summaryrefslogtreecommitdiff
path: root/plugins/sasl_password
diff options
context:
space:
mode:
authoralecpl <alec@alec.pl>2009-06-20 07:28:33 +0000
committeralecpl <alec@alec.pl>2009-06-20 07:28:33 +0000
commit6bd74d8d51045923698f958fc917918411c6ca13 (patch)
treee4fb532d6de60be50eef00136fb520e1f177d62f /plugins/sasl_password
parent2dbc2d787a7d9acf85ac8b048d6a8a6c479ab428 (diff)
- Password plugin: implemented drivers
- removed password_sasl plugin
Diffstat (limited to 'plugins/sasl_password')
-rw-r--r--plugins/sasl_password/README65
-rw-r--r--plugins/sasl_password/chgsaslpasswd.c27
-rw-r--r--plugins/sasl_password/locale/de_CH.inc16
-rw-r--r--plugins/sasl_password/locale/en_US.inc16
-rw-r--r--plugins/sasl_password/locale/pl_PL.inc16
-rw-r--r--plugins/sasl_password/sasl_password.js43
-rw-r--r--plugins/sasl_password/sasl_password.php146
7 files changed, 0 insertions, 329 deletions
diff --git a/plugins/sasl_password/README b/plugins/sasl_password/README
deleted file mode 100644
index 3fbc448ff..000000000
--- a/plugins/sasl_password/README
+++ /dev/null
@@ -1,65 +0,0 @@
-+-------------------------------------------------------------------------+
-|
-| Author: Thomas Bruederli
-| Source: Squirrelmail Change SASL Password Plugin by Galen Johnson
-| Program: sasl_password
-| Version: 1.0
-| Purpose: Change Cyrus Account Passwords
-|
-+-------------------------------------------------------------------------+
-
-
-Purpose
--------
-Cyrus SASL database authentication allows your Cyrus+RoundCube
-installation to host mail users without requiring a Unix Shell account!
-
-This plugin only covers the "sasldb" case when using Cyrus SASL. Kerberos
-and PAM authentication mechanisms will require other techniques to enable
-user password manipulations.
-
-Cyrus SASL includes a shell utility called "saslpasswd" for manipulating
-user passwords in the "sasldb" database. This patch attempts to use
-this utility to perform password manipulations required by your webmail
-users without any administrative interaction. Unfortunately, this
-scheme requires that the "saslpasswd" utility be run as the "cyrus"
-user - kind of a security problem since we have chosen to SUID a small
-script which will allow this to happen.
-
-This plugin is based on the Squirrelmail Change SASL Password Plugin.
-See http://www.squirrelmail.org/plugin_view.php?id=107 for details.
-
-
-Installation
-------------
-Install just like any other plugin, just put it in the plugin directory
-and activate it by adding 'sasl_password' to the list of active plugins
-in config/main.inc.php
-
-Edit the chgsaslpasswd.c and chgsaslpasswd.sh files as is documented
-within them.
-
-Compile the wrapper program:
- gcc -o chgsaslpasswd chgsaslpasswd.c
-
-Chown the chgsaslpasswd and chgsaslpasswd.sh to the cyrus user and group
-that your browser runs as, then chmod them to 4550.
-
-For example, if your cyrus user is 'cyrus' and the apache server group is
-'nobody' (I've been told Redhat runs Apache as user 'apache'):
-
- chown cyrus:nobody chgsaslpasswd
- chmod 4550 chgsaslpasswd
-
-Stephen Carr has suggested users should try to run the scripts on a test
-account as the cyrus user eg;
-
- su cyrus -c "./chgsaslpasswd -p test_account"
-
-This will allow you to make sure that the script will work for your setup.
-Should the script not work, make sure that:
-1) the user the script runs as has access to the saslpasswd|saslpasswd2
- file and proper permissions
-2) make sure the user in the chgsaslpasswd.c file is set correctly.
- This could save you some headaches if you are the paranoid type.
