From 43bde95b578ff5ebd4806ca4357d007a7adbbf84 Mon Sep 17 00:00:00 2001 From: Christian Boltz Date: Sun, 5 Jun 2011 20:23:04 +0000 Subject: [PATCH] functions.inc.php - pacrypt(): - if dovecotpw does not give the expected output, read stderr and write it to error_log() This would have made the debugging session I just had with makomi on IRC about an hour shorter ;-) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1071 a1433add-5e2c-0410-b055-b7f2511e0802 --- functions.inc.php | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/functions.inc.php b/functions.inc.php index 18c17423..813437a5 100644 --- a/functions.inc.php +++ b/functions.inc.php @@ -1150,7 +1150,8 @@ function pacrypt ($pw, $pw_db="") { # Use proc_open call to avoid safe_mode problems and to prevent showing plain password in process table $spec = array( 0 => array("pipe", "r"), // stdin - 1 => array("pipe", "w") // stdout + 1 => array("pipe", "w"), // stdout + 2 => array("pipe", "w"), // stderr ); $pipe = proc_open("$dovecotpw '-s' $method", $spec, $pipes); @@ -1166,10 +1167,18 @@ function pacrypt ($pw, $pw_db="") { // Read hash from pipe stdout $password = fread($pipes[1], "200"); - fclose($pipes[1]); + + if ( !preg_match('/^\{' . $method . '\}/', $password)) { + $stderr_output = stream_get_contents($pipes[2]); + error_log('dovecotpw password encryption failed.'); + error_log('STDERR output: ' . $stderr_output); + die("can't encrypt password with dovecotpw, see error log for details"); + } + + fclose($pipes[1]); + fclose($pipes[2]); proc_close($pipe); - if ( !preg_match('/^\{' . $method . '\}/', $password)) { die("can't encrypt password with dovecotpw"); } $password = trim(str_replace('{' . $method . '}', '', $password)); } }