SF.net SVN: postfixadmin:[1159] branches/postfixadmin-2.3

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 1159
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1159&view=rev
Author:   christian_boltz
Date:     2011-08-02 19:59:57 +0000 (Tue, 02 Aug 2011)

Log Message:
-----------
functions.inc.php - pacrypt():
- if dovecotpw does not give the expected output, read stderr and write
  it to error_log()
- backported from SVN trunk r1071

Modified Paths:
--------------
    branches/postfixadmin-2.3/CHANGELOG.TXT
    branches/postfixadmin-2.3/functions.inc.php

Modified: branches/postfixadmin-2.3/CHANGELOG.TXT
===================================================================

--- branches/postfixadmin-2.3/CHANGELOG.TXT	2011-08-01 23:31:03 UTC (rev 1158)
+++ branches/postfixadmin-2.3/CHANGELOG.TXT	2011-08-02 19:59:57 UTC (rev 1159)
@@ -19,6 +19,7 @@
   - create-domain: force domain name to lowercase to avoid problems with PgSQL
     foreign keys
   - fix vacation.pl to log to "mail" syslog facility
+  - error_log() dovecotpw error messages
 
 Version 2.3.3 - 2011/03/14 - SVN r1010 (postfixadmin-2.3 branch)
 ---------------------------------------------------------------

Modified: branches/postfixadmin-2.3/functions.inc.php
===================================================================
--- branches/postfixadmin-2.3/functions.inc.php	2011-08-01 23:31:03 UTC (rev 1158)
+++ branches/postfixadmin-2.3/functions.inc.php	2011-08-02 19:59:57 UTC (rev 1159)
@@ -1234,7 +1234,8 @@
         # Use proc_open call to avoid safe_mode problems and to prevent showing plain password in process table
         $spec = array(
             0 => array("pipe", "r"), // stdin
-            1 => array("pipe", "w") // stdout
+            1 => array("pipe", "w"), // stdout
+            2 => array("pipe", "w"), // stderr
         );
 
         $pipe = proc_open("$dovecotpw '-s' $method", $spec, $pipes);
@@ -1250,10 +1251,18 @@
 
             // Read hash from pipe stdout
             $password = fread($pipes[1], "200");
-    		fclose($pipes[1]);
+
+            if ( !preg_match('/^\{' . $method . '\}/', $password)) {
+                $stderr_output = stream_get_contents($pipes[2]);
+                error_log('dovecotpw password encryption failed.');
+                error_log('STDERR output: ' . $stderr_output);
+                die("can't encrypt password with dovecotpw, see error log for details"); 
+            }
+
+            fclose($pipes[1]);
+            fclose($pipes[2]);
             proc_close($pipe);
 
-            if ( !preg_match('/^\{' . $method . '\}/', $password)) { die("can't encrypt password with dovecotpw"); }
             $password = trim(str_replace('{' . $method . '}', '', $password));
         }
     }


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