-
diff --git a/plugins/sasl_password/chgsaslpasswd.c b/plugins/sasl_password/chgsaslpasswd.c
deleted file mode 100644
index 17e20c67f..000000000
--- a/plugins/sasl_password/chgsaslpasswd.c
+++ /dev/null
@@ -1,27 +0,0 @@
-#include <stdio.h>
-#include <unistd.h>
-
-// set the UID this script will run as (cyrus user)
-#define UID 96
-// set the path to saslpasswd or saslpasswd2
-#define CMD "/usr/sbin/saslpasswd2"
-
-/* INSTALLING:
- gcc -o chgsaslpasswd chgsaslpasswd.c
- chown root.apache chgsaslpasswd
- strip chgsaslpasswd
- chmod 4550 chgsaslpasswd
-*/
-
-main(int argc, char *argv[])
-{
- int rc,cc;
-
- cc = setuid(UID);
- rc = execvp(CMD, argv);
- if ((rc != 0) || (cc != 0))
- {
- fprintf(stderr,"__ %s: failed %d %d\n",argv[0],rc,cc);
- exit(1);
- }
-}
diff --git a/plugins/sasl_password/locale/de_CH.inc b/plugins/sasl_password/locale/de_CH.inc
deleted file mode 100644
index 399efda84..000000000
--- a/plugins/sasl_password/locale/de_CH.inc
+++ /dev/null
@@ -1,16 +0,0 @@
-<?php
-
-$labels = array();
-$labels['changepasswd'] = 'Passwort ändern';
-$labels['curpasswd'] = 'Aktuelles Passwort';
-$labels['newpasswd'] = 'Neues Passwort';
-$labels['confpasswd'] = 'Passwort Wiederholung';
-
-$messages = array();
-$messages['nopassword'] = "Bitte geben Sie ein neues Passwort ein";
-$messages['nocurpassword'] = "Bitte geben Sie Ihr aktuelles Passwort an";
-$messages['passwordincorrect'] = "Das aktuelle Passwort ist nicht korrekt";
-$messages['passwordinconsistency'] = "Das neue Passwort und dessen Wiederholung stimmen nicht überein";
-$messages['successfullysaved'] = "Ihr Passwort wurde erfolgreich geändert";
-
-?> \ No newline at end of file
diff --git a/plugins/sasl_password/locale/en_US.inc b/plugins/sasl_password/locale/en_US.inc
deleted file mode 100644
index 42708b34f..000000000
--- a/plugins/sasl_password/locale/en_US.inc
+++ /dev/null
@@ -1,16 +0,0 @@
-<?php
-
-$labels = array();
-$labels['changepasswd'] = 'Change Password';
-$labels['curpasswd'] = 'Current Password:';
-$labels['newpasswd'] = 'New Password:';
-$labels['confpasswd'] = 'Confirm New Password:';
-
-$messages = array();
-$messages['nopassword'] = "Please enter the new password";
-$messages['nocurpassword'] = "Please enter your current password";
-$messages['passwordincorrect'] = "Current password is incorrect";
-$messages['passwordinconsistency'] = "The new password and it's confirmation do not match";
-$messages['successfullysaved'] = "Successfully changed password";
-
-?> \ No newline at end of file
diff --git a/plugins/sasl_password/locale/pl_PL.inc b/plugins/sasl_password/locale/pl_PL.inc
deleted file mode 100644
index 10cf51ad6..000000000
--- a/plugins/sasl_password/locale/pl_PL.inc
+++ /dev/null
@@ -1,16 +0,0 @@
-<?php
-
-$labels = array();
-$labels['changepasswd'] = 'Zmiana hasła';
-$labels['curpasswd'] = 'Aktualne hasło:';
-$labels['newpasswd'] = 'Nowe hasło:';
-$labels['confpasswd'] = 'Potwierdź hasło:';
-
-$messages = array();
