Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized

2020-11-15 20:22:46 +01:00
parent c150ac7b37 d96bf91a0d
commit 9dec340434
8 changed files with 47 additions and 5 deletions
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -84,8 +84,25 @@ function ip_acl($ip, $networks) {
  return false;
 }
 function hash_password($password) {
-	$salt_str = bin2hex(openssl_random_pseudo_bytes(8));
-	return "{SSHA256}".base64_encode(hash('sha256', $password . $salt_str, true) . $salt_str);
+  // default_pass_scheme is determined in vars.inc.php (or corresponding local file)
+  // in case default pass scheme is not defined, falling back to BLF-CRYPT.
+  global $default_pass_scheme;
+  $pw_hash = NULL;
+  switch (strtoupper($default_pass_scheme)) {
+    case "SSHA256":
+      $salt_str = bin2hex(openssl_random_pseudo_bytes(8));
+      $pw_hash = "{SSHA256}".base64_encode(hash('sha256', $password . $salt_str, true) . $salt_str);
+      break;
+    case "SSHA512":
+      $salt_str = bin2hex(openssl_random_pseudo_bytes(8));
+      $pw_hash = "{SSHA512}".base64_encode(hash('sha512', $password . $salt_str, true) . $salt_str);
+      break;
+    case "BLF-CRYPT":
+    default:
+      $pw_hash = "{BLF-CRYPT}" . password_hash($password, PASSWORD_BCRYPT);
+      break;
+  }
+  return $pw_hash;
 }
 function last_login($user) {
  global $pdo;
@@ -502,6 +519,12 @@ function verify_hash($hash, $password) {
    if (password_verify($password, $hash)) {
      return true;
    }
+  } 
+  elseif (preg_match('/^{BLF-CRYPT}/i', $hash)) {
+    $hash = preg_replace('/^{BLF-CRYPT}/i', '', $hash);
+    if (password_verify($password, $hash)) {
+      return true;
+    }
  }
  return false;
 }
--- a/data/web/inc/vars.inc.php
+++ b/data/web/inc/vars.inc.php
@@ -17,6 +17,7 @@ $database_name = getenv('DBNAME');

 // Other variables
 $mailcow_hostname = getenv('MAILCOW_HOSTNAME');
+$default_pass_scheme = getenv('MAILCOW_PASS_SCHEME');

 // Autodiscover settings
 // ===
--- a/data/web/lang/lang.sv.json
+++ b/data/web/lang/lang.sv.json
@@ -783,6 +783,7 @@
        "release_body": "Det ursprungliga meddelandet har bifogats som en EML-fil till detta meddelande.",
        "release_subject": "Potentiellt skadlig karantänsmeddelande %s",
        "remove": "Ta bort",
+        "rewrite_subject": "Skriv om ämnesraden",
        "rspamd_result": "Rspamd resultat",
        "quick_release_link": "Öppna snabblänk - Släpp på",
        "quick_delete_link": "Öppna snabblänk - Kasta",