diff options
author | Aleksander Machniak <alec@alec.pl> | 2022-08-15 11:22:16 +0300 |
---|---|---|
committer | Aleksander Machniak <alec@alec.pl> | 2022-08-15 11:22:16 +0300 |
commit | 66f61697748ff6d1c2ebf429d79e90b6d8e4638c (patch) | |
tree | abaeb1e1b26aef782d61d3c24a9cfad60a633965 | |
parent | f8817bf8cfcbf47cb8a27188bf22421355e09afb (diff) |
Update changelog for (#8525), CS fixes
-rw-r--r-- | CHANGELOG.md | 1 | ||||
-rw-r--r-- | plugins/password/README | 9 | ||||
-rw-r--r-- | plugins/password/composer.json | 2 | ||||
-rw-r--r-- | plugins/password/config.inc.php.dist | 2 | ||||
-rw-r--r-- | plugins/password/drivers/ldap_samba_ad.php | 10 |
5 files changed, 19 insertions, 5 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index d3179b0d4..129966241 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ - Advanced mail search syntax with more possibilities (without UI) (#8502) - Support for HAproxy protocol header in IMAP connections (#8625) - Enigma: Support Kolab's Web Of Anti-Trust feature (#8626) +- Password: Add ldap_samba_ad driver (#8525) - Managesieve: Support Sieverules disabled rule format (#8571) - Remove use of utf8_encode() and utf8_decode() functions deprecated in PHP 8.2 - Fix various PHP 8.1 warnings (#8628, #8644, #8667, #8656, #8647) diff --git a/plugins/password/README b/plugins/password/README index f460cd0b7..a00caafbf 100644 --- a/plugins/password/README +++ b/plugins/password/README @@ -52,6 +52,7 @@ 2.1.26. HTTP-API (httpapi) 2.1.27. dovecot_passwdfile 2.1.28. Mailcow + 2.1.29. LDAP Samba Active Directory (ldap_samba_ad) 2.2. Password Strength Drivers 2.2.1. Zxcvbn 2.2.2. Have I been pwned? (pwned) @@ -414,10 +415,18 @@ 2.1.28 Mailcow --------------------------- + Driver to change the password on Mailcow servers. See config.inc.php.dist file for configuration description. + 2.1.29. LDAP Samba Active Directory (ldap_samba_ad) + --------------------------------------------------- + + Password change via LDAP unicodePwd attribute supported by Active Directory. + Uses configuration for other LDAP drivers. + + 2.2. Password Strength Drivers ------------------------------ diff --git a/plugins/password/composer.json b/plugins/password/composer.json index fba1cc2f4..725ce7109 100644 --- a/plugins/password/composer.json +++ b/plugins/password/composer.json @@ -3,7 +3,7 @@ "type": "roundcube-plugin", "description": "Password Change for Roundcube. Plugin adds a possibility to change user password using many methods (drivers) via Settings/Password tab.", "license": "GPL-3.0-or-later", - "version": "5.3", + "version": "5.4", "authors": [ { "name": "Aleksander Machniak", diff --git a/plugins/password/config.inc.php.dist b/plugins/password/config.inc.php.dist index c38ce7c97..d91f9ae39 100644 --- a/plugins/password/config.inc.php.dist +++ b/plugins/password/config.inc.php.dist @@ -159,7 +159,7 @@ $config['password_pop_port'] = 106; $config['password_saslpasswd_args'] = ''; -// LDAP, LDAP_SIMPLE and LDAP_EXOP Driver options +// LDAP, LDAP_SIMPLE, LDAP_SAMBA_AD and LDAP_EXOP Driver options // ----------------------------------- // LDAP server name to connect to. // You can provide one or several hosts in an array in which case the hosts are tried from left to right. diff --git a/plugins/password/drivers/ldap_samba_ad.php b/plugins/password/drivers/ldap_samba_ad.php index 85a0c9907..a1979f1d5 100644 --- a/plugins/password/drivers/ldap_samba_ad.php +++ b/plugins/password/drivers/ldap_samba_ad.php @@ -38,7 +38,7 @@ class rcube_ldap_samba_ad_password extends rcube_ldap_simple_password rcube::raise_error([ 'code' => 100, 'type' => 'ldap', 'file' => __FILE__, 'line' => __LINE__, - 'message' => "ldap_mod_replace not supported" + 'message' => "ldap_mod_replace() not supported" ], true ); @@ -52,10 +52,14 @@ class rcube_ldap_samba_ad_password extends rcube_ldap_simple_password return $ret; } - $entry["unicodePwd"] = iconv("UTF-8", "UTF-16LE", '"' . $passwd . '"'); + $entry = [ + 'unicodePwd' => password::hash_password($passwd, 'ad') + ]; + + $this->_debug("C: Replace password for {$this->user}: " . print_r($entry, true)); if (!ldap_mod_replace($this->conn, $this->user, $entry)) { - $this->_debug("S: ".ldap_error($this->conn)); + $this->_debug("S: " . ldap_error($this->conn)); $errno = ldap_errno($this->conn); |