From 53a224f6c7990a2b24000f597216abed6f67126b Mon Sep 17 00:00:00 2001 From: alec Date: Wed, 26 Oct 2011 11:53:23 +0000 Subject: - Improve generated crypt() passwords (#1488136) git-svn-id: https://svn.roundcube.net/trunk@5367 208e9e7b-5314-0410-a742-e7e81cd9613c --- plugins/password/drivers/sql.php | 11 ++++++++--- plugins/password/package.xml | 7 ++++--- 2 files changed, 12 insertions(+), 6 deletions(-) (limited to 'plugins') diff --git a/plugins/password/drivers/sql.php b/plugins/password/drivers/sql.php index 836a58a44..ad8ac5f6b 100644 --- a/plugins/password/drivers/sql.php +++ b/plugins/password/drivers/sql.php @@ -37,16 +37,21 @@ function password_save($curpass, $passwd) // crypted password if (strpos($sql, '%c') !== FALSE) { $salt = ''; - if (CRYPT_MD5) { - $len = rand(3, CRYPT_SALT_LENGTH); + if (CRYPT_MD5) { + // Always use eight salt characters for MD5 (#1488136) + $len = 8; } else if (CRYPT_STD_DES) { $len = 2; } else { return PASSWORD_CRYPT_ERROR; } + + //Restrict the character set used as salt (#1488136) + $seedchars = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; for ($i = 0; $i < $len ; $i++) { - $salt .= chr(rand(ord('.'), ord('z'))); + $salt .= $seedchars[rand(0, 63)]; } + $sql = str_replace('%c', $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt)), $sql); } diff --git a/plugins/password/package.xml b/plugins/password/package.xml index 69cef072f..60509da5e 100644 --- a/plugins/password/package.xml +++ b/plugins/password/package.xml @@ -15,10 +15,10 @@ alec@alec.pl yes - - + 2011-10-26 + - + 2.3 1.6 @@ -31,6 +31,7 @@ - Fixed Samba password hashing in 'ldap' driver - Added 'password_change' hook for plugin actions after successful password change - Fixed bug where 'doveadm pw' command was used as dovecotpw utility +- Improve generated crypt() passwords (#1488136) -- cgit v1.2.3