Changed 'password_charset' default to 'UTF-8' (#6522)

pull/6528/head
Aleksander Machniak 6 years ago
parent 4935213fc6
commit 11216a1925

@ -1,10 +1,11 @@
CHANGELOG Roundcube Webmail CHANGELOG Roundcube Webmail
=========================== ===========================
- Changed 'password_charset' default to 'UTF-8' (#6522)
- Add skins_allowed option (#6483) - Add skins_allowed option (#6483)
- SMTP GSSAPI support via krb_authentication plugin (#6417) - SMTP GSSAPI support via krb_authentication plugin (#6417)
- Avoid Referer leaking by using Referrer-Policy:same-origin header (#6385) - Avoid Referer leaking by using Referrer-Policy:same-origin header (#6385)
- Removed referer_check option (#6440) - Removed 'referer_check' option (#6440)
- Use constant prefix for temp file names, don't remove temp files from other apps (#6511) - Use constant prefix for temp file names, don't remove temp files from other apps (#6511)
- Ignore 'Sender' header on Reply-All action (#6506) - Ignore 'Sender' header on Reply-All action (#6506)
- Update to TinyMCE 4.8.2 - Update to TinyMCE 4.8.2

@ -538,11 +538,9 @@ $config['username_domain_forced'] = false;
// For example %n = mail.domain.tld, %t = domain.tld // For example %n = mail.domain.tld, %t = domain.tld
$config['mail_domain'] = ''; $config['mail_domain'] = '';
// Password character set. // Password character set, to change the password for user
// If your authentication backend supports it, use "UTF-8". // authentication or for password change operations
// Otherwise, use the appropriate character set. $config['password_charset'] = 'UTF-8';
// Defaults to ISO-8859-1 for backward compatibility.
$config['password_charset'] = 'ISO-8859-1';
// How many seconds must pass between emails sent by a user // How many seconds must pass between emails sent by a user
$config['sendmail_delay'] = 0; $config['sendmail_delay'] = 0;

@ -103,7 +103,7 @@ $RCMAIL->action = $startup['action'];
// try to log in // try to log in
if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') { if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') {
$request_valid = $_SESSION['temp'] && $RCMAIL->check_request(); $request_valid = $_SESSION['temp'] && $RCMAIL->check_request();
$pass_charset = $RCMAIL->config->get('password_charset', 'ISO-8859-1'); $pass_charset = $RCMAIL->config->get('password_charset', 'UTF-8');
// purge the session in case of new login when a session already exists // purge the session in case of new login when a session already exists
$RCMAIL->kill_session(); $RCMAIL->kill_session();

@ -141,7 +141,7 @@ class password extends rcube_plugin
$this->rc->output->command('display_message', $this->gettext('nopassword'), 'error'); $this->rc->output->command('display_message', $this->gettext('nopassword'), 'error');
} }
else { else {
$charset = strtoupper($this->rc->config->get('password_charset', 'ISO-8859-1')); $charset = strtoupper($this->rc->config->get('password_charset', 'UTF-8'));
$rc_charset = strtoupper($this->rc->output->get_charset()); $rc_charset = strtoupper($this->rc->output->get_charset());
$sespwd = $this->rc->decrypt($_SESSION['password']); $sespwd = $this->rc->decrypt($_SESSION['password']);
@ -152,12 +152,9 @@ class password extends rcube_plugin
// check allowed characters according to the configured 'password_charset' option // check allowed characters according to the configured 'password_charset' option
// by converting the password entered by the user to this charset and back to UTF-8 // by converting the password entered by the user to this charset and back to UTF-8
$orig_pwd = $newpwd; $orig_pwd = $newpwd;
$chk_pwd = rcube_charset::convert($orig_pwd, $rc_charset, $charset); $chk_pwd = rcube_charset::convert($orig_pwd, $rc_charset, $charset);
$chk_pwd = rcube_charset::convert($chk_pwd, $charset, $rc_charset); $chk_pwd = rcube_charset::convert($chk_pwd, $charset, $rc_charset);
// WARNING: Default password_charset is ISO-8859-1, so conversion will
// change national characters. This may disable possibility of using
// the same password in other MUA's.
// We're doing this for consistence with Roundcube core // We're doing this for consistence with Roundcube core
$newpwd = rcube_charset::convert($newpwd, $rc_charset, $charset); $newpwd = rcube_charset::convert($newpwd, $rc_charset, $charset);
$conpwd = rcube_charset::convert($conpwd, $rc_charset, $charset); $conpwd = rcube_charset::convert($conpwd, $rc_charset, $charset);

Loading…
Cancel
Save