diff options
| author | alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2011-10-08 07:00:30 +0000 |
|---|---|---|
| committer | alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2011-10-08 07:00:30 +0000 |
| commit | bf074a176c8702d92f044e67e70197b9d7cd8e97 (patch) | |
| tree | 8527dbd220db2ba72a512ccc5301d5387f278af8 | |
| parent | 08ab571eee4a94b5ff31b946b31cbd256d3330fc (diff) | |
- Fixed bug where 'doveadm pw' command was used as dovecotpw utility
git-svn-id: https://svn.roundcube.net/trunk@5323 208e9e7b-5314-0410-a742-e7e81cd9613c
| -rw-r--r-- | plugins/password/drivers/sql.php | 10 | ||||
| -rw-r--r-- | plugins/password/package.xml | 1 |
2 files changed, 6 insertions, 5 deletions
diff --git a/plugins/password/drivers/sql.php b/plugins/password/drivers/sql.php index 9ea33df2f..836a58a44 100644 --- a/plugins/password/drivers/sql.php +++ b/plugins/password/drivers/sql.php @@ -5,7 +5,7 @@ * * Driver for passwords stored in SQL database * - * @version 1.3 + * @version 1.4 * @author Aleksander 'A.L.E.C' Machniak <alec@alec.pl> * */ @@ -61,7 +61,7 @@ function password_save($curpass, $passwd) $tmp_dir = $rcmail->config->get('temp_dir'); $tmpfile = tempnam($tmp_dir, 'roundcube-'); - $pipe = popen("'$dovecotpw' -s '$method' > '$tmpfile'", "w"); + $pipe = popen("$dovecotpw -s '$method' > '$tmpfile'", "w"); if (!$pipe) { unlink($tmpfile); return PASSWORD_CRYPT_ERROR; @@ -97,15 +97,15 @@ function password_save($curpass, $passwd) if (!($hash_algo = strtolower($rcmail->config->get('password_hash_algorithm')))) $hash_algo = 'sha1'; - + $hash_passwd = hash($hash_algo, $passwd); $hash_curpass = hash($hash_algo, $curpass); - + if ($rcmail->config->get('password_hash_base64')) { $hash_passwd = base64_encode(pack('H*', $hash_passwd)); $hash_curpass = base64_encode(pack('H*', $hash_curpass)); } - + $sql = str_replace('%n', $db->quote($hash_passwd, 'text'), $sql); $sql = str_replace('%q', $db->quote($hash_curpass, 'text'), $sql); } diff --git a/plugins/password/package.xml b/plugins/password/package.xml index a4f74c192..69cef072f 100644 --- a/plugins/password/package.xml +++ b/plugins/password/package.xml @@ -30,6 +30,7 @@ - When old and new passwords are the same, do nothing, return success (#1487823) - Fixed Samba password hashing in 'ldap' driver - Added 'password_change' hook for plugin actions after successful password change +- Fixed bug where 'doveadm pw' command was used as dovecotpw utility </notes> <contents> <dir baseinstalldir="/" name="/"> |