mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2024-09-19 19:22:14 +02:00
pacrypt(): allow switching between dovecot:* password schemes
Dovecot password hashes include a {SCHEME} prefix, so it's possible to switch the scheme while still accepting passwords hashed using the previous dovecot:* scheme. This patch adds the code needed to find out the used hashing scheme from the hash and ensures it gets used to validate the password. Patch by Aaron Lindsay <aaron AT aclindsay com> (sent to the ML) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1875 a1433add-5e2c-0410-b055-b7f2511e0802
This commit is contained in:
parent
62b872491f
commit
bbec3e9f0e
@ -9,6 +9,13 @@
|
||||
# Last update:
|
||||
# $Id$
|
||||
|
||||
Changes since the 3.0.1 release
|
||||
-------------------------------------------------
|
||||
|
||||
- allow switching between dovecot:* password schemes while still accepting
|
||||
passwords hashed using the previous dovecot:* scheme
|
||||
- FetchmailHandler: use a valid date as default for 'date'
|
||||
|
||||
Version 3.0.1 - 2016/09/19 - SVN r1870
|
||||
-------------------------------------------------
|
||||
|
||||
|
@ -933,7 +933,9 @@ function pacrypt ($pw, $pw_db="") {
|
||||
|
||||
elseif (preg_match("/^dovecot:/", $CONF['encrypt'])) {
|
||||
$split_method = preg_split ('/:/', $CONF['encrypt']);
|
||||
$method = strtoupper($split_method[1]); # TODO: if $pw_db starts with {method}, change $method accordingly
|
||||
$method = strtoupper($split_method[1]);
|
||||
# If $pw_db starts with {method}, change $method accordingly
|
||||
if (!empty($pw_db) && preg_match('/^\{([A-Z0-9.-]+)\}.+/', $pw_db, $method_matches)) { $method = $method_matches[1]; }
|
||||
if (! preg_match("/^[A-Z0-9.-]+$/", $method)) { die("invalid dovecot encryption method"); } # TODO: check against a fixed list?
|
||||
# if (strtolower($method) == 'md5-crypt') die("\$CONF['encrypt'] = 'dovecot:md5-crypt' will not work because dovecotpw generates a random salt each time. Please use \$CONF['encrypt'] = 'md5crypt' instead.");
|
||||
# $crypt_method = preg_match ("/.*-CRYPT$/", $method);
|
||||
|
Loading…
Reference in New Issue
Block a user