diff options
| author | Paweł Słowik <pawel.slowik@iq.pl> | 2012-09-13 14:24:01 +0200 |
|---|---|---|
| committer | Paweł Słowik <pawel.slowik@iq.pl> | 2012-09-13 14:24:01 +0200 |
| commit | 2cdaa79dce689b2dc9ef5c7bf3dcbd9446d86c21 (patch) | |
| tree | 7482d3bd9a71a9913f4e28392b09e11c519987de /plugins/password/drivers | |
| parent | 92a030d928246cfc5f3c0b1f2538dc1bfb4777e3 (diff) | |
| parent | d7439260770eb1f70cdc5abf5df13e6c62ff3991 (diff) | |
Merge branch 'master' of https://github.com/roundcube/roundcubemail
Diffstat (limited to 'plugins/password/drivers')
| -rw-r--r-- | plugins/password/drivers/sql.php | 41 | ||||
| -rw-r--r-- | plugins/password/drivers/virtualmin.php | 4 |
2 files changed, 37 insertions, 8 deletions
diff --git a/plugins/password/drivers/sql.php b/plugins/password/drivers/sql.php index 449e2df5b..8bdcabf83 100644 --- a/plugins/password/drivers/sql.php +++ b/plugins/password/drivers/sql.php @@ -40,13 +40,38 @@ class rcube_sql_password // crypted password if (strpos($sql, '%c') !== FALSE) { $salt = ''; - if (CRYPT_MD5) { - // Always use eight salt characters for MD5 (#1488136) - $len = 8; - } else if (CRYPT_STD_DES) { - $len = 2; - } else { - return PASSWORD_CRYPT_ERROR; + + if (!($crypt_hash = $rcmail->config->get('password_crypt_hash'))) + { + if (CRYPT_MD5) + $crypt_hash = 'md5'; + else if (CRYPT_STD_DES) + $crypt_hash = 'des'; + } + + switch ($crypt_hash) + { + case 'md5': + $len = 8; + $salt_hashindicator = '$1$'; + break; + case 'des': + $len = 2; + break; + case 'blowfish': + $len = 22; + $salt_hashindicator = '$2a$'; + break; + case 'sha256': + $len = 16; + $salt_hashindicator = '$5$'; + break; + case 'sha512': + $len = 16; + $salt_hashindicator = '$6$'; + break; + default: + return PASSWORD_CRYPT_ERROR; } //Restrict the character set used as salt (#1488136) @@ -55,7 +80,7 @@ class rcube_sql_password $salt .= $seedchars[rand(0, 63)]; } - $sql = str_replace('%c', $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt)), $sql); + $sql = str_replace('%c', $db->quote(crypt($passwd, $salt_hashindicator ? $salt_hashindicator .$salt.'$' : $salt)), $sql); } // dovecotpw diff --git a/plugins/password/drivers/virtualmin.php b/plugins/password/drivers/virtualmin.php index b2547e07f..f9eca9633 100644 --- a/plugins/password/drivers/virtualmin.php +++ b/plugins/password/drivers/virtualmin.php @@ -48,6 +48,10 @@ class rcube_virtualmin_password $pieces = explode("_", $username); $domain = $pieces[0]; break; + case 8: // domain taken from alias, username left as it was + $email = $rcmail->user->data['alias']; + $domain = substr(strrchr($email, "@"), 1); + break; default: // username@domain $domain = substr(strrchr($username, "@"), 1); } |