Merge branch 'master' of github.com:roundcube/roundcubemail

Conflicts: CHANGELOG
author: Aleksander Machniak <alec@alec.pl> 2012-09-14 14:31:39 +0200
committer: Aleksander Machniak <alec@alec.pl> 2012-09-14 14:31:39 +0200
commit: d409a545c2ec28b57711c4a6ee6f66b4916932b7 (patch)
tree: 9e69ff298cafbe78c1abca0aa6491e1c85f89712 /plugins/password/drivers/sql.php
parent: bf1d94076ddf79df7787f89ff373666d6fbcf30f (diff)
parent: c563c2cc26bd947a5ccee6cae13dc11047d69f09 (diff)
1 files changed, 33 insertions, 8 deletions
diff --git a/plugins/password/drivers/sql.php b/plugins/password/drivers/sql.php
index 449e2df5b..8bdcabf83 100644
--- a/plugins/password/drivers/sql.php
+++ b/plugins/password/drivers/sql.php
@@ -40,13 +40,38 @@ class rcube_sql_password
         // crypted password
         if (strpos($sql, '%c') !== FALSE) {
             $salt = '';
-            if (CRYPT_MD5) {
-                // Always use eight salt characters for MD5 (#1488136)
-    	        $len = 8;
-            } else if (CRYPT_STD_DES) {
-        	    $len = 2;
-            } else {
-        	    return PASSWORD_CRYPT_ERROR;
+
+            if (!($crypt_hash = $rcmail->config->get('password_crypt_hash')))
+            {
+                if (CRYPT_MD5)
+                    $crypt_hash = 'md5';
+                else if (CRYPT_STD_DES)
+                    $crypt_hash = 'des';
+            }
+            
+            switch ($crypt_hash)
+            {
+            case 'md5':
+                $len = 8;
+                $salt_hashindicator = '$1$';
+                break;
+            case 'des':
+                $len = 2;
+                break;
+            case 'blowfish':
+                $len = 22;
+                $salt_hashindicator = '$2a$';
+                break;
+            case 'sha256':
+                $len = 16;
+                $salt_hashindicator = '$5$';
+                break;
+            case 'sha512':
+                $len = 16;
+                $salt_hashindicator = '$6$';
+                break;
+            default:
+                return PASSWORD_CRYPT_ERROR;
             }
 
             //Restrict the character set used as salt (#1488136)
@@ -55,7 +80,7 @@ class rcube_sql_password
     	        $salt .= $seedchars[rand(0, 63)];
             }
 
-            $sql = str_replace('%c',  $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt)), $sql);
+            $sql = str_replace('%c',  $db->quote(crypt($passwd, $salt_hashindicator ? $salt_hashindicator .$salt.'$' : $salt)), $sql);
         }
 
         // dovecotpw
author	Aleksander Machniak <alec@alec.pl>	2012-09-14 14:31:39 +0200
committer	Aleksander Machniak <alec@alec.pl>	2012-09-14 14:31:39 +0200
commit	d409a545c2ec28b57711c4a6ee6f66b4916932b7 (patch)
tree	9e69ff298cafbe78c1abca0aa6491e1c85f89712 /plugins/password/drivers/sql.php
parent	bf1d94076ddf79df7787f89ff373666d6fbcf30f (diff)
parent	c563c2cc26bd947a5ccee6cae13dc11047d69f09 (diff)