Merge branch 'master' of github.com:roundcube/roundcubemail

author: Thomas Bruederli <thomas@roundcube.net> 2012-09-17 19:25:57 +0200
committer: Thomas Bruederli <thomas@roundcube.net> 2012-09-17 19:25:57 +0200
commit: e8e2e76ed987d911ec878345e88d3c611a4b7b32 (patch)
tree: ae43d047a288e58d7e9c8e3ac8885dc12bc436a2 /plugins/password/drivers/sql.php
parent: ba3cd80c0c61e679cef92a1f4f51e645090a1472 (diff)
parent: 32ba62889c1def94f555c3e683fc8087ee16c9b3 (diff)
1 files changed, 33 insertions, 8 deletions
diff --git a/plugins/password/drivers/sql.php b/plugins/password/drivers/sql.php
index 449e2df5b..8bdcabf83 100644
--- a/plugins/password/drivers/sql.php
+++ b/plugins/password/drivers/sql.php
@@ -40,13 +40,38 @@ class rcube_sql_password
         // crypted password
         if (strpos($sql, '%c') !== FALSE) {
             $salt = '';
-            if (CRYPT_MD5) {
-                // Always use eight salt characters for MD5 (#1488136)
-    	        $len = 8;
-            } else if (CRYPT_STD_DES) {
-        	    $len = 2;
-            } else {
-        	    return PASSWORD_CRYPT_ERROR;
+
+            if (!($crypt_hash = $rcmail->config->get('password_crypt_hash')))
+            {
+                if (CRYPT_MD5)
+                    $crypt_hash = 'md5';
+                else if (CRYPT_STD_DES)
+                    $crypt_hash = 'des';
+            }
+            
+            switch ($crypt_hash)
+            {
+            case 'md5':
+                $len = 8;
+                $salt_hashindicator = '$1$';
+                break;
+            case 'des':
+                $len = 2;
+                break;
+            case 'blowfish':
+                $len = 22;
+                $salt_hashindicator = '$2a$';
+                break;
+            case 'sha256':
+                $len = 16;
+                $salt_hashindicator = '$5$';
+                break;
+            case 'sha512':
+                $len = 16;
+                $salt_hashindicator = '$6$';
+                break;
+            default:
+                return PASSWORD_CRYPT_ERROR;
             }
 
             //Restrict the character set used as salt (#1488136)
@@ -55,7 +80,7 @@ class rcube_sql_password
     	        $salt .= $seedchars[rand(0, 63)];
             }
 
-            $sql = str_replace('%c',  $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt)), $sql);
+            $sql = str_replace('%c',  $db->quote(crypt($passwd, $salt_hashindicator ? $salt_hashindicator .$salt.'$' : $salt)), $sql);
         }
 
         // dovecotpw
author	Thomas Bruederli <thomas@roundcube.net>	2012-09-17 19:25:57 +0200
committer	Thomas Bruederli <thomas@roundcube.net>	2012-09-17 19:25:57 +0200
commit	e8e2e76ed987d911ec878345e88d3c611a4b7b32 (patch)
tree	ae43d047a288e58d7e9c8e3ac8885dc12bc436a2 /plugins/password/drivers/sql.php
parent	ba3cd80c0c61e679cef92a1f4f51e645090a1472 (diff)
parent	32ba62889c1def94f555c3e683fc8087ee16c9b3 (diff)