Commit Graph

276 Commits (3aac86eca77e94af42593271bc275693ee00cb58)

Author SHA1 Message Date
Aleksander Machniak cb4b1443c8 Update localization 6 years ago
Aleksander Machniak 11216a1925 Changed 'password_charset' default to 'UTF-8' (#6522) 6 years ago
Aleksander Machniak 9babe138af Password: Change API for password checking
... for simpler implementation of strength indicator in future.

Also simplified configuration by removing password_check_strength and
adding password_minimum_score.
6 years ago
Andrius Štikonas 9c4e2c9abe Fix spelling. (#6517) 6 years ago
Rotzbua f8b6493ecf Change http to https for plugins.roundcube.net (#6405) 6 years ago
Aleksander Machniak cd9ec7983b Password: README, Style, CS improvements, bump version, update changelog 6 years ago
PhilW 1bf6dc3de8 Password: add Zxcvbn strength driver 6 years ago
PhilW 00946f1f57 give password plugin drivers more power
Allow password drivers more control over the entire password changeing
processes not just the save action. Allow them to perform old/new
password comparisons and also password strength checking.

*) allow password drivers override default password comparisons (eg
   new is not same as current) #6473
*) allow password drivers override default strength checks (eg allow
   for 'not the same as last x passwords')
*) allow separate password saving and strength drivers for use of
   strength checking services eg HaveIBeenPwned.com #5040
*) allow drivers to define password strength rules displayed to the
   user
*) rename password_require_nonalpha config option to
   password_check_strength to reflect new strength checking
   possibilities (added backwards compatibility)
6 years ago
Aleksander Machniak b7d51573e4 Password: Fix bug where new users could skip forced password change (#6434) 6 years ago
Aleksander Machniak bae58951bf Fix bug where password_dovecotpw_with_method setting could be ignored (#6436) 6 years ago
Aleksander Machniak 85046cdea4 Cleanup modoboa driver 6 years ago
Stéphane 95a9080958 modoboa driver for password plugin (#6361) 6 years ago
Aleksander Machniak 60922dc3d5 Password: Added password_username_format option (#5766) 7 years ago
Thomas Bruederli c973f003e5 Synchronized localizations with Transifex 7 years ago
PhilW e7311e0e5e more consistent function names 7 years ago
PhilW af52df68bf use skinned alert and confirm boxes in plugins 7 years ago
Aleksander Machniak 23af0b7f36 Merge branch 'master' into dev-elastic 7 years ago
Thomas Bruederli 342b049841 Update localization files from Transifex 7 years ago
Aleksander Machniak fd9517655f Fix password form 7 years ago
Aleksander Machniak 315f78a65a Elastic: Use btn.submit instead of button.save classes for Save button in forms 7 years ago
Aleksander Machniak 3c1b78af48 Merge branch 'master' into dev-elastic 7 years ago
Aleksander Machniak 148ccda88a Password: Support host variables in password_db_dsn option (#5955) 7 years ago
Aleksander Machniak 3a77c906a1 Merge branch 'master' into dev-elastic 7 years ago
buborh 4f400ab7aa password plugin ldap driver: use full %login as %name/%n when no @ in username. (#5902) 7 years ago
Aleksander Machniak f3ce401def Set 'propform' class for password change form table 7 years ago
Aleksander Machniak 86a4d78369 Merge branch 'dev-elastic' 8 years ago
Remi Collet ff256b7bb9 Drop ereg dependency, fix compat with PHP 7 (#5820) 8 years ago
Aleksander Machniak 982d211ec0 Update changelog, CS fixes 8 years ago
Aleksander Machniak aacf1eb3bd Merge branch 'password-driver-virtualmin' of https://github.com/ElpyDE/roundcubemail into ElpyDE-password-driver-virtualmin 8 years ago
Aleksander Machniak 30f9839b46 Remove redundant code 8 years ago
Aleksander Machniak 9858c2a294 Merge branch 'master' into dev-elastic 8 years ago
ElpyDE 73db885647 Virtualmin driver for password plugin now uses virtualmin to ask for the domain 8 years ago
Aleksander Machniak 89987ee1e0 Password: Fix security issue in virtualmin and sasl drivers 8 years ago
Aleksander Machniak 757ba8b81a Fix typo 8 years ago
Torkel Bjørnson-Langen 278b46a99d password plugin: better error message on constraint violation (#5727)
If the password policy on the ldap server is violated when changing
password, report error as "constraint violation" instead of the
misleading "connection error".

Only tested with OpenLDAP (v2.4).
8 years ago
Aleksander Machniak 01656221a4 Update localization 8 years ago
Torkel Bjørnson-Langen 3bbe218b83 Password plugin: Added missing default values (#5726)
* Added correct default values for password plugin (ldap backends only)
* Sync default values in config.inc.php.dist with code.
8 years ago
Aleksander Machniak 6ba41836b6 Revert "extend plugin password to avoid sudo (use ssh instead calling chpasswd) (#5654)"
This reverts commit 938dd4670b.
8 years ago
Kay Marquardt 938dd4670b extend plugin password to avoid sudo (use ssh instead calling chpasswd) (#5654)
Use proc_open() instead of popen() to catch error messages from called wrapper.
Create new wrapper chpass-wrapper-expect.py
8 years ago
ka7 9a35768c26 spelling fixes (#5690) 8 years ago
Aleksander Machniak 8e6eb9fa72 Define 'save' class for password form button 8 years ago
Aleksander Machniak 81f67a4de2 Don't use each() deprecated in PHP 7.2 8 years ago
Aleksander Machniak 692cb9c63b Update localization 8 years ago
Aleksander Machniak be49c2e1cd Code improvements, replace exception thrown with rcube::raise_error() 8 years ago
Maikel Linke bd5eaf98aa Handle null or non-JSON result of cPanel UAPI
More unit testing. More documentation.
8 years ago
Maikel Linke dd29ca1ee8 Correct decoding of JSON response
The old version assumed `json_decode` would return an associative array.
While it can do so if an extra option is specified, the default
behaviour is to return an object. Therefore, a successful password
change resulted in an error while parsing the response.

The new code is accessing the response as object instead. The method
is now covered by a unit test.
8 years ago
Aleksander Machniak f351b48771 Update changelog, CS fixes 8 years ago
Maikel adbc9b1889 Add cPanel Webmail driver (#5549)
This driver does not use an admin account. It uses the user's account to
authenticate at the Webmail API. It uses the recommended UAPI and does
not rely on third-party classes.
8 years ago
Aleksander Machniak 8fc488afa0 Parse error and CS fixes after PR merge 8 years ago
Paolo Asperti 815b79df7f Added replacement variables support in password_pop_host (#5539)
Use rcube_utils::parse_host() on a hostname
8 years ago