-$messages['nopassword'] = "Wprowadź nowe hasło";
-$messages['nocurpassword'] = "Wprowadź aktualne hasło";
-$messages['passwordincorrect'] = 'Błędne aktualne hasło, spróbuj ponownie.';
-$messages['passwordinconsistency'] = 'Hasła nie pasują, spróbuj ponownie.';
-$messages['successfullysaved'] = "Zapisano.";
-
-?> \ No newline at end of file
diff --git a/plugins/sasl_password/sasl_password.js b/plugins/sasl_password/sasl_password.js
deleted file mode 100644
index 719dc8268..000000000
--- a/plugins/sasl_password/sasl_password.js
+++ /dev/null
@@ -1,43 +0,0 @@
-/* SASL pssword change interface (tab) */
-
-function sasl_password_save()
-{
- var input_curpasswd = $('#saslcurpasswd')[0];
- var input_newpasswd = $('#saslnewpasswd')[0];
- var input_confpasswd = $('#saslconfpasswd')[0];
-
- if (input_curpasswd && input_curpasswd.value=='') {
- alert(rcmail.gettext('nocurpassword', 'sasl_password'));
- input_curpasswd.focus();
- }
- else if (input_newpasswd && input_newpasswd.value=='') {
- alert(rcmail.gettext('nopassword', 'sasl_password'));
- input_newpasswd.focus();
- }
- else if (input_confpasswd && input_confpasswd.value=='') {
- alert(rcmail.gettext('nopassword', 'sasl_password'));
- input_confpasswd.focus();
- }
- else if ((input_newpasswd && input_confpasswd) && (input_newpasswd.value != input_confpasswd.value)) {
- alert(rcmail.gettext('passwordinconsistency', 'sasl_password'));
- input_newpasswd.focus();
- }
- else {
- rcmail.gui_objects.passform.submit();
- }
-}
-
-if (window.rcmail) {
- rcmail.addEventListener('init', function(evt) {
- // <span id="settingstabdefault" class="tablink"><roundcube:button command="preferences" type="link" label="preferences" title="editpreferences" /></span>
- var tab = $('<span>').attr('id', 'settingstabpluginsaslpassword').addClass('tablink');
-
- var button = $('<a>').attr('href', rcmail.env.comm_path+'&_action=plugin.saslpassword').html(rcmail.gettext('password')).appendTo(tab);
- button.bind('click', function(e){ return rcmail.command('plugin.saslpassword', this) });
-
- // add button and register commands
- rcmail.add_element(tab, 'tabs');
- rcmail.register_command('plugin.saslpassword', function() { rcmail.goto_url('plugin.saslpassword') }, true);
- rcmail.register_command('plugin.saslpassword-save', sasl_password_save, true);
- });
-}
diff --git a/plugins/sasl_password/sasl_password.php b/plugins/sasl_password/sasl_password.php
deleted file mode 100644
index 0152ec2ba..000000000
--- a/plugins/sasl_password/sasl_password.php
+++ /dev/null
@@ -1,146 +0,0 @@
-<?php
-
-/**
- * Change SASL Password
- *
- * Plugin that adds functionality ty to change the users Cyrus/SASL password.
- * The code is derrived from the Squirrelmail "Change SASL Password" Plugin
- * by Galen Johnson.
- *
- * It only works with saslpasswd2 on the same host where RoundCube runs
- * and requires shell access and gcc in order to compile the binary.
- *
- * For installation instructions please read the README file.
