SF.net SVN: postfixadmin:[560] trunk

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 560
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=560&view=rev
Author:   roehrijn
Date:     2009-02-03 17:50:13 +0000 (Tue, 03 Feb 2009)

Log Message:
-----------
config.inc.php: 
- Added configuration for courier authlib authentication flavors

function.inc.php:
- changed pa_crypt to make it handle courier authlib authentication flavors

Modified Paths:
--------------
    trunk/config.inc.php
    trunk/functions.inc.php

Modified: trunk/config.inc.php
===================================================================

--- trunk/config.inc.php	2009-02-02 22:14:23 UTC (rev 559)
+++ trunk/config.inc.php	2009-02-03 17:50:13 UTC (rev 560)
@@ -89,8 +89,15 @@
 // system = whatever you have set as your PHP system default
 // cleartext = clear text passwords (ouch!)
 // mysql_encrypt = useful for PAM integration
+// authlib = support for courier-authlib style passwords
 $CONF['encrypt'] = 'md5crypt';
 
+// In what flavor should courier-authlib style passwords be enrypted?
+// md5 = {md5} + base64 encoded md5 hash
+// md5raw = {md5raw} + plain encoded md5 hash
+// crypt = {crypt} + Standard UNIX DES-enrypted with 2-character salt
+$CONF['authlib_default_flavor'] = 'md5raw';
+
 // Minimum length required for passwords. Postfixadmin will not
 // allow users to set passwords which are shorter than this value.
 $CONF['min_password_length'] = 5;

Modified: trunk/functions.inc.php
===================================================================
--- trunk/functions.inc.php	2009-02-02 22:14:23 UTC (rev 559)
+++ trunk/functions.inc.php	2009-02-03 17:50:13 UTC (rev 560)
@@ -256,7 +256,7 @@
             flash_error("emailcheck_resolve_domain is enabled, but function (checkdnsrr) missing!");
         }
     }
-
+    
     return true;
 }
 
@@ -1160,6 +1160,27 @@
         $l = db_row($res["result"]);
         $password = $l[0];
     }
+    
+    if ($CONF['encrypt'] == 'authlib') {
+    	$flavor = $CONF['authlib_default_flavor'];
+    	$salt = '  ';
+    	if(ereg('^{.*}', $pw_db)) {
+    		// we have a flavor in the db -> use it instead of default flavor
+    		$result = split('{|}', $pw_db, 3);
+    		$flavor = $result[1];  
+    		$salt = substr($result[2], 0, 2);  		
+    	}
+    	    	
+      	if(stripos($flavor, 'md5raw') === 0) {
+         	$password = '{' . $flavor . '}' . md5($pw);
+      	} else if(stripos($flavor, 'md5') === 0) {
+      		$password = '{' . $flavor . '}' . base64_encode(md5($pw, TRUE));
+      	} else if(stripos($flavor, 'crypt') === 0) {
+      		$password = '{' . $flavor . '}' . crypt($pw, $salt);
+      	}
+   	}
+    
+    
     $password = escape_string ($password);
     return $password;
 }


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


