwattr && !($samba_pass = hashPassword($passwd, 'samba'))) {
+ return PASSWORD_CRYPT_ERROR;
+ }
+
// Writing new crypted password to LDAP
$userEntry = $ldap->getEntry($userDN);
if (Net_LDAP2::isError($userEntry)) {
return PASSWORD_CONNECT_ERROR;
}
- $pwattr = $rcmail->config->get('password_ldap_pwattr');
- $force = $rcmail->config->get('password_ldap_force_replace');
-
- if (!$userEntry->replace(array($pwattr => $newCryptedPassword), $force)) {
+ if (!$userEntry->replace(array($pwattr => $crypted_pass), $force)) {
return PASSWORD_CONNECT_ERROR;
}
// Updating PasswordLastChange Attribute if desired
- if ($lchattr = $rcmail->config->get('password_ldap_lchattr')) {
+ if ($lchattr) {
$current_day = (int)(time() / 86400);
if (!$userEntry->replace(array($lchattr => $current_day), $force)) {
return PASSWORD_CONNECT_ERROR;
}
}
- if (Net_LDAP2::isError($userEntry->update())) {
- return PASSWORD_CONNECT_ERROR;
+ // Update Samba password and last change fields
+ if ($smbpwattr) {
+ $userEntry->replace(array($smbpwattr => $samba_pass), $force);
+ }
+ // Update Samba password last change field
+ if ($smblchattr) {
+ $userEntry->replace(array($smblchattr => time()), $force);
}
- // Update Samba password fields, ignore errors if attributes are not found
- if ($rcmail->config->get('password_ldap_samba')) {
- $sambaNTPassword = hash('md4', rcube_charset_convert($passwd, RCMAIL_CHARSET, 'UTF-16LE'));
- $userEntry->replace(array('sambaNTPassword' => $sambaNTPassword), $force);
- $userEntry->replace(array('sambaPwdLastSet' => time()), $force);
- $userEntry->update();
+ if (Net_LDAP2::isError($userEntry->update())) {
+ return PASSWORD_CONNECT_ERROR;
}
// All done, no error
@@ -253,6 +269,15 @@ function hashPassword( $passwordClear, $encodageType )
}
break;
+ case 'samba':
+ if (function_exists('hash')) {
+ $cryptedPassword = hash('md4', rcube_charset_convert($password_clear, RCMAIL_CHARSET, 'UTF-16LE'));
+ } else {
+ /* Your PHP install does not have the hash() function */
+ return false;
+ }
+ break;
+
case 'clear':
default:
$cryptedPassword = $passwordClear;