This plugin version adds PHP Crack support and includes various fixes in code working with Samba passwords.
Version 2.1
by Tomas Kuliavas on Jan 20, 2007
[ change_ldappass-2.1-1.4.0.tar.gz tarball (8616 d/l) Help ]
Requires: SquirrelMail 1.4.0 or later, PHP with LDAP support
Description: Non-maintainer upload. Closes SquirrelMail bug tracker (#1606152).
- Added $ldap_filter option.
- Don't use 'None' mailbox name in displayPageHeader() function calls.
Version 2.0
by Tomas Kuliavas on Oct 7, 2006
[ change_ldappass-2.0-1.4.0.tar.gz tarball (7250 d/l) Help ]
Requires: SquirrelMail 1.4.0 or later, PHP with LDAP support
Description: Non-maintainer upload designed to fix LDAP bind protocol and compatibility plugin issues. Closes SquirrelMail bug trackers #1255733, #1562911, #1567110. Thanks to [email protected], [email protected] and [email protected].
- This plugin version is licensed under GPL. Older versions used BSD license.
- Removed dependency on compatibility plugin. Minimal required SquirrelMail version increased to 1.4.0.
- Added LDAP bind protocol version controls.
- Removed pound symbol and space from list of allowed password characters.
Version 1.8
by Ray Ferguson on Dec 12, 2004
[ change_ldappass-1.8.tar.gz tarball (14863 d/l) Help ]
Requires: Compatibility plugin and ldap.
Description:
- Merged patch from Joerg Pulz which corrects and extends samba password support
- Added more i18n locales
- Fixed general i18n crappyness.
- Added a few options. See config.php.sample
- MD5: 63970d47d3d9a20c8732a76a673e012f change_ldappass-1.8.tar.gz
Version 1.7
by Ray Ferguson on Mar 5, 2004
[ change_ldappass-1.7.tar.gz tarball (9593 d/l) Help ]
Requires: Compatibility program and ldap.
Description:
- change ldap_sha_passwd function to leverage php sha1 builtin if you
- are using php>=4.3.0. You now have a choice for sha & ssha support.
- Use php with compiled in mhash libraries or php>=4.3.0.
- added support for LanManager or NT compatable passwords in ldap. mkntpwd
- added pt_BR locale
- added support for ssha encryption.
- fixed bug w/ bind as manager. We now bind before looking up dn which allows us to work on systems that do not allow anon query.
- odds and ends, some stuff, and some things.
Version 1.6
by Ray Ferguson on Jul 26, 2003
[ change_ldappass-1.6.tar.gz tarball (8637 d/l) Help ]
Requires: Compatibility Plugin
Description: Added SMD5 support and merged polish locale.
Version 1.5
by Ray Ferguson on May 15, 2003
[ change_ldappass-1.5.tar.gz tarball (7365 d/l) Help ]
Requires: SquirrelMail >=1.2.8 &
Description: NOTE NEW DEPENDENCY: Compatibility Plugin
New features: SM-1.4 compatibility, and i18n support. Bug fixes etc.
Version 1.4
by Simon Annetts on Jan 8, 2003
[ change_ldappass-1.4.tar.gz tarball (9958 d/l) Help ]
Requires: SquirrelMail >=1.2.8 and an LDAP server I guess...
Description: Fixed a security hole and added support for unencrypted passwords for those users that keep hassling me about it ;-)
****NOTE: ****
If you are using the samba password update facility in this plugin please upgrade to this version Prior versions contained a security vunerability where malicious users could execute shell commands as the webserver user.
Version 1.3
by Simon Annetts on Oct 29, 2002
[ This version is not available. You might be able to get it by asking on the "squirrelmail-plugins" mailing list or by contacting the author. ]
Requires: SquirrelMail 1.2.8 and an LDAP server I guess...
Description: Changed password detection to support salted DES, MD5 and BLOWFISH as well as unsalted MD5 and SHA. Unsalted MD5 and SHA are *untested* by me but based on other
users contributed code. Please give me feedback on their fitness....
Fixed bugs pointed out by other people.
Improved binding techniques, - we bind anonymously to get the users dn, then bind as the user.
Removed global variables for register_globals = off in SQM 1.2.8
Version 1.2
by Simon Annetts on Apr 17, 2002
[ This version is not available. You might be able to get it by asking on the "squirrelmail-plugins" mailing list or by contacting the author. ]
Requires: SquirrelMail >= 1.0.1, LDAP server
Description: Ver 1.2, Apr 15 2002 - Added MD5 password support with autodetect.
Added code necessary to support MD5 passwords as well as original crypt passwords.
Autodetection is done by looking at the length of the password and the first three characters (should always be $1$ for MD5).
Ver 1.1, Nov 16 2001 - Changed authentication options.
Added an option which selects whether to bind to the LDAP server as manager or as the current user before attempting to change the password.
Version 1.0
by Simon Annetts on Mar 25, 2001
[ This version is not available. You might be able to get it by asking on the "squirrelmail-plugins" mailing list or by contacting the author. ]
Requires: SquirrelMail >= 1.0.1, LDAP server
Description: Initial version.