Adding ssha512 password_algorithm (#6805)

* Added SSHA512 method to the hash_password function

Basically a copy of the ssha method this case is compatible with the dovecot ssha512 settings so there is no doveadm needed alongside with roundcube to update ssha512 passwords.

plugins/password/config.inc.php.dist

@@ -45,7 +45,7 @@ $config['password_force_new_user'] = false;
 
 // Default password hashing/crypting algorithm.
 // Possible options: des-crypt, ext-des-crypt, md5-crypt, blowfish-crypt,
-// sha256-crypt, sha512-crypt, md5, sha, smd5, ssha, samba, ad, dovecot, clear.
+// sha256-crypt, sha512-crypt, md5, sha, smd5, ssha, ssha512, samba, ad, dovecot, clear.
 // For details see password::hash_password() method.
 $config['password_algorithm'] = 'clear';
 

plugins/password/password.php

@@ -640,6 +640,28 @@ class password extends rcube_plugin
             $prefix  = '{SSHA}';
             break;
 
+        case 'ssha512':
+            $salt = rcube_utils::random_bytes(8);
+
+            if (function_exists('mhash') && function_exists('mhash_keygen_s2k')) {
+                $salt    = mhash_keygen_s2k(MHASH_SHA512, $password, $salt, 4);
+                $crypted = mhash(MHASH_SHA512, $password . $salt);
+            }
+            else if (function_exists('hash')) {
+                $salt    = substr(pack("H*", hash('sha512', $salt . $password)), 0, 4);
+                $crypted = hash('sha512', $password . $salt, true);
+            }
+            else {
+                rcube::raise_error(array(
+                    'code' => 600, 'file' => __FILE__, 'line' => __LINE__,
+                    'message' => "Password plugin: Your PHP install does not have the mhash()/hash() function"
+                ), true, true);
+            }
+
+            $crypted = base64_encode($crypted . $salt);
+            $prefix  = '{SSHA512}';
+            break;
+
         case 'smd5':
             $salt = rcube_utils::random_bytes(8);