- Password plugin: added poppassd driver

16 years ago · 4534ab8771
parent 70306a4c75
commit 4534ab8771
9 changed files with 106 additions and 28 deletions
--- a/plugins/password/README
+++ b/plugins/password/README
@ -6,18 +6,18 @@
 methods (drivers) via Settings/Password tab.

 -----------------------------------------------------------------------
- This program is free software; you can redistribute it and/or modify   
- it under the terms of the GNU General Public License version 2         
- as published by the Free Software Foundation.                          
-                                                                        
- This program is distributed in the hope that it will be useful,        
- but WITHOUT ANY WARRANTY; without even the implied warranty of         
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          
- GNU General Public License for more details.                           
-                                                                        
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License version 2
+ as published by the Free Software Foundation.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
 You should have received a copy of the GNU General Public License along
 with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.            
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

 @version 1.2
 @author Aleksander 'A.L.E.C' Machniak <alec@alec.pl>
@ -28,6 +28,7 @@
 2.	Drivers
 2.1. 	Database (sql)
 2.2.	Cyrus/SASL (sasl)
+ 2.3.	Poppassd/Courierpassd (poppassd)
 3.	Driver API


@ -50,7 +51,7 @@
 You can specify which database to connect by 'password_db_dsn' option and
 what SQL query to execute by 'password_query'. See main.inc.php file for
 more info.
-    
+
 Example implementations of an update_passwd function:

 - This is for use with LMS (http://lms.org.pl) database and postgres:
@ -84,16 +85,16 @@
 	END

 Example SQL UPDATEs:
- 
+
 - Plain text passwords:
    UPDATE users SET password=%p WHERE username=%u AND password=%o AND domain=%h LIMIT 1
- 
+
 - Crypt text passwords:
    UPDATE users SET password=%c WHERE username=%u LIMIT 1

 - Use a MYSQL crypt function (*nix only) with random 8 character salt
    UPDATE users SET password=ENCRYPT(%p,concat(_utf8'$1$',right(md5(rand()),8),_utf8'$')) WHERE username=%u LIMIT 1
- 
+
 - MD5 stored passwords:
    UPDATE users SET password=MD5(%p) WHERE username=%u AND password=MD5(%o) LIMIT 1

@ -127,7 +128,7 @@
 Compile the wrapper program:
 	gcc -o chgsaslpasswd chgsaslpasswd.c

- Chown the chgsaslpasswd and chgsaslpasswd.sh to the cyrus user and group 
+ Chown the chgsaslpasswd and chgsaslpasswd.sh to the cyrus user and group
 that your browser runs as, then chmod them to 4550.

 For example, if your cyrus user is 'cyrus' and the apache server group is
@ -149,11 +150,18 @@
   This could save you some headaches if you are the paranoid type.


+ 2.3. Poppassd/Courierpassd (poppassd)
+ ----------------------------
+
+ You can specify which host to connect to via `password_pop_host` and
+ what port via `password_pop_port`. See config.inc.php file for more info.
+
+
 3. Driver API
 -------------
- 
+
 Driver file (<driver_name>.php) must define 'password_save' function with
 two arguments. First - current password, second - new password. Function
- may return PASSWORD_SUCCESS on success or PASSWORD_ERROR on any error.
+ may return PASSWORD_SUCCESS on success or any of PASSWORD_CONNECT_ERROR,
+ PASSWORD_CRYPT_ERROR, PASSWORD_ERROR when driver was unable to change password.
 See existing drivers in drivers/ directory for examples.
- 
--- a/plugins/password/config.inc.php
+++ b/plugins/password/config.inc.php
@ -3,11 +3,11 @@
 // Password Plugin options
 // -----------------------
 // A driver to use for password change. Default: "sql".
-$rcmail_config['password_driver'] = 'sql';
+$rcmail_config['password_driver'] = 'poppassd';

 // Determine whether current password is required to change password.
 // Default: false.
-$rcmail_config['password_confirm_current'] = false;
+$rcmail_config['password_confirm_current'] = true;


