summaryrefslogtreecommitdiff
path: root/plugins/password/drivers
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2014-10-18 14:47:54 +0200
committerAleksander Machniak <alec@alec.pl>2014-10-18 14:47:54 +0200
commitced34cb15e095836767971aa4d27b141fb1d7ec9 (patch)
tree11fc1ec97294b546a81334cdaccad0625357af3e /plugins/password/drivers
parent517b6cff1fea871e0fbb13a5e0b16f40961cad78 (diff)
parent84296e1b9339aa0857ea8ba32e060405d43d1c1f (diff)
Merge pull request #230 from bytesatwork-xx/master
Password Plugin / LDAP Driver: Add support for CRAM-MD5 and multiple userPassword values
Diffstat (limited to 'plugins/password/drivers')
-rw-r--r--plugins/password/drivers/ldap.php23
1 files changed, 21 insertions, 2 deletions
diff --git a/plugins/password/drivers/ldap.php b/plugins/password/drivers/ldap.php
index 340dd29f8..2d29a55b9 100644
--- a/plugins/password/drivers/ldap.php
+++ b/plugins/password/drivers/ldap.php
@@ -78,7 +78,20 @@ class rcube_ldap_password
return PASSWORD_CONNECT_ERROR;
}
- $crypted_pass = self::hash_password($passwd, $rcmail->config->get('password_ldap_encodage'));
+ $encodage = $rcmail->config->get('password_ldap_encodage');
+
+ // Support multiple userPassword values where desired.
+ // multiple encodings can be specified separated by '+' (e.g. "cram-md5+ssha")
+ $encodages = explode('+',$encodage);
+ $crypted_pass = array();
+
+ foreach($encodages as $enc) {
+ $cpw = self::hash_password($passwd, $enc);
+ if(!empty($cpw)) {
+ $crypted_pass[] = $cpw;
+ }
+ }
+
$force = $rcmail->config->get('password_ldap_force_replace');
$pwattr = $rcmail->config->get('password_ldap_pwattr');
$lchattr = $rcmail->config->get('password_ldap_lchattr');
@@ -93,7 +106,7 @@ class rcube_ldap_password
}
// Crypt new password
- if (!$crypted_pass) {
+ if (empty($crypted_pass)) {
return PASSWORD_CRYPT_ERROR;
}
@@ -297,6 +310,7 @@ class rcube_ldap_password
}
break;
+
case 'smd5':
mt_srand((double) microtime() * 1000000);
$salt = substr(pack('h*', md5(mt_rand())), 0, 8);
@@ -332,6 +346,11 @@ class rcube_ldap_password
$crypted_password = rcube_charset::convert('"' . $password_clear . '"', RCUBE_CHARSET, 'UTF-16LE');
break;
+ case 'cram-md5':
+ require_once(dirname(__FILE__).'/../helpers/dovecot_hmacmd5.php');
+ return dovecot_hmacmd5($password_clear);
+ break;
+
case 'clear':
default:
$crypted_password = $password_clear;