From af9701630d5a04924e5f28d34f5346f20e7875e2 Mon Sep 17 00:00:00 2001 From: alec Date: Thu, 30 Sep 2010 07:02:52 +0000 Subject: - Added password_ldap_lchattr option (#1486927) git-svn-id: https://svn.roundcube.net/trunk@4019 208e9e7b-5314-0410-a742-e7e81cd9613c --- plugins/password/config.inc.php.dist | 6 ++++++ plugins/password/drivers/ldap.php | 13 ++++++++++--- plugins/password/drivers/ldap_simple.php | 11 +++++++++-- plugins/password/package.xml | 26 +++++++++++++++++++++----- 4 files changed, 46 insertions(+), 10 deletions(-) (limited to 'plugins') diff --git a/plugins/password/config.inc.php.dist b/plugins/password/config.inc.php.dist index cd819d1b3..cf8c4f3d3 100644 --- a/plugins/password/config.inc.php.dist +++ b/plugins/password/config.inc.php.dist @@ -187,6 +187,12 @@ $rcmail_config['password_ldap_pwattr'] = 'userPassword'; // Default: true $rcmail_config['password_ldap_force_replace'] = true; +// LDAP Password Last Change Date +// Some places use an attribute to store the date of the last password change +// The date is meassured in "days since epoch" (an integer value) +// Whenever the password is changed, the attribute will be updated if set (e.g. shadowLastChange) +$rcmail_config['password_ldap_lchattr'] = ''; + // DirectAdmin Driver options // -------------------------- diff --git a/plugins/password/drivers/ldap.php b/plugins/password/drivers/ldap.php index f86abd7f4..c5cb2328a 100644 --- a/plugins/password/drivers/ldap.php +++ b/plugins/password/drivers/ldap.php @@ -80,12 +80,21 @@ function password_save($curpass, $passwd) if (!$userEntry->replace(array($pwattr => $newCryptedPassword), $force)) { return PASSWORD_CONNECT_ERROR; } + + // Updating PasswordLastChange Attribute if desired + if ($lchattr = $rcmail->config->get('password_ldap_lchattr')) { + $current_day = (int)(time() / 86400); + if (!$userEntry->replace(array($lchattr => $current_day), $force)) { + return PASSWORD_CONNECT_ERROR; + } + } + if (Net_LDAP2::isError($userEntry->update())) { return PASSWORD_CONNECT_ERROR; } // All done, no error - return PASSWORD_SUCCESS; + return PASSWORD_SUCCESS; } /** @@ -269,5 +278,3 @@ function randomSalt( $length ) return $str; } - -?> diff --git a/plugins/password/drivers/ldap_simple.php b/plugins/password/drivers/ldap_simple.php index fbe2edd97..541afa96b 100644 --- a/plugins/password/drivers/ldap_simple.php +++ b/plugins/password/drivers/ldap_simple.php @@ -1,4 +1,5 @@ config->get('password_ldap_host'), $rcmail->config->get('password_ldap_port'))) { ldap_unbind($ds); @@ -24,7 +25,7 @@ function password_save($curpass, $passwd) ldap_unbind($ds); return PASSWORD_CONNECT_ERROR; } - + /* Start TLS */ if ($rcmail->config->get('password_ldap_starttls')) { if (!ldap_start_tls($ds)) { @@ -72,6 +73,12 @@ function password_save($curpass, $passwd) } $entree[$rcmail->config->get('password_ldap_pwattr')] = $passwd; + + /* Updating PasswordLastChange Attribute if desired */ + if ($lchattr = $rcmail->config->get('password_ldap_lchattr')) { + $entree[$lchattr] = (int)(time() / 86400) + } + if (!ldap_modify($ds, $user_dn, $entree)) { ldap_unbind($ds); diff --git a/plugins/password/package.xml b/plugins/password/package.xml index 26ce9a991..1b754d9d3 100644 --- a/plugins/password/package.xml +++ b/plugins/password/package.xml @@ -15,10 +15,10 @@ alec@alec.pl yes - 2010-09-29 - + 2010-09-30 + - 1.8 + 1.9 1.6 @@ -27,8 +27,7 @@ GNU GPLv2 -- Added possibility to display extended error messages (#1486704) -- Added extended error messages in Poppassd driver (#1486704) +- Added password_ldap_lchattr option (#1486927) @@ -170,5 +169,22 @@ - Added chpass-wrapper.py script to improve security (#1486987) + + 2010-09-29 + + + 1.8 + 1.6 + + + stable + stable + + GNU GPLv2 + +- Added possibility to display extended error messages (#1486704) +- Added extended error messages in Poppassd driver (#1486704) + + -- cgit v1.2.3