mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-13 03:27:39 +03:00
ChangePassword extensions use \SnappyMail\SensitiveString
This commit is contained in:
parent
9427b36633
commit
8c033f53fa
13 changed files with 70 additions and 56 deletions
|
|
@ -1,5 +1,7 @@
|
|||
<?php
|
||||
|
||||
use SnappyMail\SensitiveString;
|
||||
|
||||
class ChangePasswordISPConfigDriver
|
||||
{
|
||||
const
|
||||
|
|
@ -44,7 +46,7 @@ class ChangePasswordISPConfigDriver
|
|||
);
|
||||
}
|
||||
|
||||
public function ChangePassword(\RainLoop\Model\Account $oAccount, string $sPrevPassword, string $sNewPassword) : bool
|
||||
public function ChangePassword(\RainLoop\Model\Account $oAccount, SensitiveString $oPrevPassword, SensitiveString $oNewPassword) : bool
|
||||
{
|
||||
if (!\RainLoop\Plugins\Helper::ValidateWildcardValues($oAccount->Email(), $this->oConfig->Get('plugin', 'ispconfig_allowed_emails', ''))) {
|
||||
return false;
|
||||
|
|
@ -71,10 +73,10 @@ class ChangePasswordISPConfigDriver
|
|||
if (!empty($aFetchResult['mailuser_id'])) {
|
||||
$sDbPassword = $aFetchResult['password'];
|
||||
$sDbSalt = \substr($sDbPassword, 0, \strrpos($sDbPassword, '$'));
|
||||
if (\crypt($sPrevPassword, $sDbSalt) === $sDbPassword) {
|
||||
if (\crypt($oPrevPassword, $sDbSalt) === $sDbPassword) {
|
||||
$oStmt = $oPdo->prepare('UPDATE mail_user SET password = ? WHERE mailuser_id = ?');
|
||||
return !!$oStmt->execute(array(
|
||||
$this->cryptPassword($sNewPassword),
|
||||
$this->cryptPassword($oNewPassword),
|
||||
$aFetchResult['mailuser_id']
|
||||
));
|
||||
}
|
||||
|
|
@ -90,7 +92,7 @@ class ChangePasswordISPConfigDriver
|
|||
return false;
|
||||
}
|
||||
|
||||
private function cryptPassword(string $sPassword) : string
|
||||
private function cryptPassword(SensitiveString $oPassword) : string
|
||||
{
|
||||
if (\defined('CRYPT_SHA512') && CRYPT_SHA512) {
|
||||
$sSalt = '$6$rounds=5000$' . \bin2hex(\random_bytes(8)) . '$';
|
||||
|
|
@ -99,6 +101,6 @@ class ChangePasswordISPConfigDriver
|
|||
} else {
|
||||
$sSalt = '$1$' . \bin2hex(\random_bytes(6)) . '$';
|
||||
}
|
||||
return \crypt($sPassword, $sSalt);
|
||||
return \crypt($oPassword, $sSalt);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,14 +1,14 @@
|
|||
<?php
|
||||
|
||||
use \RainLoop\Exceptions\ClientException;
|
||||
use RainLoop\Exceptions\ClientException;
|
||||
|
||||
class ChangePasswordISPConfigPlugin extends \RainLoop\Plugins\AbstractPlugin
|
||||
{
|
||||
const
|
||||
NAME = 'Change Password ISPConfig',
|
||||
VERSION = '2.19',
|
||||
RELEASE = '2023-04-11',
|
||||
REQUIRED = '2.23.0',
|
||||
VERSION = '2.36',
|
||||
RELEASE = '2024-03-17',
|
||||
REQUIRED = '2.36.0',
|
||||
CATEGORY = 'Security',
|
||||
DESCRIPTION = 'Extension to allow users to change their passwords through ISPConfig';
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue