From a3644638aaf0418598196a870204e0b632a4c8ad Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Fri, 17 Apr 2015 06:28:40 -0400
Subject: [PATCH] Allow preference sections to define CSS class names

---
 plugins/password/drivers/ldap.php |   17 +++++++++--------
 1 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/plugins/password/drivers/ldap.php b/plugins/password/drivers/ldap.php
index ac2ea3b..6ed5ada 100644
--- a/plugins/password/drivers/ldap.php
+++ b/plugins/password/drivers/ldap.php
@@ -75,7 +75,7 @@
         $ldap = Net_LDAP2::connect($ldapConfig);
 
         // Checking for connection error
-        if (PEAR::isError($ldap)) {
+        if (is_a($ldap, 'PEAR_Error')) {
             return PASSWORD_CONNECT_ERROR;
         }
 
@@ -176,7 +176,7 @@
 
         $ldap = Net_LDAP2::connect($ldapConfig);
 
-        if (PEAR::isError($ldap)) {
+        if (is_a($ldap, 'PEAR_Error')) {
             return '';
         }
 
@@ -189,7 +189,7 @@
 
         $result = $ldap->search($base, $filter, $options);
         $ldap->done();
-        if (PEAR::isError($result) || ($result->count() != 1)) {
+        if (is_a($result, 'PEAR_Error') || ($result->count() != 1)) {
             return '';
         }
 
@@ -259,8 +259,12 @@
                 return false;
             }
 
-            /* Hardcoded to second blowfish version and set number of rounds */
-            $crypted_password = '{CRYPT}' . crypt($password_clear, '$2a$12$' . self::random_salt(13));
+            $rcmail = rcmail::get_instance();
+            $cost   = (int) $rcmail->config->get('password_blowfish_cost');
+            $cost   = $cost < 4 || $cost > 31 ? 12 : $cost;
+            $prefix = sprintf('$2a$%02d$', $cost);
+
+            $crypted_password = '{CRYPT}' . crypt($password_clear, $prefix . self::random_salt(22));
             break;
 
         case 'md5':
@@ -285,7 +289,6 @@
             break;
 
         case 'ssha':
-            mt_srand((double) microtime() * 1000000);
             $salt = substr(pack('h*', md5(mt_rand())), 0, 8);
 
             if (function_exists('mhash') && function_exists('mhash_keygen_s2k')) {
@@ -312,7 +315,6 @@
 
 
         case 'smd5':
-            mt_srand((double) microtime() * 1000000);
             $salt = substr(pack('h*', md5(mt_rand())), 0, 8);
 
             if (function_exists('mhash') && function_exists('mhash_keygen_s2k')) {
@@ -369,7 +371,6 @@
     {
         $possible = '0123456789' . 'abcdefghijklmnopqrstuvwxyz' . 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' . './';
         $str = '';
-        // mt_srand((double)microtime() * 1000000);
 
         while (strlen($str) < $length) {
             $str .= substr($possible, (rand() % strlen($possible)), 1);

--
Gitblit v1.9.1