 // SQL Driver options
@ -25,7 +25,16 @@ $rcmail_config['password_db_dsn'] = '';
 //      %o is replaced with the password before the change
 //      %h is replaced with the imap host (from the session info)
 // Escaping of macros is handled by this module.
-// Default: "SELECT update_passwd(%c, %u)" 
+// Default: "SELECT update_passwd(%c, %u)"
 $rcmail_config['password_query'] = 'SELECT update_passwd(%c, %u)';

+
+// Poppassd Driver options
+// -----------------------
+// The host which changes the password
+$rcmail_config['password_pop_host'] = 'localhost';
+
+// TCP port used for poppassd connections
+$rcmail_config['password_pop_port'] = 106;
+
 ?>
--- a/plugins/password/drivers/poppassd.php
+++ b/plugins/password/drivers/poppassd.php
@ -0,0 +1,56 @@
+<?php
+
+/**
+ * Poppassd Password Driver
+ *
+ * Driver to change passwords via Poppassd/Courierpassd
+ *
+ * @version 1.0
+ * @author Philip Weir
+ *
+ */
+
+function password_save($curpass, $passwd)
+{
+    $rcmail = rcmail::get_instance();
+//    include('Net/Socket.php');
+    $poppassd = new Net_Socket();
+
+    if (PEAR::isError($poppassd->connect($rcmail->config->get('password_pop_host'), $rcmail->config->get('password_pop_port'), null))) {
+        return PASSWORD_CONNECT_ERROR;
+    }
+    else {
+        $result = $poppassd->readLine();
+        if(!preg_match('/^2\d\d/', $result)) {
+            $poppassd->disconnect();
+            return PASSWORD_ERROR;
+        }
+        else {
+            $poppassd->writeLine("user ". $_SESSION['username']);
+            $result = $poppassd->readLine();
+            if(!preg_match('/^[23]\d\d/', $result) ) {
+                $poppassd->disconnect();
+                return PASSWORD_CONNECT_ERROR;
+            }
+            else {
+                $poppassd->writeLine("pass ". $curpass);
+                $result = $poppassd->readLine();
+                if(!preg_match('/^[23]\d\d/', $result) ) {
+                    $poppassd->disconnect();
+                    return PASSWORD_ERROR;
+                }
+                else {
+                    $poppassd->writeLine("newpass ". $passwd);
+                    $result = $poppassd->readLine();
+                    $poppassd->disconnect();
+                    if (!preg_match('/^2\d\d/', $result))
+                        return PASSWORD_ERROR;
+                    else
+                        return PASSWORD_SUCCESS;
+                }
+            }
+        }
+    }
+}
+
+?>
--- a/plugins/password/localization/en_US.inc
+++ b/plugins/password/localization/en_US.inc
@ -11,7 +11,8 @@ $messages['nopassword'] = 'Please input new password.';
 $messages['nocurpassword'] = 'Please input current password.';
 $messages['passwordincorrect'] = 'Current password incorrect.';
 $messages['passwordinconsistency'] = 'Passwords do not match, please try again.';
-$messages['nocryptfunction'] = 'The server is missing a function to encrypt your password.';
+$messages['crypterror'] = 'Could not save new password. Encrypt function missing.';
+$messages['connecterror'] = 'Could not save new password. Connection error.';
 $messages['internalerror'] = 'Could not save new password.';

 ?>
--- a/plugins/password/localization/et_EE.inc
+++ b/plugins/password/localization/et_EE.inc
@ -11,7 +11,7 @@ $messages['nopassword'] = 'Palun sisesta uus parool.';
 $messages['nocurpassword'] = 'Palun sisesta vana parool.';
 $messages['passwordincorrect'] = 'Vana parool on vale.';
 $messages['passwordinconsistency'] = 'Paroolid ei kattu, palun proovi uuesti.';
-$messages['nocryptfunction'] = 'Serveris ei ole parooli krüpteerimiseks vajalikku funktsiooni.';
+$messages['crypterror'] = 'Serveris ei ole parooli krüpteerimiseks vajalikku funktsiooni.';
 $messages['internalerror'] = 'Uue parooli andmebaasi salvestamine nurjus.';

