Changeset 4529 in subversion
- Timestamp:
- Feb 10, 2011 9:42:18 AM (2 years ago)
- Location:
- trunk/plugins/password
- Files:
-
- 4 edited
-
config.inc.php.dist (modified) (1 diff)
-
drivers/ldap.php (modified) (4 diffs)
-
drivers/ldap_simple.php (modified) (9 diffs)
-
package.xml (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/plugins/password/config.inc.php.dist
r4375 r4529 196 196 $rcmail_config['password_ldap_lchattr'] = ''; 197 197 198 // Also try to update Samba password attributes: sambaNTPassword and sambaPwdLastSet 199 $rcmail_config['password_ldap_samba'] = false; 198 // LDAP Samba password attribute, e.g. sambaNTPassword 199 // Name of the LDAP's Samba attribute used for storing user password 200 $rcmail_config['password_ldap_samba_pwattr'] = ''; 201 202 // LDAP Samba Password Last Change Date attribute, e.g. sambaPwdLastSet 203 // Some places use an attribute to store the date of the last password change 204 // The date is meassured in "seconds since epoch" (an integer value) 205 // Whenever the password is changed, the attribute will be updated if set 206 $rcmail_config['password_ldap_samba_lchattr'] = ''; 200 207 201 208 -
trunk/plugins/password/drivers/ldap.php
r4375 r4529 63 63 } 64 64 65 // Crypting new password 66 $newCryptedPassword = hashPassword($passwd, $rcmail->config->get('password_ldap_encodage')); 67 if (!$newCryptedPassword) { 65 $crypted_pass = hashPassword($passwd, $rcmail->config->get('password_ldap_encodage')); 66 $force = $rcmail->config->get('password_ldap_force_replace'); 67 $pwattr = $rcmail->config->get('password_ldap_pwattr'); 68 $lchattr = $rcmail->config->get('password_ldap_lchattr'); 69 $smbpwattr = $rcmail->config->get('password_ldap_samba_pwattr'); 70 $smblchattr = $rcmail->config->get('password_ldap_samba_lchattr'); 71 $samba = $rcmail->config->get('password_ldap_samba'); 72 73 // Support password_ldap_samba option for backward compat. 74 if ($samba && !$smbpwattr) { 75 $smbpwattr = 'sambaNTPassword'; 76 $smblchattr = 'sambaPwdLastSet'; 77 } 78 79 // Crypt new password 80 if (!$crypted_pass) { 68 81 return PASSWORD_CRYPT_ERROR; 82 } 83 84 // Crypt new samba password 85 if ($smbpwattr && !($samba_pass = hashPassword($passwd, 'samba'))) { 86 return PASSWORD_CRYPT_ERROR; 69 87 } 70 88 … … 75 93 } 76 94 77 $pwattr = $rcmail->config->get('password_ldap_pwattr'); 78 $force = $rcmail->config->get('password_ldap_force_replace'); 79 80 if (!$userEntry->replace(array($pwattr => $newCryptedPassword), $force)) { 95 if (!$userEntry->replace(array($pwattr => $crypted_pass), $force)) { 81 96 return PASSWORD_CONNECT_ERROR; 82 97 } 83 98 84 99 // Updating PasswordLastChange Attribute if desired 85 if ($lchattr = $rcmail->config->get('password_ldap_lchattr')) {100 if ($lchattr) { 86 101 $current_day = (int)(time() / 86400); 87 102 if (!$userEntry->replace(array($lchattr => $current_day), $force)) { … … 90 105 } 91 106 107 // Update Samba password and last change fields 108 if ($smbpwattr) { 109 $userEntry->replace(array($smbpwattr => $samba_pass), $force); 110 } 111 // Update Samba password last change field 112 if ($smblchattr) { 113 $userEntry->replace(array($smblchattr => time()), $force); 114 } 115 92 116 if (Net_LDAP2::isError($userEntry->update())) { 93 117 return PASSWORD_CONNECT_ERROR; 94 }95 96 // Update Samba password fields, ignore errors if attributes are not found97 if ($rcmail->config->get('password_ldap_samba')) {98 $sambaNTPassword = hash('md4', rcube_charset_convert($passwd, RCMAIL_CHARSET, 'UTF-16LE'));99 $userEntry->replace(array('sambaNTPassword' => $sambaNTPassword), $force);100 $userEntry->replace(array('sambaPwdLastSet' => time()), $force);101 $userEntry->update();102 118 } 103 119 … … 254 270 break; 255 271 272 case 'samba': 273 if (function_exists('hash')) { 274 $cryptedPassword = hash('md4', rcube_charset_convert($password_clear, RCMAIL_CHARSET, 'UTF-16LE')); 275 } else { 276 /* Your PHP install does not have the hash() function */ 277 return false; 278 } 279 break; 280 256 281 case 'clear': 257 282 default: -
