From e218b81af2b8e609d7d932e04425112fa80023d9 Mon Sep 17 00:00:00 2001
From: Jan Roehrich <roehrijn@users.sourceforge.net>
Date: Tue, 3 Feb 2009 17:50:13 +0000
Subject: [PATCH] config.inc.php: - Added configuration for courier authlib
 authentication flavors

function.inc.php:
- changed pa_crypt to make it handle courier authlib authentication flavors

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@560 a1433add-5e2c-0410-b055-b7f2511e0802
---
 config.inc.php    |  7 +++++++
 functions.inc.php | 23 ++++++++++++++++++++++-
 2 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/config.inc.php b/config.inc.php
index 3240bb9b..8de24d4c 100644
--- a/config.inc.php
+++ b/config.inc.php
@@ -89,8 +89,15 @@ $CONF['smtp_port'] = '25';
 // system = whatever you have set as your PHP system default
 // cleartext = clear text passwords (ouch!)
 // mysql_encrypt = useful for PAM integration
+// authlib = support for courier-authlib style passwords
 $CONF['encrypt'] = 'md5crypt';
 
+// In what flavor should courier-authlib style passwords be enrypted?
+// md5 = {md5} + base64 encoded md5 hash
+// md5raw = {md5raw} + plain encoded md5 hash
+// crypt = {crypt} + Standard UNIX DES-enrypted with 2-character salt
+$CONF['authlib_default_flavor'] = 'md5raw';
+
 // Minimum length required for passwords. Postfixadmin will not
 // allow users to set passwords which are shorter than this value.
 $CONF['min_password_length'] = 5;
diff --git a/functions.inc.php b/functions.inc.php
index ada03c85..cdd3278c 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -256,7 +256,7 @@ function check_domain ($domain)
             flash_error("emailcheck_resolve_domain is enabled, but function (checkdnsrr) missing!");
         }
     }
-
+    
     return true;
 }
 
@@ -1160,6 +1160,27 @@ function pacrypt ($pw, $pw_db="")
         $l = db_row($res["result"]);
         $password = $l[0];
     }
+    
+    if ($CONF['encrypt'] == 'authlib') {
+    	$flavor = $CONF['authlib_default_flavor'];
+    	$salt = '  ';
+    	if(ereg('^{.*}', $pw_db)) {
+    		// we have a flavor in the db -> use it instead of default flavor
+    		$result = split('{|}', $pw_db, 3);
+    		$flavor = $result[1];  
+    		$salt = substr($result[2], 0, 2);  		
+    	}
+    	    	
+      	if(stripos($flavor, 'md5raw') === 0) {
+         	$password = '{' . $flavor . '}' . md5($pw);
+      	} else if(stripos($flavor, 'md5') === 0) {
+      		$password = '{' . $flavor . '}' . base64_encode(md5($pw, TRUE));
+      	} else if(stripos($flavor, 'crypt') === 0) {
+      		$password = '{' . $flavor . '}' . crypt($pw, $salt);
+      	}
+   	}
+    
+    
     $password = escape_string ($password);
     return $password;
 }