diff options
author | Johannes Prösl <hannes-github@netzding.de> | 2019-06-24 11:28:53 +0300 |
---|---|---|
committer | Aleksander Machniak <alec@alec.pl> | 2019-06-24 11:28:53 +0300 |
commit | 4644e3404f4d6a70e7918339ea53c4e28b0fd6d7 (patch) | |
tree | ae776671dd0c2e96ad5d536f74149a96250ce03b /plugins | |
parent | f99c16432af3b6d9500f9afe03f3d7f2004d13f6 (diff) |
Adding ssha512 password_algorithm (#6805)
* Added SSHA512 method to the hash_password function
Basically a copy of the ssha method this case is compatible with the dovecot ssha512 settings so there is no doveadm needed alongside with roundcube to update ssha512 passwords.
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/password/config.inc.php.dist | 2 | ||||
-rw-r--r-- | plugins/password/password.php | 22 |
2 files changed, 23 insertions, 1 deletions
diff --git a/plugins/password/config.inc.php.dist b/plugins/password/config.inc.php.dist index aaa497f33..5087b0d2d 100644 --- a/plugins/password/config.inc.php.dist +++ b/plugins/password/config.inc.php.dist @@ -45,7 +45,7 @@ $config['password_force_new_user'] = false; // Default password hashing/crypting algorithm. // Possible options: des-crypt, ext-des-crypt, md5-crypt, blowfish-crypt, -// sha256-crypt, sha512-crypt, md5, sha, smd5, ssha, samba, ad, dovecot, clear. +// sha256-crypt, sha512-crypt, md5, sha, smd5, ssha, ssha512, samba, ad, dovecot, clear. // For details see password::hash_password() method. $config['password_algorithm'] = 'clear'; diff --git a/plugins/password/password.php b/plugins/password/password.php index 728d81774..9be83ecec 100644 --- a/plugins/password/password.php +++ b/plugins/password/password.php @@ -640,6 +640,28 @@ class password extends rcube_plugin $prefix = '{SSHA}'; break; + case 'ssha512': + $salt = rcube_utils::random_bytes(8); + + if (function_exists('mhash') && function_exists('mhash_keygen_s2k')) { + $salt = mhash_keygen_s2k(MHASH_SHA512, $password, $salt, 4); + $crypted = mhash(MHASH_SHA512, $password . $salt); + } + else if (function_exists('hash')) { + $salt = substr(pack("H*", hash('sha512', $salt . $password)), 0, 4); + $crypted = hash('sha512', $password . $salt, true); + } + else { + rcube::raise_error(array( + 'code' => 600, 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Password plugin: Your PHP install does not have the mhash()/hash() function" + ), true, true); + } + + $crypted = base64_encode($crypted . $salt); + $prefix = '{SSHA512}'; + break; + case 'smd5': $salt = rcube_utils::random_bytes(8); |