summaryrefslogtreecommitdiff
path: root/plugins/password/drivers/ldap.php
diff options
context:
space:
mode:
authorLorenzo Perone <lorenzo.perone@bytesatwork.com>2014-10-14 23:22:46 +0200
committerLorenzo Perone <lorenzo.perone@bytesatwork.com>2014-10-14 23:22:46 +0200
commit3e3fcd4d2786930996be916b9ff3a0c46abc49c0 (patch)
treec8e3845948cdae79391299713873df7503db8022 /plugins/password/drivers/ldap.php
parentc45507e317bfc5310005d651a3818b2669541fba (diff)
Password Plugin / LDAP Driver:
- adds support for (optional) multiple userPassword values for compatibility with more authentication shemes - adds support for CRAM-MD5 scheme as implemented by doveadm pw (credits: see header of plugins/password/helpers/dovecot_hmacmd5.php)
Diffstat (limited to 'plugins/password/drivers/ldap.php')
-rw-r--r--plugins/password/drivers/ldap.php23
1 files changed, 21 insertions, 2 deletions
diff --git a/plugins/password/drivers/ldap.php b/plugins/password/drivers/ldap.php
index 340dd29f8..2cf2c1198 100644
--- a/plugins/password/drivers/ldap.php
+++ b/plugins/password/drivers/ldap.php
@@ -78,7 +78,20 @@ class rcube_ldap_password
return PASSWORD_CONNECT_ERROR;
}
- $crypted_pass = self::hash_password($passwd, $rcmail->config->get('password_ldap_encodage'));
+ $encodage = $rcmail->config->get('password_ldap_encodage');
+
+ // Support multiple userPassword values where desired.
+ // multiple encodings can be specified separated by '+' (e.g. "cram-md5+ssha")
+ $encodages = explode('+',$encodage);
+ $crypted_pass = array();
+
+ foreach($encodages as $enc) {
+ $cpw = self::hash_password($passwd, $enc);
+ if(!empty($cpw)) {
+ $crypted_pass[] = $cpw;
+ }
+ }
+
$force = $rcmail->config->get('password_ldap_force_replace');
$pwattr = $rcmail->config->get('password_ldap_pwattr');
$lchattr = $rcmail->config->get('password_ldap_lchattr');
@@ -93,7 +106,7 @@ class rcube_ldap_password
}
// Crypt new password
- if (!$crypted_pass) {
+ if (empty($crypted_pass)) {
return PASSWORD_CRYPT_ERROR;
}
@@ -297,6 +310,7 @@ class rcube_ldap_password
}
break;
+
case 'smd5':
mt_srand((double) microtime() * 1000000);
$salt = substr(pack('h*', md5(mt_rand())), 0, 8);
@@ -332,6 +346,11 @@ class rcube_ldap_password
$crypted_password = rcube_charset::convert('"' . $password_clear . '"', RCUBE_CHARSET, 'UTF-16LE');
break;
+ case 'cram-md5':
+ require_once(dirname(__FILE__).'/../helpers/dovecot_hmacmd5.php');
+ return dovecot_hmacmd5($password_clear);
+ break;
+
case 'clear':
default:
$crypted_password = $password_clear;