SF.net SVN: postfixadmin:[1875] trunk

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 1875
          http://sourceforge.net/p/postfixadmin/code/1875
Author:   christian_boltz
Date:     2016-10-20 20:15:15 +0000 (Thu, 20 Oct 2016)
Log Message:
-----------
pacrypt(): allow switching between dovecot:* password schemes

Dovecot password hashes include a {SCHEME} prefix, so it's possible to
switch the scheme while still accepting passwords hashed using the
previous dovecot:* scheme.

This patch adds the code needed to find out the used hashing scheme
from the hash and ensures it gets used to validate the password.

Patch by Aaron Lindsay <aaron AT aclindsay com> (sent to the ML)

Modified Paths:
--------------
    trunk/CHANGELOG.TXT
    trunk/functions.inc.php

Modified: trunk/CHANGELOG.TXT
===================================================================

--- trunk/CHANGELOG.TXT	2016-10-18 19:49:13 UTC (rev 1874)
+++ trunk/CHANGELOG.TXT	2016-10-20 20:15:15 UTC (rev 1875)
@@ -9,6 +9,13 @@
 # Last update:
 # $Id$
 
+Changes since the 3.0.1 release
+-------------------------------------------------
+
+  - allow switching between dovecot:* password schemes while still accepting
+    passwords hashed using the previous dovecot:* scheme
+  - FetchmailHandler: use a valid date as default for 'date'
+
 Version 3.0.1 - 2016/09/19 - SVN r1870
 -------------------------------------------------
 

Modified: trunk/functions.inc.php
===================================================================
--- trunk/functions.inc.php	2016-10-18 19:49:13 UTC (rev 1874)
+++ trunk/functions.inc.php	2016-10-20 20:15:15 UTC (rev 1875)
@@ -933,7 +933,9 @@
     
     elseif (preg_match("/^dovecot:/", $CONF['encrypt'])) {
         $split_method = preg_split ('/:/', $CONF['encrypt']);
-        $method       = strtoupper($split_method[1]); # TODO: if $pw_db starts with {method}, change $method accordingly
+        $method       = strtoupper($split_method[1]);
+        # If $pw_db starts with {method}, change $method accordingly
+        if (!empty($pw_db) && preg_match('/^\{([A-Z0-9.-]+)\}.+/', $pw_db, $method_matches)) { $method = $method_matches[1]; }
         if (! preg_match("/^[A-Z0-9.-]+$/", $method)) { die("invalid dovecot encryption method"); }  # TODO: check against a fixed list?
         # if (strtolower($method) == 'md5-crypt') die("\$CONF['encrypt'] = 'dovecot:md5-crypt' will not work because dovecotpw generates a random salt each time. Please use \$CONF['encrypt'] = 'md5crypt' instead."); 
         # $crypt_method = preg_match ("/.*-CRYPT$/", $method);

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



