mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2024-09-19 19:22:14 +02:00
update changelog; try and improve tests
This commit is contained in:
parent
d4c19506b3
commit
ff2a7c96d4
@ -6,6 +6,11 @@
|
||||
#
|
||||
# Further details on the project are available at https://github.com/postfixadmin/postfixadmin
|
||||
|
||||
Version 3.3.3 - 2021/01/14
|
||||
-------------------------------------------------
|
||||
- Improve error handling around login (require non-empty password; cope with pacrypt() throwing an exception; see https://github.com/postfixadmin/postfixadmin/issues/420)
|
||||
- Improve setup.php (show error messages in admin creation form, fix unable to create admin - see https://github.com/postfixadmin/postfixadmin/issues/418)
|
||||
|
||||
Version 3.3.2 - 2021/01/13
|
||||
-------------------------------------------------
|
||||
- Add in the ability to specify a hash prefix with php_crypt password format, useful for Dovecot replacement. ( https://github.com/postfixadmin/postfixadmin/issues/344 )
|
||||
|
@ -560,7 +560,7 @@ abstract class PFAHandler {
|
||||
break;
|
||||
case 'pass':
|
||||
$val = (string) $val;
|
||||
$db_values[$key] = pacrypt($val);
|
||||
$db_values[$key] = pacrypt($val); // throws Exception
|
||||
break;
|
||||
case 'b64p':
|
||||
$db_values[$key] = base64_encode($val);
|
||||
|
@ -2,8 +2,12 @@
|
||||
|
||||
class LoginTest extends \PHPUnit\Framework\TestCase {
|
||||
public function setUp(): void {
|
||||
global $CONF;
|
||||
|
||||
$this->cleanUp();
|
||||
|
||||
$CONF['pacrypt'] = 'md5'; // crap
|
||||
|
||||
db_execute("INSERT INTO domain(`domain`, description, transport) values ('example.com', 'test', 'foo')", [], true);
|
||||
|
||||
db_execute(
|
||||
@ -40,6 +44,32 @@ VALUES(:username, :password, :name, :maildir, :local_part, :domain)",
|
||||
}
|
||||
|
||||
|
||||
public function testEmptyStringWithDovecot() {
|
||||
global $CONF;
|
||||
|
||||
if (!file_exists('/usr/bin/doveadm')) {
|
||||
$this->markTestSkipped("/usr/bin/doveadm doesn't exist.");
|
||||
}
|
||||
|
||||
$CONF['encrypt'] = 'dovecot:sha512';
|
||||
|
||||
|
||||
db_execute(
|
||||
"UPDATE mailbox SET password = :password WHERE username = :username",
|
||||
[
|
||||
'username' => 'test@example.com',
|
||||
'password' => '{SHA512}ClAmHr0aOQ/tK/Mm8mc8FFWCpjQtUjIElz0CGTN/gWFqgGmwElh89WNfaSXxtWw2AjDBmyc1AO4BPgMGAb8kJQ==', // pacrypt('foobar'),
|
||||
]
|
||||
);
|
||||
|
||||
$l = new Login('mailbox');
|
||||
$this->assertFalse($l->login('test@example.com', ''));
|
||||
|
||||
$this->assertTrue($l->login('test@example.com', 'foobar'));
|
||||
|
||||
$this->assertFalse($l->login('test@fails.com', 'foobar'));
|
||||
}
|
||||
|
||||
public function testValidLogin() {
|
||||
$login = new Login('mailbox');
|
||||
|
||||
|
@ -11,7 +11,6 @@ class PaCryptTest extends \PHPUnit\Framework\TestCase {
|
||||
}
|
||||
|
||||
public function testCrypt() {
|
||||
|
||||
// E_NOTICE if we pass in '' for the salt
|
||||
$hash = _pacrypt_crypt('test', 'sa');
|
||||
|
||||
@ -55,7 +54,8 @@ class PaCryptTest extends \PHPUnit\Framework\TestCase {
|
||||
'md5' => 'CY9rzUYh03PK3k6DJie09g==',
|
||||
// crypt requires salt ...
|
||||
'SHA' => 'qUqP5cyxm6YcTAhz05Hph5gvu9M='
|
||||
] as $flavour => $hash) {
|
||||
] as $flavour => $hash
|
||||
) {
|
||||
$CONF['authlib_default_flavour'] = $flavour;
|
||||
|
||||
$stored = "{" . $flavour . "}$hash";
|
||||
@ -80,6 +80,13 @@ class PaCryptTest extends \PHPUnit\Framework\TestCase {
|
||||
$this->assertEquals($expected_hash, _pacrypt_dovecot('test', ''));
|
||||
|
||||
$this->assertEquals($expected_hash, _pacrypt_dovecot('test', $expected_hash));
|
||||
|
||||
// This should also work.
|
||||
$sha512 = '{SHA512}ClAmHr0aOQ/tK/Mm8mc8FFWCpjQtUjIElz0CGTN/gWFqgGmwElh89WNfaSXxtWw2AjDBmyc1AO4BPgMGAb8kJQ=='; // foobar
|
||||
$this->assertEquals($sha512, _pacrypt_dovecot('foobar', $sha512));
|
||||
|
||||
$sha512 = '{SHA512}ClAmHr0aOQ/tK/Mm8mc8FFWCpjQtUjIElz0CGTN/gWFqgGmwElh89WNfaSXxtWw2AjDBmyc1AO4BPgMGAb8kJQ=='; // foobar
|
||||
$this->assertNotEquals($sha512, _pacrypt_dovecot('foobarbaz', $sha512));
|
||||
}
|
||||
|
||||
public function testPhpCrypt() {
|
||||
|
Loading…
Reference in New Issue
Block a user