Allow password drivers more control over the entire password changeing
processes not just the save action. Allow them to perform old/new
password comparisons and also password strength checking.
*) allow password drivers override default password comparisons (eg
new is not same as current) #6473
*) allow password drivers override default strength checks (eg allow
for 'not the same as last x passwords')
*) allow separate password saving and strength drivers for use of
strength checking services eg HaveIBeenPwned.com #5040
*) allow drivers to define password strength rules displayed to the
user
*) rename password_require_nonalpha config option to
password_check_strength to reflect new strength checking
possibilities (added backwards compatibility)
* krb_authentication: remove default principal
krb_authentication_context must be set to the right value to make GSSAPI work, we should not have any default for it outside config files, it could confuse users. We already handle empty/bad context in rcube_imap_generic.php, Net_Sieve, Net_SMTP.
* krb_authentication: config.php.dist fix
GSSAPI is better for searching, since GSS API is not used widely.
host.fqdn@REALM.NAME is actually never used without service-prefix, on the other side it may be valid to use 'computername$' or 'username' with Samba/Active Directory, the common name for all these - 'principal'.
* krb_authentication: raise error on empty context
* Introduce managesieve_allowed_hosts setting
If managesieve_allowed_hosts has been set, then check that the array contains the current mail_host for the user session. If not, just return. This will cause the managesieve plugin to not appear under the settings menu.
* Include managesieve_allowed_hosts example
An example of the managesieve_allowed_hosts setting is included. By default, it is left commented to preserve existing behaviour.
Aleksander Machniak