Aleksander Machniak
89987ee1e0
Password: Fix security issue in virtualmin and sasl drivers
8 years ago
Torkel Bjørnson-Langen
278b46a99d
password plugin: better error message on constraint violation ( #5727 )
...
If the password policy on the ldap server is violated when changing
password, report error as "constraint violation" instead of the
misleading "connection error".
Only tested with OpenLDAP (v2.4).
8 years ago
Torkel Bjørnson-Langen
3bbe218b83
Password plugin: Added missing default values ( #5726 )
...
* Added correct default values for password plugin (ldap backends only)
* Sync default values in config.inc.php.dist with code.
8 years ago
Aleksander Machniak
6ba41836b6
Revert "extend plugin password to avoid sudo (use ssh instead calling chpasswd) ( #5654 )"
...
This reverts commit 938dd4670b
.
8 years ago
Kay Marquardt
938dd4670b
extend plugin password to avoid sudo (use ssh instead calling chpasswd) ( #5654 )
...
Use proc_open() instead of popen() to catch error messages from called wrapper.
Create new wrapper chpass-wrapper-expect.py
8 years ago
ka7
9a35768c26
spelling fixes ( #5690 )
8 years ago
Aleksander Machniak
81f67a4de2
Don't use each() deprecated in PHP 7.2
8 years ago
Aleksander Machniak
be49c2e1cd
Code improvements, replace exception thrown with rcube::raise_error()
8 years ago
Maikel Linke
bd5eaf98aa
Handle null or non-JSON result of cPanel UAPI
...
More unit testing. More documentation.
8 years ago
Maikel Linke
dd29ca1ee8
Correct decoding of JSON response
...
The old version assumed `json_decode` would return an associative array.
While it can do so if an extra option is specified, the default
behaviour is to return an object. Therefore, a successful password
change resulted in an error while parsing the response.
The new code is accessing the response as object instead. The method
is now covered by a unit test.
8 years ago
Aleksander Machniak
f351b48771
Update changelog, CS fixes
8 years ago
Maikel
adbc9b1889
Add cPanel Webmail driver ( #5549 )
...
This driver does not use an admin account. It uses the user's account to
authenticate at the Webmail API. It uses the recommended UAPI and does
not rely on third-party classes.
8 years ago
Aleksander Machniak
8fc488afa0
Parse error and CS fixes after PR merge
8 years ago
Paolo Asperti
815b79df7f
Added replacement variables support in password_pop_host ( #5539 )
...
Use rcube_utils::parse_host() on a hostname
8 years ago
JohnDoh
dd714b33a8
replace old trac links ( #5514 )
8 years ago
Aleksander Machniak
affec47eab
CS fixes, updated changelog
8 years ago
Aleksander Machniak
7f4ab8c14a
Merge pull request #5364 from ZiBiS/master
...
Password: LDAP PPolicy driver
8 years ago
Zbigniew Szmyd
fa533a4a01
Revert "Correction to work good with the Net_LDAP2 2.2.0"
...
This reverts commit acbc67ea1c
.
8 years ago
Zbigniew Szmyd
06956572ec
Change parameters names to the standard.
8 years ago
Zbigniew Szmyd
7254a89e7f
get log_dir from config
8 years ago
Zbigniew Szmyd
c22d4bc642
The correction of the script path and log_dir from the rc
...
config.
8 years ago
Aleksander Machniak
e9d70648dd
Fix CS and obvious mistakes, update changelog after PR merge
8 years ago
Zbigniew Szmyd
191396db17
The error log is redirected to logs/ldap_ppolicy.err
8 years ago
Julian Matz
7ed0d3308b
Update cpanel.php
...
Call $rcmail->config->get() only once per option by assigning variable inside the IF statement.
9 years ago
Julian Matz
8042955927
Update cpanel.php
9 years ago
Julian Matz
e34e267e59
Update cpanel.php
...
Changed code style and indentation.
9 years ago
Julian Matz
6651a6cab0
Update cpanel.php
...
Add support for hash auth (cPanel Remote Access Key) and call the $xmlapi->listaccts() method to retrieve the cPanel account user that owns the domain (required for cPanel reseller accounts).
9 years ago
Oliver Ney
5f2df36879
Fix ldap connection use after release in password plugin
9 years ago
Zbigniew Szmyd
0b07f37bea
LDAP password policy driver files
9 years ago
Zbigniew Szmyd
acbc67ea1c
Correction to work good with the Net_LDAP2 2.2.0
9 years ago
Aleksander Machniak
8ef598b883
Fix (again) security issue in DBMail driver of password plugin [CVE-2015-2181] ( #1490643 )
...
Unify the C program code with the one used by other drivers.
9 years ago
Aleksander Machniak
39813e961a
Show error message from CPanel API on password change failure ( #1490144 )
9 years ago
Aleksander Machniak
3cc6ec573d
Make password encryption algorithms available for all drivers ( #1490134 )
...
...via password::hash_password() method and password_algorithm option.
Add %P and %O macros for password_query in favor of %c, %d, %n and %q.
10 years ago
Aleksander Machniak
e6c1e0c638
Fix vpopmaild driver of password plugin
10 years ago
Thomas Bruederli
e2fb340289
Remove obsolete mt_srand() calls
10 years ago
Aleksander Machniak
1d09ee0ce6
Added 'kpasswd' driver by Peter Allgeyer
10 years ago
Aleksander Machniak
b59b72cc30
Fix "Non-static method PEAR::isError() should not be called statically" errors ( #1490281 )
10 years ago
Aleksander Machniak
7c96646de0
Fix security issue in DBMail driver of password plugin ( #1490261 )
10 years ago
Aleksander Machniak
ef29ac4339
Fix generation of Blowfish-based password hashes ( #1490184 )
...
Added password_blowfish_cost config option.
10 years ago
Aleksander Machniak
c8d082a83e
Fix syntax error in plesk driver
10 years ago
Aleksander Machniak
d26e94ae94
Small CS fixes after PR merge
10 years ago
Lorenzo Perone
84296e1b93
fix indent to match style in ldap.php (tabs to spaces)
10 years ago
Lorenzo Perone
3e3fcd4d27
Password Plugin / LDAP Driver:
...
- adds support for (optional) multiple userPassword values for compatibility with more authentication shemes
- adds support for CRAM-MD5 scheme as implemented by doveadm pw (credits: see header of plugins/password/helpers/dovecot_hmacmd5.php)
10 years ago
Aleksander Machniak
78bee8b8b6
Fix regression in SHAA password generation in ldap driver of password plugin ( #1490094 )
10 years ago
Aleksander Machniak
d1c8d7fc25
Support hashing algorithms without mhash() and even hash() extension ( #1490076 )
10 years ago
Aleksander Machniak
9dd327b400
Remove new_link argument usage, we don't need it anymore
10 years ago
Aleksander Machniak
4baf96a4ca
Added license headers to driver files, CS fixes
10 years ago
Cyrill von Wattenwyl
11a40dd1fe
Merge branch 'master' of https://github.com/roundcube/roundcubemail
...
Conflicts:
plugins/password/config.inc.php.dist
10 years ago
Aleksander Machniak
9d2550502a
CS fixes after PR merge
11 years ago
Mohammad Anwari
1599665651
New gearman driver for password plugin
11 years ago