diff options
author | defa <defa@so36.net> | 2012-08-27 17:57:45 +0200 |
---|---|---|
committer | defa <defa@so36.net> | 2012-08-27 17:57:45 +0200 |
commit | 5e9b40a0d5d6c0d0205c761cee0991417cc78451 (patch) | |
tree | a306ff1b1f1a16a768b0a360c353d05c320a6400 /plugins | |
parent | 5f8097b9eba09302be561d67ce035275494043e3 (diff) |
added more digest-support to crypt-function
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/password/drivers/sql.php | 36 |
1 files changed, 28 insertions, 8 deletions
diff --git a/plugins/password/drivers/sql.php b/plugins/password/drivers/sql.php index 449e2df5b..ec04048f6 100644 --- a/plugins/password/drivers/sql.php +++ b/plugins/password/drivers/sql.php @@ -40,13 +40,33 @@ class rcube_sql_password // crypted password if (strpos($sql, '%c') !== FALSE) { $salt = ''; - if (CRYPT_MD5) { - // Always use eight salt characters for MD5 (#1488136) - $len = 8; - } else if (CRYPT_STD_DES) { - $len = 2; - } else { - return PASSWORD_CRYPT_ERROR; + + if (!($crypt_digest = $rcmail->config->get('password_crypt_digest'))) + $crypt_digest = CRYPT_MD5; + + switch ($crypt_digest) + { + case CRYPT_MD5: + $len = 8; + $salt_digest = '$1$'; + break; + case CRYPT_STD_DES: + $len = 2; + break; + case CRYPT_BLOWFISH: + $len = 22; + $salt_digest = '$2a$'; + break; + case CRYPT_SHA256: + $len = 16; + $salt_digest = '$5$'; + break; + case CRYPT_SHA512: + $len = 16; + $salt_digest = '$6$'; + break; + default: + return PASSWORD_CRYPT_ERROR; } //Restrict the character set used as salt (#1488136) @@ -55,7 +75,7 @@ class rcube_sql_password $salt .= $seedchars[rand(0, 63)]; } - $sql = str_replace('%c', $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt)), $sql); + $sql = str_replace('%c', $db->quote(crypt($passwd, $salt_digest ? $salt_digest .$salt.'$' : $salt)), $sql); } // dovecotpw |