githubFork/roundcubemail.git

			@@ -14,19 +14,19 @@
			{
			$rcmail = rcmail::get_instance();

			/* Connect */
			// Connect
			if (!$ds = ldap_connect($rcmail->config->get('password_ldap_host'), $rcmail->config->get('password_ldap_port'))) {
			ldap_unbind($ds);
			return PASSWORD_CONNECT_ERROR;
			}

			/* Set protocol version */
			// Set protocol version
			if (!ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $rcmail->config->get('password_ldap_version'))) {
			ldap_unbind($ds);
			return PASSWORD_CONNECT_ERROR;
			}

			/* Start TLS */
			// Start TLS
			if ($rcmail->config->get('password_ldap_starttls')) {
			if (!ldap_start_tls($ds)) {
			ldap_unbind($ds);
			@@ -34,7 +34,7 @@
			}
			}

			/* Build user DN */
			// Build user DN
			if ($user_dn = $rcmail->config->get('password_ldap_userDN_mask')) {
			$user_dn = ldap_simple_substitute_vars($user_dn);
			} else {
			@@ -46,7 +46,7 @@
			return PASSWORD_CONNECT_ERROR;
			}

			/* Connection method */
			// Connection method
			switch ($rcmail->config->get('password_ldap_method')) {
			case 'admin':
			$binddn = $rcmail->config->get('password_ldap_adminDN');
			@@ -59,31 +59,51 @@
			break;
			}

			/* Bind */

			$crypted_pass = ldap_simple_hash_password($passwd, $rcmail->config->get('password_ldap_encodage'));
			$lchattr = $rcmail->config->get('password_ldap_lchattr');
			$pwattr = $rcmail->config->get('password_ldap_pwattr');
			$smbpwattr = $rcmail->config->get('password_ldap_samba_pwattr');
			$smblchattr = $rcmail->config->get('password_ldap_samba_lchattr');
			$samba = $rcmail->config->get('password_ldap_samba');

			// Support password_ldap_samba option for backward compat.
			if ($samba && !$smbpwattr) {
			$smbpwattr = 'sambaNTPassword';
			$smblchattr = 'sambaPwdLastSet';
			}

			// Crypt new password
			if (!$crypted_pass) {
			return PASSWORD_CRYPT_ERROR;
			}

			// Crypt new Samba password
			if ($smbpwattr && !($samba_pass = ldap_simple_hash_password($passwd, 'samba'))) {
			return PASSWORD_CRYPT_ERROR;
			}

			// Bind
			if (!ldap_bind($ds, $binddn, $bindpw)) {
			ldap_unbind($ds);
			return PASSWORD_CONNECT_ERROR;
			}

			/* Crypting new password */
			$crypted_pass = ldap_simple_hash_password($passwd, $rcmail->config->get('password_ldap_encodage'));
			if (!$crypted_pass) {
			ldap_unbind($ds);
			return PASSWORD_CRYPT_ERROR;
			}
			$entree[$pwattr] = $crypted_pass;

			$entree[$rcmail->config->get('password_ldap_pwattr')] = $crypted_pass;

			/* Updating PasswordLastChange Attribute if desired */
			if ($lchattr = $rcmail->config->get('password_ldap_lchattr')) {
			// Update PasswordLastChange Attribute if desired
			if ($lchattr) {
			$entree[$lchattr] = (int)(time() / 86400);
			}

			/* Update Samba password fields */
			if ($smbattr = $rcmail->config->get('password_ldap_samba')) {
			$sambaNTPassword = hash('md4', rcube_charset_convert($passwd, RCMAIL_CHARSET, 'UTF-16LE'));
			$entree['sambaNTPassword'] = $sambaNTPassword;
			$entree['sambaPwdLastSet'] = time();
			// Update Samba password
			if ($smbpwattr) {
			$entree[$smbpwattr] = $samba_pass;
			}

			// Update Samba password last change
			if ($smblchattr) {
			$entree[$smblchattr] = time();
			}

			if (!ldap_modify($ds, $user_dn, $entree)) {
			@@ -91,7 +111,7 @@
			return PASSWORD_CONNECT_ERROR;
			}

			/* All done, no error */
			// All done, no error
			ldap_unbind($ds);
			return PASSWORD_SUCCESS;
			}
			@@ -215,6 +235,14 @@
			return false;
			}
			break;
			case 'samba':
			if (function_exists('hash')) {
			$crypted_password = hash('md4', rcube_charset_convert($password_clear, RCMAIL_CHARSET, 'UTF-16LE'));
			} else {
			/* Your PHP install does not have the hash() function */
			return false;
			}
			break;
			case 'clear':
			default:
			$crypted_password = $password_clear;