From 25b30a78b7ff8536a65592deede7222d216e6e21 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 06 Sep 2015 12:15:49 -0400
Subject: [PATCH] Merge pull request #294 from syzop/password_crypt_rounds

---
 plugins/password/password.php |   14 ++++++++++++--
 1 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/plugins/password/password.php b/plugins/password/password.php
index 4dc5909..c184fe4 100644
--- a/plugins/password/password.php
+++ b/plugins/password/password.php
@@ -439,12 +439,22 @@
             break;
 
         case 'sha256-crypt':
-            $crypted = crypt($password, '$5$' . self::random_salt(16));
+            $rounds = (int) $rcmail->config->get('password_crypt_rounds');
+            if ($rounds < 1000)
+                $prefix = '$5$';
+            else
+                $prefix = '$5$rounds=' . $rounds . '$';
+            $crypted = crypt($password, $prefix . self::random_salt(16));
             $prefix  = '{CRYPT}';
             break;
 
         case 'sha512-crypt':
-            $crypted = crypt($password, '$6$' . self::random_salt(16));
+            $rounds = (int) $rcmail->config->get('password_crypt_rounds');
+            if ($rounds < 1000)
+                $prefix = '$6$';
+            else
+                $prefix = '$6$rounds=' . $rounds . '$';
+            $crypted = crypt($password, $prefix . self::random_salt(16));
             $prefix  = '{CRYPT}';
             break;
 

--
Gitblit v1.9.1