| plugins/password/README | ●●●●● patch | view | raw | blame | history | |
| plugins/password/config.inc.php | ●●●●● patch | view | raw | blame | history | |
| plugins/password/drivers/poppassd.php | ●●●●● patch | view | raw | blame | history | |
| plugins/password/localization/en_US.inc | ●●●●● patch | view | raw | blame | history | |
| plugins/password/localization/et_EE.inc | ●●●●● patch | view | raw | blame | history | |
| plugins/password/localization/hu_HU.inc | ●●●●● patch | view | raw | blame | history | |
| plugins/password/localization/nl_NL.inc | ●●●●● patch | view | raw | blame | history | |
| plugins/password/localization/pl_PL.inc | ●●●●● patch | view | raw | blame | history | |
| plugins/password/password.php | ●●●●● patch | view | raw | blame | history |
plugins/password/README
@@ -6,18 +6,18 @@ methods (drivers) via Settings/Password tab. ----------------------------------------------------------------------- This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. @version 1.2 @author Aleksander 'A.L.E.C' Machniak <alec@alec.pl> @@ -28,6 +28,7 @@ 2. Drivers 2.1. Database (sql) 2.2. Cyrus/SASL (sasl) 2.3. Poppassd/Courierpassd (poppassd) 3. Driver API @@ -50,7 +51,7 @@ You can specify which database to connect by 'password_db_dsn' option and what SQL query to execute by 'password_query'. See main.inc.php file for more info. Example implementations of an update_passwd function: - This is for use with LMS (http://lms.org.pl) database and postgres: @@ -84,16 +85,16 @@ END Example SQL UPDATEs: - Plain text passwords: UPDATE users SET password=%p WHERE username=%u AND password=%o AND domain=%h LIMIT 1 - Crypt text passwords: UPDATE users SET password=%c WHERE username=%u LIMIT 1 - Use a MYSQL crypt function (*nix only) with random 8 character salt UPDATE users SET password=ENCRYPT(%p,concat(_utf8'$1$',right(md5(rand()),8),_utf8'$')) WHERE username=%u LIMIT 1 - MD5 stored passwords: UPDATE users SET password=MD5(%p) WHERE username=%u AND password=MD5(%o) LIMIT 1 @@ -127,7 +128,7 @@ Compile the wrapper program: gcc -o chgsaslpasswd chgsaslpasswd.c Chown the chgsaslpasswd and chgsaslpasswd.sh to the cyrus user and group Chown the chgsaslpasswd and chgsaslpasswd.sh to the cyrus user and group that your browser runs as, then chmod them to 4550. For example, if your cyrus user is 'cyrus' and the apache server group is @@ -149,11 +150,18 @@ This could save you some headaches if you are the paranoid type. 2.3. Poppassd/Courierpassd (poppassd) ---------------------------- You can specify which host to connect to via `password_pop_host` and what port via `password_pop_port`. See config.inc.php file for more info. 3. Driver API ------------- Driver file (<driver_name>.php) must define 'password_save' function with two arguments. First - current password, second - new password. Function may return PASSWORD_SUCCESS on success or PASSWORD_ERROR on any error. may return PASSWORD_SUCCESS on success or any of PASSWORD_CONNECT_ERROR, PASSWORD_CRYPT_ERROR, PASSWORD_ERROR when driver was unable to change password. See existing drivers in drivers/ directory for examples.
@@ -3,11 +3,11 @@ // Password Plugin options // ----------------------- // A driver to use for password change. Default: "sql". $rcmail_config['password_driver'] = 'sql'; $rcmail_config['password_driver'] = 'poppassd'; // Determine whether current password is required to change password. // Default: false. $rcmail_config['password_confirm_current'] = false; $rcmail_config['password_confirm_current'] = true; // SQL Driver options @@ -25,7 +25,16 @@ // %o is replaced with the password before the change // %h is replaced with the imap host (from the session info) // Escaping of macros is handled by this module. // Default: "SELECT update_passwd(%c, %u)" // Default: "SELECT update_passwd(%c, %u)" $rcmail_config['password_query'] = 'SELECT update_passwd(%c, %u)'; // Poppassd Driver options // ----------------------- // The host which changes the password $rcmail_config['password_pop_host'] = 'localhost'; // TCP port used for poppassd connections $rcmail_config['password_pop_port'] = 106; ?> plugins/password/drivers/poppassd.php
