1
0
mirror of https://github.com/postfixadmin/postfixadmin.git synced 2025-07-06 06:22:30 +03:00

460 Commits

Author SHA1 Message Date
ab0f7897fd drop support for legacy 2a bcrypt variants as we do not support PHP before <= 5.3.7 any longer 2025-06-01 15:43:15 +01:00
b56d0082ff token refactoring 2025-06-01 15:42:50 +01:00
ace5624508 change generate_password() to allow for repeated characaters, which probably provides more entropy. 2025-06-01 15:42:09 +01:00
06a2cda24b this should be a better PFA_Cookie random token value 2025-06-01 15:41:30 +01:00
293e318200 remove unused/dead code 2025-06-01 15:39:56 +01:00
65db542ad2 php type hint and phpdoc changes 2025-06-01 15:39:03 +01:00
999bfcfc54 drop support for mysql_encrypt, given MySQL after 5.7 has dropped it and we had not wired it into the pacrypt() function anyway, try and improve docs in config.inc.php 2025-05-28 09:41:22 +01:00
798e8b269c Topt app passwords fixes (WIP) (#805)
various improvements to the TOTP code see also:  #802
2025-05-16 20:31:20 +01:00
759304ecb8 apparently these all need reformatting 2024-12-05 14:33:41 +00:00
c32f344b9d formatting? 2024-05-31 19:27:12 +01:00
519c934ed3 Add minimal cron job to remove old vacation alias records - see https://github.com/postfixadmin/postfixadmin/issues/832 2024-05-31 19:25:53 +01:00
56dd787ce2 when going through password recovery, only wipe the recovery token after the user has updated their password
see https://github.com/postfixadmin/postfixadmin/issues/550
2024-05-17 22:02:01 +01:00
f01274ec94 try relaxing composer dependencies to allow php8.2 dev support, reformat so composer format passes 2024-04-22 21:02:01 +01:00
0876c368e4 feat: support Dovecot DIGEST-MD5 (#816)
Add support for dovecot DIGEST-MD5 auth (using : $CONF['pacrypt'] = 'dovecot:DIGEST-MD5') 

This also changes the pacrypt() function to take an optional 3rd argument (username). 
Thanks @bestlong
2024-04-12 09:57:19 +01:00
45557a6ed4 code formatting fix 2024-01-11 08:57:27 +00:00
eda637df1a Merge branch 'master' into michaelkrieger-patch-1 2024-01-11 08:51:17 +00:00
39e378c783 improve type hinting 2023-12-27 16:17:55 +00:00
015d4ec9cd reindent / reformat; add type hints for some of the app password stuff; try and make sure someone can only remove their own app password (see revokeAppPassword() ) 2023-12-23 21:43:31 +00:00
4d17aa6ef9 manaul merge in of verdigado:master (see #753) (MFA/TOTP support) 2023-12-23 17:05:52 +00:00
2d540e1da7 give the language selector an id - see #736 - thanks @frzquerty 2023-06-23 21:11:09 +01:00
d99d1785b4 fix pacrypt() call - if we have passwords stored like $1$... they are PHP_CRYPT:MD5, and treating them as crypt does not work with dovecot 2023-03-09 21:59:35 +00:00
e53b5e8a58 Update functions.inc.php
$conf['encrypt'] = 'dovecot:CRAM-MD5'

never success !

function _pacrypt_dovecot() will be never used

See my propose to run with dovecot:CRYPT-METHOD
2023-02-20 19:44:13 +01:00
65aea00a1f see https://github.com/postfixadmin/postfixadmin/issues/667 - re-use smtp_get_admin_email(), try and make sure there is a From: set in password recovery emails 2022-11-30 21:18:06 +00:00
3017ea3f3c psalm fixes (drop safeserver() (not used), $_COOKIE always contains strings etc). 2022-10-12 20:52:49 +01:00
73106712e0 min_password_length might be integer, so do not be too strict with it 2022-09-27 19:56:28 +01:00
989a709ee5 see https://github.com/postfixadmin/postfixadmin/issues/647 - if configured for sha512.b64 but
we have a hash with a {MD5-CRYPT} prefix, support the MD5-CRYPT form to allow for migration.
2022-08-11 20:23:32 +01:00
7e514eb6f0 composer format thinks this should change 2022-08-11 20:23:15 +01:00
38549c48ad composer format 2022-07-17 21:16:47 +01:00
a97771adfd Automatic code style fixes 2022-07-15 11:29:55 +02:00
2d6ded2786 PSR2 -> PSR12 formatting 2022-06-28 13:46:11 +01:00
bed0300fae fix tests (pacrypt/{md5raw} etc) 2022-06-23 22:18:16 +01:00
a349c75f53 rmeove var_dump 2022-06-06 20:37:23 +01:00
35486a2ca9 remove dead code 2022-06-06 20:35:53 +01:00
626bd43def Add support for implicit TLS, replace "smtp_sendmail_tls" with "smtp_type"
For reference: https://datatracker.ietf.org/doc/html/rfc8314

Please note that this only applies to the "send email" feature.

In the future we should implement it for the "fetch email" one too.
2021-11-29 07:10:20 +01:00
e0c9939f88 use _pacrypt_php_crypt 2021-11-14 20:52:24 +00:00
57f9ed5ff3 see #556 - try this instead 2021-11-10 15:41:08 +00:00
540b32f1a0 probable fix for #556 - see if CONF[site_url] is a string before trying to use it 2021-11-10 09:42:26 +00:00
5a8f334b45 fix mysql connection string - see #553 2021-11-02 22:10:03 +00:00
3d231a54a2 Merge pull request #491 from postfixadmin/feature-improve-pacrypt
Feature - improve 'pacrypt' (reduce reliance on dovecot pw), add more hash algorithms
2021-10-26 19:02:45 +01:00
03ab100b4a composer format 2021-10-12 19:53:54 +01:00
f8c8dcf520 see - https://github.com/postfixadmin/postfixadmin/issues/549 - use $CONF["database_port"] when connecting to MySQL 2021-10-12 19:51:57 +01:00
ac13219894 improve test coverage / compatability 2021-09-29 21:05:19 +01:00
f1b41e87fa composer format 2021-09-29 18:34:54 +01:00
309b4a84aa get legacy test case to pass 2021-09-29 18:32:46 +01:00
0b9b7db917 Merge remote-tracking branch 'origin/master' into feature-improve-pacrypt 2021-09-29 18:04:49 +01:00
0d08ac418a see https://github.com/postfixadmin/postfixadmin/issues/547 2021-09-29 11:52:31 +01:00
6bb8bc6fa0 Revision to my previous suggestion
This grants "if port is defined" in the right context.
2021-09-01 00:04:54 +02:00
47b1eecdf6 Minor update: add port to mysql/mariadb
This change is needed be able to use $CONF['database_host'] (custom port) for mysql/mariadb
2021-08-31 10:32:41 +02:00
36593fafe7 remove extra semi-colon - thanks to @PF4Public / #524 2021-08-04 17:25:45 +01:00
25ac89f6a7 see https://github.com/postfixadmin/postfixadmin/issues/523 - improve randomness when creating the PFA_token field; reported by @michaellrowley via huntr.dev. 2021-08-04 17:00:55 +01:00