Merge remote-tracking branch 'origin/develop' into release-6.2

Conflicts:
	lam/HISTORY

lam-packaging/debian/changelog

@@ -1,8 +1,8 @@
-ldap-account-manager (6.1.RC1-1) unstable; urgency=medium
+ldap-account-manager (6.1-1) unstable; urgency=medium
 
   * new upstream release
 
- -- Roland Gruber <post@rolandgruber.de>  Tue, 05 Sep 2017 19:34:35 +0200
+ -- Roland Gruber <post@rolandgruber.de>  Tue, 19 Sep 2017 18:24:35 +0200
 
 ldap-account-manager (6.0.1-1) unstable; urgency=medium
 

lam/HISTORY

@@ -2,7 +2,7 @@ December 2017
   - PHP 5.6 and Internet Explorer 11 or later required
 
 
-September 2017 6.1
+19.09.2017 6.1
   - Automatically trim input fields to avoid trailing/leading spaces
   - LAM Pro:
    -> Custom fields: support wildcards in text fields such as $firstname
@@ -12,11 +12,13 @@ September 2017 6.1
    -> Password modify page reports error on password change when posixAccount is present for users
    -> Nginx configuration files did not include "fastcgi_param SCRIPT_FILENAME $request_filename;" (193)
 
+
 20.07.2017 6.0.1
   - Fixed bugs:
    -> Configuration file fills up with empty values
    -> Tool visibility settings
 
+
 26.06.2017 6.0
   - Support multiple configurations for same account type
   - PHP 7.1 compatibility

lam/VERSION

@@ -1 +1 @@
-6.1.RC1
+6.1

lam/lib/modules/posixAccount.inc

@@ -2855,11 +2855,20 @@ class posixAccount extends baseModule implements passwordService {
 						}
 						$pwdPolicyResult = checkPasswordStrength($_POST['posixAccount_password'], $userName, $additionalAttrs);
 						if ($pwdPolicyResult === true) {
+							$passwordHash = $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0];
 							if (empty($this->selfServiceSettings->moduleSettings['posixAccount_useOldPwd']) || ($this->selfServiceSettings->moduleSettings['posixAccount_useOldPwd'][0] != 'true')) {
-								$return['mod']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0]);
+								// set SASL password
+								if (!empty($attributes['uid'][0]) && ($passwordHash === 'SASL')) {
+									$return['mod']['userPassword'][0] = '{SASL}' . $attributes['uid'][0];
+								}
+								// set other password hashes
+								else {
+									$return['mod']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $passwordHash);
+								}
+
 							}
 							else {
-								$return['add']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0]);
+								$return['add']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $passwordHash);
 								$return['del']['userPassword'][0] = $_POST['posixAccount_passwordOld'];
 							}
 							$return['info']['userPasswordClearText'][0] = $_POST['posixAccount_password'];