SASL support for self service

This commit is contained in:
Roland Gruber 2017-09-22 19:52:57 +02:00
parent 9f91009174
commit a5522c29ab
1 changed files with 11 additions and 2 deletions

View File

@ -2847,11 +2847,20 @@ class posixAccount extends baseModule implements passwordService {
} }
$pwdPolicyResult = checkPasswordStrength($_POST['posixAccount_password'], $userName, $additionalAttrs); $pwdPolicyResult = checkPasswordStrength($_POST['posixAccount_password'], $userName, $additionalAttrs);
if ($pwdPolicyResult === true) { if ($pwdPolicyResult === true) {
$passwordHash = $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0];
if (empty($this->selfServiceSettings->moduleSettings['posixAccount_useOldPwd']) || ($this->selfServiceSettings->moduleSettings['posixAccount_useOldPwd'][0] != 'true')) { if (empty($this->selfServiceSettings->moduleSettings['posixAccount_useOldPwd']) || ($this->selfServiceSettings->moduleSettings['posixAccount_useOldPwd'][0] != 'true')) {
$return['mod']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0]); // set SASL password
if (!empty($attributes['uid'][0]) && ($passwordHash === 'SASL')) {
$return['mod']['userPassword'][0] = '{SASL}' . $attributes['uid'][0];
}
// set other password hashes
else {
$return['mod']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $passwordHash);
}
} }
else { else {
$return['add']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0]); $return['add']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $passwordHash);
$return['del']['userPassword'][0] = $_POST['posixAccount_passwordOld']; $return['del']['userPassword'][0] = $_POST['posixAccount_passwordOld'];
} }
$return['info']['userPasswordClearText'][0] = $_POST['posixAccount_password']; $return['info']['userPasswordClearText'][0] = $_POST['posixAccount_password'];