diff options
Diffstat (limited to 'plugins/password')
-rw-r--r-- | plugins/password/README | 64 | ||||
-rw-r--r-- | plugins/password/package.xml | 21 |
2 files changed, 50 insertions, 35 deletions
diff --git a/plugins/password/README b/plugins/password/README index 2c57e0cf6..0ccc8ad23 100644 --- a/plugins/password/README +++ b/plugins/password/README @@ -24,8 +24,8 @@ @author <see driver files for driver authors> ----------------------------------------------------------------------- - 1. Configuration - 2. Drivers + 1. Configuration + 2. Drivers 2.1. Database (sql) 2.2. Cyrus/SASL (sasl) 2.3. Poppassd/Courierpassd (poppassd) @@ -44,7 +44,7 @@ 2.16. DBMail (dbmail) 2.17. Expect (expect) 2.18. Samba (smb) - 3. Driver API + 3. Driver API 1. Configuration @@ -72,33 +72,33 @@ - This is for use with LMS (http://lms.org.pl) database and postgres: - CREATE OR REPLACE FUNCTION update_passwd(hash text, account text) RETURNS integer AS $$ - DECLARE - res integer; - BEGIN - UPDATE passwd SET password = hash - WHERE login = split_part(account, '@', 1) - AND domainid = (SELECT id FROM domains WHERE name = split_part(account, '@', 2)) - RETURNING id INTO res; - RETURN res; - END; - $$ LANGUAGE plpgsql SECURITY DEFINER; + CREATE OR REPLACE FUNCTION update_passwd(hash text, account text) RETURNS integer AS $$ + DECLARE + res integer; + BEGIN + UPDATE passwd SET password = hash + WHERE login = split_part(account, '@', 1) + AND domainid = (SELECT id FROM domains WHERE name = split_part(account, '@', 2)) + RETURNING id INTO res; + RETURN res; + END; + $$ LANGUAGE plpgsql SECURITY DEFINER; - This is for use with a SELECT update_passwd(%o,%c,%u) query - Updates the password only when the old password matches the MD5 password - in the database - - CREATE FUNCTION update_password (oldpass text, cryptpass text, user text) RETURNS text - MODIFIES SQL DATA - BEGIN - DECLARE currentsalt varchar(20); - DECLARE error text; - SET error = 'incorrect current password'; - SELECT substring_index(substr(user.password,4),_latin1'$',1) INTO currentsalt FROM users WHERE username=user; - SELECT '' INTO error FROM users WHERE username=user AND password=ENCRYPT(oldpass,currentsalt); - UPDATE users SET password=cryptpass WHERE username=user AND password=ENCRYPT(oldpass,currentsalt); - RETURN error; - END + Updates the password only when the old password matches the MD5 password + in the database + + CREATE FUNCTION update_password (oldpass text, cryptpass text, user text) RETURNS text + MODIFIES SQL DATA + BEGIN + DECLARE currentsalt varchar(20); + DECLARE error text; + SET error = 'incorrect current password'; + SELECT substring_index(substr(user.password,4),_latin1'$',1) INTO currentsalt FROM users WHERE username=user; + SELECT '' INTO error FROM users WHERE username=user AND password=ENCRYPT(oldpass,currentsalt); + UPDATE users SET password=cryptpass WHERE username=user AND password=ENCRYPT(oldpass,currentsalt); + RETURN error; + END Example SQL UPDATEs: @@ -142,7 +142,7 @@ documented within it. Compile the wrapper program: - gcc -o chgsaslpasswd chgsaslpasswd.c + gcc -o chgsaslpasswd chgsaslpasswd.c Chown the compiled chgsaslpasswd binary to the cyrus user and group that your browser runs as, then chmod them to 4550. @@ -150,13 +150,13 @@ For example, if your cyrus user is 'cyrus' and the apache server group is 'nobody' (I've been told Redhat runs Apache as user 'apache'): - chown cyrus:nobody chgsaslpasswd - chmod 4550 chgsaslpasswd + chown cyrus:nobody chgsaslpasswd + chmod 4550 chgsaslpasswd Stephen Carr has suggested users should try to run the scripts on a test account as the cyrus user eg; - su cyrus -c "./chgsaslpasswd -p test_account" + su cyrus -c "./chgsaslpasswd -p test_account" This will allow you to make sure that the script will work for your setup. Should the script not work, make sure that: diff --git a/plugins/password/package.xml b/plugins/password/package.xml index be917917f..81427a986 100644 --- a/plugins/password/package.xml +++ b/plugins/password/package.xml @@ -15,9 +15,9 @@ <email>alec@alec.pl</email> <active>yes</active> </lead> - <date>2013-03-30</date> + <date>2013-04-28</date> <version> - <release>3.3</release> + <release>3.4</release> <api>2.0</api> </version> <stability> @@ -26,7 +26,7 @@ </stability> <license uri="http://www.gnu.org/licenses/gpl-2.0.html">GNU GPLv2</license> <notes> -Added new cPanel driver - fixes localization related issues (#1487015) +Added password_force_save option </notes> <contents> <dir baseinstalldir="/" name="/"> @@ -362,5 +362,20 @@ Added new cPanel driver - fixes localization related issues (#1487015) - Added option to define IMAP hosts that support password changes - password_hosts </notes> </release> + <release> + <date>2013-03-30</date> + <version> + <release>3.3</release> + <api>2.0</api> + </version> + <stability> + <release>stable</release> + <api>stable</api> + </stability> + <license uri="http://www.gnu.org/licenses/gpl-2.0.html">GNU GPLv2</license> + <notes> +Added new cPanel driver - fixes localization related issues (#1487015) + </notes> + </release> </changelog> </package> |