- Improve generated crypt() passwords (#1488136)

git-svn-id: https://svn.roundcube.net/trunk@5367 208e9e7b-5314-0410-a742-e7e81cd9613c

2 files changed, 12 insertions, 6 deletions

diff --git a/plugins/password/drivers/sql.php b/plugins/password/drivers/sql.php
index 836a58a44..ad8ac5f6b 100644
--- a/plugins/password/drivers/sql.php
+++ b/plugins/password/drivers/sql.php
@@ -37,16 +37,21 @@ function password_save($curpass, $passwd)
     // crypted password
     if (strpos($sql, '%c') !== FALSE) {
         $salt = '';
-        if (CRYPT_MD5) { 
-    	    $len = rand(3, CRYPT_SALT_LENGTH);
+        if (CRYPT_MD5) {
+            // Always use eight salt characters for MD5 (#1488136)
+    	    $len = 8;
         } else if (CRYPT_STD_DES) {
     	    $len = 2;
         } else {
     	    return PASSWORD_CRYPT_ERROR;
         }
+
+        //Restrict the character set used as salt (#1488136)
+        $seedchars = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
         for ($i = 0; $i < $len ; $i++) {
-    	    $salt .= chr(rand(ord('.'), ord('z')));
+    	    $salt .= $seedchars[rand(0, 63)];
         }
+
         $sql = str_replace('%c',  $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt)), $sql);
     }
 
diff --git a/plugins/password/package.xml b/plugins/password/package.xml
index 69cef072f..60509da5e 100644
--- a/plugins/password/package.xml
+++ b/plugins/password/package.xml
@@ -15,10 +15,10 @@
 		<email>alec@alec.pl</email>
 		<active>yes</active>
 	</lead>
-	<date></date>
-	<time></time>
+	<date>2011-10-26</date>
+	<time>12:00</time>
 	<version>
-		<release></release>
+		<release>2.3</release>
 		<api>1.6</api>
 	</version>
 	<stability>
@@ -31,6 +31,7 @@
 - Fixed Samba password hashing in 'ldap' driver
 - Added 'password_change' hook for plugin actions after successful password change
 - Fixed bug where 'doveadm pw' command was used as dovecotpw utility
+- Improve generated crypt() passwords (#1488136)
     </notes>
 	<contents>
 		<dir baseinstalldir="/" name="/">