githubFork/roundcubemail.git

			@@ -38,7 +38,8 @@
			// Building user DN
			if ($userDN = $rcmail->config->get('password_ldap_userDN_mask')) {
			$userDN = self::substitute_vars($userDN);
			} else {
			}
			else {
			$userDN = $this->search_userdn($rcmail);
			}

			@@ -74,17 +75,29 @@
			$ldap = Net_LDAP2::connect($ldapConfig);

			// Checking for connection error
			if (PEAR::isError($ldap)) {
			if (is_a($ldap, 'PEAR_Error')) {
			return PASSWORD_CONNECT_ERROR;
			}

			$crypted_pass = self::hash_password($passwd, $rcmail->config->get('password_ldap_encodage'));
			$force = $rcmail->config->get('password_ldap_force_replace');
			$pwattr = $rcmail->config->get('password_ldap_pwattr');
			$lchattr = $rcmail->config->get('password_ldap_lchattr');
			$smbpwattr = $rcmail->config->get('password_ldap_samba_pwattr');
			$smblchattr = $rcmail->config->get('password_ldap_samba_lchattr');
			$samba = $rcmail->config->get('password_ldap_samba');
			$encodage = $rcmail->config->get('password_ldap_encodage');

			// Support multiple userPassword values where desired.
			// multiple encodings can be specified separated by '+' (e.g. "cram-md5+ssha")
			$encodages = explode('+', $encodage);
			$crypted_pass = array();

			foreach ($encodages as $enc) {
			$cpw = self::hash_password($passwd, $enc);
			if (!empty($cpw)) {
			$crypted_pass[] = $cpw;
			}
			}

			// Support password_ldap_samba option for backward compat.
			if ($samba && !$smbpwattr) {
			@@ -93,7 +106,7 @@
			}

			// Crypt new password
			if (!$crypted_pass) {
			if (empty($crypted_pass)) {
			return PASSWORD_CRYPT_ERROR;
			}

			@@ -163,7 +176,7 @@

			$ldap = Net_LDAP2::connect($ldapConfig);

			if (PEAR::isError($ldap)) {
			if (is_a($ldap, 'PEAR_Error')) {
			return '';
			}

			@@ -176,7 +189,7 @@

			$result = $ldap->search($base, $filter, $options);
			$ldap->done();
			if (PEAR::isError($result) \|\| ($result->count() != 1)) {
			if (is_a($result, 'PEAR_Error') \|\| ($result->count() != 1)) {
			return '';
			}

			@@ -246,8 +259,12 @@
			return false;
			}

			/* Hardcoded to second blowfish version and set number of rounds */
			$crypted_password = '{CRYPT}' . crypt($password_clear, '$2a$12$' . self::random_salt(13));
			$rcmail = rcmail::get_instance();
			$cost = (int) $rcmail->config->get('password_blowfish_cost');
			$cost = $cost < 4 \|\| $cost > 31 ? 12 : $cost;
			$prefix = sprintf('$2a$%02d$', $cost);

			$crypted_password = '{CRYPT}' . crypt($password_clear, $prefix . self::random_salt(22));
			break;

			case 'md5':
			@@ -277,7 +294,7 @@

			if (function_exists('mhash') && function_exists('mhash_keygen_s2k')) {
			$salt = mhash_keygen_s2k(MHASH_SHA1, $password_clear, $salt, 4);
			$password = mhash(MHASH_MD5, $password_clear . $salt);
			$password = mhash(MHASH_SHA1, $password_clear . $salt);
			}
			else if (function_exists('sha1')) {
			$salt = substr(pack("H*", sha1($salt . $password_clear)), 0, 4);
			@@ -296,6 +313,7 @@
			return false;
			}
			break;


			case 'smd5':
			mt_srand((double) microtime() * 1000000);
			@@ -332,6 +350,11 @@
			$crypted_password = rcube_charset::convert('"' . $password_clear . '"', RCUBE_CHARSET, 'UTF-16LE');
			break;

			case 'cram-md5':
			require_once __DIR__ . '/../helpers/dovecot_hmacmd5.php';
			return dovecot_hmacmd5($password_clear);
			break;

			case 'clear':
			default:
			$crypted_password = $password_clear;