 ?>
--- a/plugins/password/localization/hu_HU.inc
+++ b/plugins/password/localization/hu_HU.inc
@ -11,7 +11,7 @@ $messages['nopassword'] = 'Kérjük adja meg az új jelszót.';
 $messages['nocurpassword'] = 'Kérjük adja meg a jelenlegi jelszót.';
 $messages['passwordincorrect'] = 'Érvénytelen a jelenlegi jelszó.';
 $messages['passwordinconsistency'] = 'A két új jelszó nem egyezik.';
-$messages['nocryptfunction'] = 'Hiba történt a kérés feldolgozása során.';
+$messages['crypterror'] = 'Hiba történt a kérés feldolgozása során.';
 $messages['internalerror'] = 'Hiba történt a kérés feldolgozása során.';

 ?>
--- a/plugins/password/localization/nl_NL.inc
+++ b/plugins/password/localization/nl_NL.inc
@ -11,7 +11,7 @@ $messages['nopassword'] = 'Vul een wachtwoord in.';
 $messages['nocurpassword'] = 'vul het huidige wachtwoord in.';
 $messages['passwordincorrect'] = 'Huidig wachtwoord is onjuist.';
 $messages['passwordinconsistency'] = 'Wachtwoorden komen niet overeen, probeer het opnieuw.';
-$messages['nocryptfunction'] = 'De server mist een functie om uw wachtwoord et beveiligen.';
+$messages['crypterror'] = 'De server mist een functie om uw wachtwoord et beveiligen.';
 $messages['internalerror'] = 'Uw wachtwoord kan niet worden opgeslagen.';

 ?>
--- a/plugins/password/localization/pl_PL.inc
+++ b/plugins/password/localization/pl_PL.inc
@ -11,7 +11,8 @@ $messages['nopassword'] = 'Wprowadź nowe hasło.';
 $messages['nocurpassword'] = 'Wprowadź aktualne hasło.';
 $messages['passwordincorrect'] = 'Błędne aktualne hasło, spróbuj ponownie.';
 $messages['passwordinconsistency'] = 'Hasła nie pasują, spróbuj ponownie.';
-$messages['nocryptfunction'] = 'Nie udało się zapisać nowego hasła. Brak funkcji kodującej.';
+$messages['crypterror'] = 'Nie udało się zapisać nowego hasła. Brak funkcji kodującej.';
+$messages['connecterror'] = 'Nie udało się zapisać nowego hasła. Błąd połączenia.';
 $messages['internalerror'] = 'Nie udało się zapisać nowego hasła.';

 ?>
--- a/plugins/password/password.php
+++ b/plugins/password/password.php
@ -3,7 +3,7 @@
 /*
 +-------------------------------------------------------------------------+
 | Password Plugin for Roundcube                                           |
- | Version 1.2                                                             |
+ | Version 1.3                                                             |
 |                                                                         |
 | Copyright (C) 2009, RoundCube Dev. - Switzerland                        |
 |                                                                         |
@ -30,6 +30,7 @@

 define('PASSWORD_CRYPT_ERROR', 1);
 define('PASSWORD_ERROR', 2);
+define('PASSWORD_CONNECT_ERROR', 3);
 define('PASSWORD_SUCCESS', 0);

 class password extends rcube_plugin
@ -192,7 +193,9 @@ class password extends rcube_plugin
      case PASSWORD_SUCCESS:
        return;
      case PASSWORD_CRYPT_ERROR;
-        return $this->gettext('nocryptfunction');
+        return $this->gettext('crypterror');
+      case PASSWORD_CONNECT_ERROR;
+        return $this->gettext('connecterror');
      case PASSWORD_ERROR:
      default:
        return $this->gettext('internalerror');