- *
- * @version 1.0
- * @author Thomas Bruederli
- */
-class sasl_password extends rcube_plugin
-{
- public $task = 'settings';
-
- function init()
- {
- $rcmail = rcmail::get_instance();
- // add Tab label
- $rcmail->output->add_label('password');
- $this->register_action('plugin.saslpassword', array($this, 'password_init'));
- $this->register_action('plugin.saslpassword-save', array($this, 'password_save'));
- $this->include_script('sasl_password.js');
- }
-
- function password_init()
- {
- $this->add_texts('locale/');
- $this->register_handler('plugin.body', array($this, 'password_form'));
-
- $rcmail = rcmail::get_instance();
- $rcmail->output->set_pagetitle($this->gettext('changepasswd'));
- $rcmail->output->send('plugin');
- }
-
- function password_save()
- {
- $rcmail = rcmail::get_instance();
-
- $this->add_texts('locale/');
- $this->register_handler('plugin.body', array($this, 'password_form'));
-
- if (!isset($_POST['_curpasswd']) || !isset($_POST['_newpasswd'])) {
- $rcmail->output->command('display_message', $this->gettext('nopassword'), 'error');
- }
- else {
- $curpwd = get_input_value('_curpasswd', RCUBE_INPUT_POST);
- $newpwd = get_input_value('_newpasswd', RCUBE_INPUT_POST);
-
- if ($rcmail->decrypt($_SESSION['password']) != $curpwd) {
- $rcmail->output->command('display_message', $this->gettext('passwordincorrect'), 'error');
- }
- else if ($this->_save($newpwd)) {
- $rcmail->output->command('display_message', $this->gettext('successfullysaved'), 'confirmation');
- $_SESSION['password'] = $rcmail->encrypt($newpwd);
- }
- else {
- $rcmail->output->command('display_message', $this->gettext('errorsaving'), 'error');
- }
- }
-
- rcmail_overwrite_action('plugin.saslpassword');
- rcmail::get_instance()->output->send('plugin');
- }
-
- function password_form()
- {
- $rcmail = rcmail::get_instance();
-
- // add some labels to client
- $rcmail->output->add_label(
- 'sasl_password.nopassword',
- 'sasl_password.nocurpassword',
- 'sasl_password.passwordinconsistency',
- 'sasl_password.changepasswd'
- );
-
- $table = new html_table(array('cols' => 2));
-
- // show current password selection
- $field_id = 'saslcurpasswd';
- $input_newpasswd = new html_passwordfield(array('name' => '_curpasswd', 'id' => $field_id, 'size' => 25));
-
- $table->add('title', html::label($field_id, Q($this->gettext('curpasswd'))));
- $table->add(null, $input_newpasswd->show());
-
- // show new password selection
- $field_id = 'saslnewpasswd';
- $input_newpasswd = new html_passwordfield(array('name' => '_newpasswd', 'id' => $field_id, 'size' => 25));
-
- $table->add('title', html::label($field_id, Q($this->gettext('newpasswd'))));
- $table->add(null, $input_newpasswd->show());
-
- // show confirm password selection
- $field_id = 'saslconfpasswd';
- $input_confpasswd = new html_passwordfield(array('name' => '_confpasswd', 'id' => $field_id, 'size' => 25));
-
- $table->add('title', html::label($field_id, Q($this->gettext('confpasswd'))));
- $table->add(null, $input_confpasswd->show());
-
- $out = html::div(array('class' => "settingsbox", 'style' => "margin:0"),
- html::div(array('id' => "userprefs-title"), $this->gettext('changepasswd')) .
- html::div(array('style' => "padding:15px"), $table->show() .
- html::p(null,
- $rcmail->output->button(array(
- 'command' => 'plugin.saslpassword-save',
- 'type' => 'input',
- 'class' => 'button mainaction',
- 'label' => 'save'
- )))
- )
- );
-
- $rcmail->output->add_gui_object('passform', 'password-form');
-
- return $rcmail->output->form_tag(array(
- 'id' => 'password-form',
- 'name' => 'password-form',
- 'method' => 'post',
- 'action' => './?_task=settings&_action=plugin.saslpassword-save',
- ), $out);
- }
-
- private function _save($passwd)
- {
- $curdir = realpath(dirname(__FILE__));
- $username = escapeshellcmd($_SESSION['username']);
- $code = 1;
-
- if ($fh = popen("$curdir/chgsaslpasswd -p $username", 'w')) {
- fwrite($fh, $passwd."\n");
- $code = pclose($fh);
- }
-
- return ($code == 0);
- }
-
-}
-
-?>