trunk/plugins/password/drivers/ldap_simple.php
r4375 r4529 15 15 $rcmail = rcmail::get_instance(); 16 16 17 / * Connect */17 // Connect 18 18 if (!$ds = ldap_connect($rcmail->config->get('password_ldap_host'), $rcmail->config->get('password_ldap_port'))) { 19 19 ldap_unbind($ds); … … 21 21 } 22 22 23 / * Set protocol version */23 // Set protocol version 24 24 if (!ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $rcmail->config->get('password_ldap_version'))) { 25 25 ldap_unbind($ds); … … 27 27 } 28 28 29 / * Start TLS */29 // Start TLS 30 30 if ($rcmail->config->get('password_ldap_starttls')) { 31 31 if (!ldap_start_tls($ds)) { … … 35 35 } 36 36 37 / * Build user DN */37 // Build user DN 38 38 if ($user_dn = $rcmail->config->get('password_ldap_userDN_mask')) { 39 39 $user_dn = ldap_simple_substitute_vars($user_dn); … … 47 47 } 48 48 49 / * Connection method */49 // Connection method 50 50 switch ($rcmail->config->get('password_ldap_method')) { 51 51 case 'admin': … … 60 60 } 61 61 62 /* Bind */ 62 63 $crypted_pass = ldap_simple_hash_password($passwd, $rcmail->config->get('password_ldap_encodage')); 64 $lchattr = $rcmail->config->get('password_ldap_lchattr'); 65 $pwattr = $rcmail->config->get('password_ldap_pwattr'); 66 $smbpwattr = $rcmail->config->get('password_ldap_samba_pwattr'); 67 $smblchattr = $rcmail->config->get('password_ldap_samba_lchattr'); 68 $samba = $rcmail->config->get('password_ldap_samba'); 69 70 // Support password_ldap_samba option for backward compat. 71 if ($samba && !$smbpwattr) { 72 $smbpwattr = 'sambaNTPassword'; 73 $smblchattr = 'sambaPwdLastSet'; 74 } 75 76 // Crypt new password 77 if (!$crypted_pass) { 78 return PASSWORD_CRYPT_ERROR; 79 } 80 81 // Crypt new Samba password 82 if ($smbpwattr && !($samba_pass = ldap_simple_hash_password($passwd, 'samba'))) { 83 return PASSWORD_CRYPT_ERROR; 84 } 85 86 // Bind 63 87 if (!ldap_bind($ds, $binddn, $bindpw)) { 64 88 ldap_unbind($ds); … … 66 90 } 67 91 68 /* Crypting new password */ 69 $crypted_pass = ldap_simple_hash_password($passwd, $rcmail->config->get('password_ldap_encodage')); 70 if (!$crypted_pass) { 71 ldap_unbind($ds); 72 return PASSWORD_CRYPT_ERROR; 73 } 74 75 $entree[$rcmail->config->get('password_ldap_pwattr')] = $crypted_pass; 76 77 /* Updating PasswordLastChange Attribute if desired */ 78 if ($lchattr = $rcmail->config->get('password_ldap_lchattr')) { 92 $entree[$pwattr] = $crypted_pass; 93 94 // Update PasswordLastChange Attribute if desired 95 if ($lchattr) { 79 96 $entree[$lchattr] = (int)(time() / 86400); 80 97 } 81 98 82 /* Update Samba password fields */ 83 if ($smbattr = $rcmail->config->get('password_ldap_samba')) { 84 $sambaNTPassword = hash('md4', rcube_charset_convert($passwd, RCMAIL_CHARSET, 'UTF-16LE')); 85 $entree['sambaNTPassword'] = $sambaNTPassword; 86 $entree['sambaPwdLastSet'] = time(); 99 // Update Samba password 100 if ($smbpwattr) { 101 $entree[$smbpwattr] = $samba_pass; 102 } 103 104 // Update Samba password last change 105 if ($smblchattr) { 106 $entree[$smblchattr] = time(); 87 107 } 88 108 … … 92 112 } 93 113 94 / * All done, no error */114 // All done, no error 95 115 ldap_unbind($ds); 96 116 return PASSWORD_SUCCESS; … … 216 236 } 217 237 break; 238 case 'samba': 239 if (function_exists('hash')) { 240 $crypted_password = hash('md4', rcube_charset_convert($password_clear, RCMAIL_CHARSET, 'UTF-16LE')); 241 } else { 242 /* Your PHP install does not have the hash() function */ 243 return false; 244 } 245 break; 218 246 case 'clear': 219 247 default: -
trunk/plugins/password/package.xml
r4507 r4529 38 38 - Fix double request when clicking on Password tab in Firefox 39 39 - Fix deprecated split() usage in xmail and directadmin drivers (#1487769) 40 - ldap/ldap_simple drivers: use password_ldap_samba_pwattr/password_ldap_samba_lchattr 41 instead of password_ldap_samba option 40 42 </notes> 41 43 <contents>
Note: See TracChangeset
for help on using the changeset viewer.
