From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
plugins/password/drivers/gearman.php | 86 ++++++++++++++++++++++++++----------------
1 files changed, 53 insertions(+), 33 deletions(-)
diff --git a/plugins/password/drivers/gearman.php b/plugins/password/drivers/gearman.php
index 6c1ad3c..983aee0 100644
--- a/plugins/password/drivers/gearman.php
+++ b/plugins/password/drivers/gearman.php
@@ -1,4 +1,5 @@
<?php
+
/**
* Gearman Password Driver
*
@@ -7,44 +8,63 @@
*
* @version 1.0
* @author Mohammad Anwari <mdamt@mdamt.net>
+ *
+ * Copyright (C) 2005-2014, The Roundcube Dev Team
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see http://www.gnu.org/licenses/.
*/
class rcube_gearman_password
{
- function save($currpass, $newpass)
- {
- $user = $_SESSION['username'];
- $rcmail = rcmail::get_instance();
+ function save($currpass, $newpass)
+ {
+ if (extension_loaded('gearman')) {
+ $rcmail = rcmail::get_instance();
+ $user = $_SESSION['username'];
+ $payload = array(
+ 'username' => $user,
+ 'oldPassword' => $currpass,
+ 'newPassword' => $newpass,
+ );
- if (extension_loaded('gearman')) {
- $success = false;
- $gmc= new GearmanClient();
+ $gmc = new GearmanClient();
+ $gmc->addServer($rcmail->config->get('password_gearman_host'));
- $gmc->addServer($rcmail->config->get('password_gearman_host'));
- $payload = array("username" => $user, "oldPassword" => $currpass, "newPassword" => $newpass);
- $result = $gmc->doNormal("setPassword", json_encode($payload));
- $success = json_decode($result);
- if ($success->result == 1) {
- return PASSWORD_SUCCESS;
- } else {
- rcube::raise_error(array(
- 'code' => 600,
- 'type' => 'php',
- 'file' => __FILE__, 'line' => __LINE__,
- 'message' => "Password plugin: Gearman authentication failed for user $user: $error"
- ), true, false);
- }
+ $result = $gmc->doNormal('setPassword', json_encode($payload));
+ $success = json_decode($result);
+
+ if ($success && $success->result == 1) {
+ return PASSWORD_SUCCESS;
+ }
+ else {
+ rcube::raise_error(array(
+ 'code' => 600,
+ 'type' => 'php',
+ 'file' => __FILE__, 'line' => __LINE__,
+ 'message' => "Password plugin: Gearman authentication failed for user $user: $error"
+ ), true, false);
+ }
+ }
+ else {
+ rcube::raise_error(array(
+ 'code' => 600,
+ 'type' => 'php',
+ 'file' => __FILE__, 'line' => __LINE__,
+ 'message' => "Password plugin: PECL Gearman module not loaded"
+ ), true, false);
+ }
+
+ return PASSWORD_ERROR;
}
- else {
- rcube::raise_error(array(
- 'code' => 600,
- 'type' => 'php',
- 'file' => __FILE__, 'line' => __LINE__,
- 'message' => "Password plugin: PECL Gearman module not loaded"
- ), true, false);
- }
-
- return PASSWORD_ERROR;
- }
}
-?>
--
Gitblit v1.9.1