config.inc.php:

- Added configuration for courier authlib authentication flavors function.inc.php: - changed pa_crypt to make it handle courier authlib authentication flavors git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@560 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago · e218b81af2
parent 0c97fb861a
commit e218b81af2
2 changed files with 29 additions and 1 deletions
--- a/config.inc.php
+++ b/config.inc.php
@ -89,8 +89,15 @@ $CONF['smtp_port'] = '25';
 // system = whatever you have set as your PHP system default
 // cleartext = clear text passwords (ouch!)
 // mysql_encrypt = useful for PAM integration
+// authlib = support for courier-authlib style passwords
 $CONF['encrypt'] = 'md5crypt';

+// In what flavor should courier-authlib style passwords be enrypted?
+// md5 = {md5} + base64 encoded md5 hash
+// md5raw = {md5raw} + plain encoded md5 hash
+// crypt = {crypt} + Standard UNIX DES-enrypted with 2-character salt
+$CONF['authlib_default_flavor'] = 'md5raw';
+
 // Minimum length required for passwords. Postfixadmin will not
 // allow users to set passwords which are shorter than this value.
 $CONF['min_password_length'] = 5;
--- a/functions.inc.php
+++ b/functions.inc.php
@ -256,7 +256,7 @@ function check_domain ($domain)
            flash_error("emailcheck_resolve_domain is enabled, but function (checkdnsrr) missing!");
        }
    }
-
+    
    return true;
 }

@ -1160,6 +1160,27 @@ function pacrypt ($pw, $pw_db="")
        $l = db_row($res["result"]);
        $password = $l[0];
    }
+    
+    if ($CONF['encrypt'] == 'authlib') {
+    	$flavor = $CONF['authlib_default_flavor'];
+    	$salt = '  ';
+    	if(ereg('^{.*}', $pw_db)) {
+    		// we have a flavor in the db -> use it instead of default flavor
+    		$result = split('{|}', $pw_db, 3);
+    		$flavor = $result[1];  
+    		$salt = substr($result[2], 0, 2);  		
+    	}
+    	    	
+      	if(stripos($flavor, 'md5raw') === 0) {
+         	$password = '{' . $flavor . '}' . md5($pw);
+      	} else if(stripos($flavor, 'md5') === 0) {
+      		$password = '{' . $flavor . '}' . base64_encode(md5($pw, TRUE));
+      	} else if(stripos($flavor, 'crypt') === 0) {
+      		$password = '{' . $flavor . '}' . crypt($pw, $salt);
+      	}
+   	}
+    
+    
    $password = escape_string ($password);
    return $password;
 }