New file @@ -0,0 +1,56 @@ <?php /** * Poppassd Password Driver * * Driver to change passwords via Poppassd/Courierpassd * * @version 1.0 * @author Philip Weir * */ function password_save($curpass, $passwd) { $rcmail = rcmail::get_instance(); // include('Net/Socket.php'); $poppassd = new Net_Socket(); if (PEAR::isError($poppassd->connect($rcmail->config->get('password_pop_host'), $rcmail->config->get('password_pop_port'), null))) { return PASSWORD_CONNECT_ERROR; } else { $result = $poppassd->readLine(); if(!preg_match('/^2\d\d/', $result)) { $poppassd->disconnect(); return PASSWORD_ERROR; } else { $poppassd->writeLine("user ". $_SESSION['username']); $result = $poppassd->readLine(); if(!preg_match('/^[23]\d\d/', $result) ) { $poppassd->disconnect(); return PASSWORD_CONNECT_ERROR; } else { $poppassd->writeLine("pass ". $curpass); $result = $poppassd->readLine(); if(!preg_match('/^[23]\d\d/', $result) ) { $poppassd->disconnect(); return PASSWORD_ERROR; } else { $poppassd->writeLine("newpass ". $passwd); $result = $poppassd->readLine(); $poppassd->disconnect(); if (!preg_match('/^2\d\d/', $result)) return PASSWORD_ERROR; else return PASSWORD_SUCCESS; } } } } } ?> plugins/password/localization/en_US.inc
@@ -11,7 +11,8 @@ $messages['nocurpassword'] = 'Please input current password.'; $messages['passwordincorrect'] = 'Current password incorrect.'; $messages['passwordinconsistency'] = 'Passwords do not match, please try again.'; $messages['nocryptfunction'] = 'The server is missing a function to encrypt your password.'; $messages['crypterror'] = 'Could not save new password. Encrypt function missing.'; $messages['connecterror'] = 'Could not save new password. Connection error.'; $messages['internalerror'] = 'Could not save new password.'; ?> plugins/password/localization/et_EE.inc
@@ -11,7 +11,7 @@ $messages['nocurpassword'] = 'Palun sisesta vana parool.'; $messages['passwordincorrect'] = 'Vana parool on vale.'; $messages['passwordinconsistency'] = 'Paroolid ei kattu, palun proovi uuesti.'; $messages['nocryptfunction'] = 'Serveris ei ole parooli krüpteerimiseks vajalikku funktsiooni.'; $messages['crypterror'] = 'Serveris ei ole parooli krüpteerimiseks vajalikku funktsiooni.'; $messages['internalerror'] = 'Uue parooli andmebaasi salvestamine nurjus.'; ?> plugins/password/localization/hu_HU.inc
@@ -11,7 +11,7 @@ $messages['nocurpassword'] = 'Kérjük adja meg a jelenlegi jelszót.'; $messages['passwordincorrect'] = 'Érvénytelen a jelenlegi jelszó.'; $messages['passwordinconsistency'] = 'A két új jelszó nem egyezik.'; $messages['nocryptfunction'] = 'Hiba történt a kérés feldolgozása során.'; $messages['crypterror'] = 'Hiba történt a kérés feldolgozása során.'; $messages['internalerror'] = 'Hiba történt a kérés feldolgozása során.'; ?> plugins/password/localization/nl_NL.inc
@@ -11,7 +11,7 @@ $messages['nocurpassword'] = 'vul het huidige wachtwoord in.'; $messages['passwordincorrect'] = 'Huidig wachtwoord is onjuist.'; $messages['passwordinconsistency'] = 'Wachtwoorden komen niet overeen, probeer het opnieuw.'; $messages['nocryptfunction'] = 'De server mist een functie om uw wachtwoord et beveiligen.'; $messages['crypterror'] = 'De server mist een functie om uw wachtwoord et beveiligen.'; $messages['internalerror'] = 'Uw wachtwoord kan niet worden opgeslagen.'; ?> plugins/password/localization/pl_PL.inc
@@ -11,7 +11,8 @@ $messages['nocurpassword'] = 'Wprowadź aktualne hasło.'; $messages['passwordincorrect'] = 'Błędne aktualne hasło, spróbuj ponownie.'; $messages['passwordinconsistency'] = 'Hasła nie pasują, spróbuj ponownie.'; $messages['nocryptfunction'] = 'Nie udało się zapisać nowego hasła. Brak funkcji kodującej.'; $messages['crypterror'] = 'Nie udało się zapisać nowego hasła. Brak funkcji kodującej.'; $messages['connecterror'] = 'Nie udało się zapisać nowego hasła. Błąd połączenia.'; $messages['internalerror'] = 'Nie udało się zapisać nowego hasła.'; ?> plugins/password/password.php
@@ -3,7 +3,7 @@ /* +-------------------------------------------------------------------------+ | Password Plugin for Roundcube | | Version 1.2 | | Version 1.3 | | | | Copyright (C) 2009, RoundCube Dev. - Switzerland | | | @@ -30,6 +30,7 @@ define('PASSWORD_CRYPT_ERROR', 1); define('PASSWORD_ERROR', 2); define('PASSWORD_CONNECT_ERROR', 3); define('PASSWORD_SUCCESS', 0); class password extends rcube_plugin @@ -192,7 +193,9 @@ case PASSWORD_SUCCESS: return; case PASSWORD_CRYPT_ERROR; return $this->gettext('nocryptfunction'); return $this->gettext('crypterror'); case PASSWORD_CONNECT_ERROR; return $this->gettext('connecterror'); case PASSWORD_ERROR: default: return $this->gettext('internalerror');
