Dev September 2014

dev@lists.roundcube.net

6 participants
5 discussions

Update 1.0.3 released
by Thomas Bruederli 29 Sep '14

29 Sep '14

Dear Roundcube users We're proud to announce the next service release to the stable version 1.0 of Roundcube webmail. It contains some bug fixes and improvements we considered important for the long term support branch of Roundcube. See the full changelog here: http://trac.roundcube.net/wiki/Changelog It's considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from http://roundcube.net/download. And remember: backup before updating! Kind regards, Thomas

1 0

Possible bug in Roundcube password plugin: cannot generate correct bcrypt hash
by Zhang Huangbin 14 Sep '14

14 Sep '14

Dear developers, I'm running Roundcubemail-1.0.2 on OpenBSD 5.5, i tried to generate bcrypt password hash with ldap_simple password driver, it generates password hash with prefix '{crypt}$2a$' which identities it's a blowfish/bcrypt hash, but Dovecot cannot verify it. Dovecot works fine if i generated password hash with Dovecot command 'doveadm pw -s BLF-CRYPT' or Python bcrypt module. So i think there might be something wrong in Roundcube password driver. Could you help inspect it? Thank you very much.

1 0

Re: [RCD] [RCU] Can't figure out how to use new Plugins installer system?
by Thomas Bruederli 10 Sep '14

10 Sep '14

On Mon, Sep 1, 2014 at 7:49 PM, Ed W <lists(a)wildgooses.com> wrote: > Hmm, so I tried a random other plugin, *that* plugin is installed into > ./plugins. However, dovecot_impersonate is left in > ./vendor/cor/dovecot_impersonate ? > > There is very, very little documentation on how this is supposed to work. > Could someone please give me a hint on what is supposed to happen here? is > the plugin borked? The plugin's composer.json file misses the "type": "roundcube-plugin" specification. @cor, please review and fix your composer.json files. Kind regards, Thomas

2 1

08 Sep '14

Any idea why we can't login to git-master anymore...? After login, I'm seeing ... nothing. RC attempts to load the page ****/?_task=login rather than ****/?_task=mail (which would be the correct one). We reverted back to the stage of Aug 26th, and everything is working again. Win7/64, FF 27.0.1. Cheers, -- Michael Heydekamp Co-Admin freexp.de Düsseldorf/Germany

6 10

[PATCH] password plugin driver for ldappasswd(1)
by Dima Dorfman 03 Sep '14

03 Sep '14

Hello, I wrote a backend for the password plugin that uses OpenLDAP's ldappasswd(1). My motivation for this was to remove the requirement to retrieve the user's full LDAP record, which our policy does not allow, but this method is also easier to configure, obviates the need for php to be able to produce the password hash, and supports a more complete range of password storage and authentication options (e.g. SASL binds) In particular, this might satisfy New Feature Request #1486349: password plugin: using LDAP EXOP for changing passwords (RFC3062) >From the comments: * Advantages of this method: * - No extra configuration if OpenLDAP/ldappasswd are already configured * - Indifferent to password storage (attribute) and hashing details * - Future-proof: supports everything ldappasswd(1) can do now, and later * - TLS/SSF verification is done by OpenLDAP according to system settings * - Uses PASSMOD extended operation; no need to retrieve full user record Please review. If possible, I would like to see this in the main tree so I don't have to maintain it locally Patch attached Cheers, -- Dima

2 1

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Dev September 2014