Index: /trunk/plugins/password/config.inc.php.dist =================================================================== --- /trunk/plugins/password/config.inc.php.dist (revision 3403) +++ /trunk/plugins/password/config.inc.php.dist (revision 3404) @@ -14,5 +14,5 @@ // set to blank to allow passwords of any length $rcmail_config['password_minimum_length'] = 0; - + // Require the new password to contain a letter and punctuation character // Change to false to remove this check. @@ -31,4 +31,5 @@ // %c is replaced with the crypt version of the new password, MD5 if available // otherwise DES. +// %D is replaced with dovecotpw crypt method // %o is replaced with the password before the change // %n is replaced with the hashed version of the new password @@ -43,4 +44,10 @@ // Default: "SELECT update_passwd(%c, %u)" $rcmail_config['password_query'] = 'SELECT update_passwd(%c, %u)'; + +// Path for dovecotpw (if not in $PATH) +// $rcmail_config['password_dovecotpw'] = '/usr/local/sbin/dovecotpw'; + +// Dovecot method (dovecotpw -s 'method') +$rcmail_config['password_dovecotpw_method'] = 'CRAM-MD5'; // Using a password hash for %n and %q variables. Index: /trunk/plugins/password/drivers/sql.php =================================================================== --- /trunk/plugins/password/drivers/sql.php (revision 3403) +++ /trunk/plugins/password/drivers/sql.php (revision 3404) @@ -49,4 +49,30 @@ } $sql = str_replace('%c', $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt)), $sql); + } + + // dovecotpw + if (strpos($sql, '%D') !== FALSE) { + if (!($dovecotpw = $rcmail->config->get('dovecotpw'))) + $dovecotpw = 'dovecotpw'; + if (!($method = $rcmail->config->get('dovecotmethod'))) + $method = 'CRAM-MD5'; + $tmpfile = tempnam('/tmp', 'rouncdube-'); + $pipe = popen("'$dovecotpw' -s '$method' > '$tmpfile'", "w"); + if (!$pipe) { + unlink($tmpfile); + return PASSWORD_CRYPT_ERROR; + } + else { + fwrite($pipe, $passwd . "\n", 1+strlen($passwd)); usleep(1000); + fwrite($pipe, $passwd . "\n", 1+strlen($passwd)); + pclose($pipe); + $newpass = file_get_contents($tmpfile); + if (!preg_match('/^\{' . $method . '\}/', $newpass)) { + return PASSWORD_CRYPT_ERROR; + } + $newpass = trim(str_replace('{' . $method . '}', '', $newpass)); + unlink($tmpfile); + } + $sql = str_replace('%D', $db->quote($newpass), $sql); } Index: /trunk/roundcubemail/CHANGELOG =================================================================== --- /trunk/roundcubemail/CHANGELOG (revision 3403) +++ /trunk/roundcubemail/CHANGELOG (revision 3404) @@ -2,4 +2,5 @@ =========================== +- Password: Support dovecotpw encryption - TinyMCE 3.3.1 - Implemented messages copying using drag&drop + SHIFT (#1484086)