Merge remote-tracking branch 'origin/develop' into release-6.2

Conflicts: lam/HISTORY
2017-09-23 09:55:19 +02:00 · 2017-09-23 09:55:19 +02:00 · be24c5a3ca
parent 6ec7fb87f3 a5522c29ab
commit be24c5a3ca
6 changed files with 956 additions and 891 deletions
--- a/lam-packaging/debian/changelog
+++ b/lam-packaging/debian/changelog
@ -1,8 +1,8 @@
-ldap-account-manager (6.1.RC1-1) unstable; urgency=medium
+ldap-account-manager (6.1-1) unstable; urgency=medium

  * new upstream release

- -- Roland Gruber <post@rolandgruber.de>  Tue, 05 Sep 2017 19:34:35 +0200
+ -- Roland Gruber <post@rolandgruber.de>  Tue, 19 Sep 2017 18:24:35 +0200

 ldap-account-manager (6.0.1-1) unstable; urgency=medium

--- a/lam/HISTORY
+++ b/lam/HISTORY
@ -2,7 +2,7 @@ December 2017
  - PHP 5.6 and Internet Explorer 11 or later required


-September 2017 6.1
+19.09.2017 6.1
  - Automatically trim input fields to avoid trailing/leading spaces
  - LAM Pro:
   -> Custom fields: support wildcards in text fields such as $firstname
@ -12,11 +12,13 @@ September 2017 6.1
   -> Password modify page reports error on password change when posixAccount is present for users
   -> Nginx configuration files did not include "fastcgi_param SCRIPT_FILENAME $request_filename;" (193)

+
 20.07.2017 6.0.1
  - Fixed bugs:
   -> Configuration file fills up with empty values
   -> Tool visibility settings

+
 26.06.2017 6.0
  - Support multiple configurations for same account type
  - PHP 7.1 compatibility
--- a/lam/VERSION
+++ b/lam/VERSION
@ -1 +1 @@
-6.1.RC1
+6.1
--- a/lam/lib/modules/posixAccount.inc
+++ b/lam/lib/modules/posixAccount.inc
@ -2855,11 +2855,20 @@ class posixAccount extends baseModule implements passwordService {
 						}
 						$pwdPolicyResult = checkPasswordStrength($_POST['posixAccount_password'], $userName, $additionalAttrs);
 						if ($pwdPolicyResult === true) {
+							$passwordHash = $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0];
 							if (empty($this->selfServiceSettings->moduleSettings['posixAccount_useOldPwd']) || ($this->selfServiceSettings->moduleSettings['posixAccount_useOldPwd'][0] != 'true')) {
-								$return['mod']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0]);
+								// set SASL password
+								if (!empty($attributes['uid'][0]) && ($passwordHash === 'SASL')) {
+									$return['mod']['userPassword'][0] = '{SASL}' . $attributes['uid'][0];
+								}
+								// set other password hashes
+								else {
+									$return['mod']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $passwordHash);
+								}
+
 							}
 							else {
-								$return['add']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0]);
+								$return['add']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $passwordHash);
 								$return['del']['userPassword'][0] = $_POST['posixAccount_passwordOld'];
 							}
 							$return['info']['userPasswordClearText'][0] = $_POST['posixAccount_password'];
--- a/lam/locale/zh_TW/LC_MESSAGES/messages.mo
+++ b/lam/locale/zh_TW/LC_MESSAGES/messages.mo
--- a/lam/locale/zh_TW/LC_MESSAGES/messages.po
+++ b/lam/locale/zh_TW/LC_MESSAGES/messages.po
 @ -1 +1 @@
 .1.RC1
 .1