Hello List,
I'm using courier-authlib together with postfix with user metadata
stored in a mysql database.
courier-authlib uses authentication flavors. Some examples:
{md5}MDbtZsfdyqbY0o7eDlJjKrQ==
{md5raw}be623121af8f94d0ddc1e052d17831d6
{crypt}AhlkDUpVER6dQ
I added support for such authetication flavors to postfixadmin and it
works in my setup. I attached a first patch which should clarify how I
would like to support this.
May I add this to trunk?
Best regards Jan
Index: config.inc.php
===================================================================
--- config.inc.php (revision 530)
+++ config.inc.php (working copy)
@@ -89,8 +89,15 @@
// system = whatever you have set as your PHP system default
// cleartext = clear text passwords (ouch!)
// mysql_encrypt = useful for PAM integration
+// authlib = support for courier-authlib style passwords
$CONF['encrypt'] = 'md5crypt';
+// In what flavor should courier-authlib style passwords be enrypted?
+// md5 = {md5} + base64 encoded md5 hash
+// md5raw = {md5raw} + plain encoded md5 hash
+// crypt = {crypt} + Standard UNIX DES-enrypted with 2-character salt
+$CONF['authlib_default_flavor'] = 'md5raw';
+
// Minimum length required for passwords. Postfixadmin will not
// allow users to set passwords which are shorter than this value.
$CONF['min_password_length'] = 5;
Index: functions.inc.php
===================================================================
--- functions.inc.php (revision 548)
+++ functions.inc.php (working copy)
@@ -256,7 +256,7 @@
flash_error("emailcheck_resolve_domain is enabled, but
function (checkdnsrr) missing!");
}
}
-
+
return true;
}
@@ -1160,6 +1160,27 @@
$l = db_row($res["result"]);
$password = $l[0];
}
+
+ if ($CONF['encrypt'] == 'authlib') {
+ $flavor = $CONF['authlib_default_flavor'];
+ $salt = ' ';
+ if(ereg('^{.*}', $pw_db)) {
+ // we have a flavor in the db -> use it instead of default flavor
+ $result = split('{|}', $pw_db, 3);
+ $flavor = $result[1];
+ $salt = substr($result[2], 0, 2);
+ }
+
+ if(stripos($flavor, 'md5raw') === 0) {
+ $password = '{' . $flavor . '}' . md5($pw);
+ } else if(stripos($flavor, 'md5') === 0) {
+ $password = '{' . $flavor . '}' . base64_encode(md5($pw, TRUE));
+ } else if(stripos($flavor, 'crypt') === 0) {
+ $password = '{' . $flavor . '}' . crypt($pw, $salt);
+ }
+ }
+
+
$password = escape_string ($password);
return $password;
}
--
Jan Röhrich
Kleinglattbacher Str. 12
D-75428 Illingen
Tel.: +49 7042 120351
Mobil: +49 1638463295
eMail: ja...@ro...
|
