Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package postfixadmin for openSUSE:Factory checked in at 2022-03-11 21:41:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/postfixadmin (Old) and /work/SRC/openSUSE:Factory/.postfixadmin.new.25692 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "postfixadmin" Fri Mar 11 21:41:10 2022 rev:35 rq:960943 version:3.3.11 Changes: -------- --- /work/SRC/openSUSE:Factory/postfixadmin/postfixadmin.changes 2021-08-16 10:17:52.334634064 +0200 +++ /work/SRC/openSUSE:Factory/.postfixadmin.new.25692/postfixadmin.changes 2022-03-11 21:41:19.330073182 +0100 @@ -1,0 +2,7 @@ +Thu Mar 10 22:45:44 UTC 2022 - Christian Boltz <[email protected]> + +- Update to PostfixAdmin 3.3.11 + - Fix PHP 8 compatability for crypt() usage + - Support $CONF['database_port'] for MySQL databases + +------------------------------------------------------------------- Old: ---- postfixadmin-3.3.10.tar.gz New: ---- postfixadmin-3.3.11.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ postfixadmin.spec ++++++ --- /var/tmp/diff_new_pack.6kl3lz/_old 2022-03-11 21:41:19.910073627 +0100 +++ /var/tmp/diff_new_pack.6kl3lz/_new 2022-03-11 21:41:19.914073630 +0100 @@ -1,8 +1,8 @@ # # spec file for package postfixadmin # -# Copyright (c) 2021 SUSE LLC -# Copyright (c) 2007-2021 Christian Boltz +# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2007-2022 Christian Boltz # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ Name: postfixadmin -Version: 3.3.10 +Version: 3.3.11 Release: 0 URL: http://postfixadmin.sourceforge.net/ Source0: https://github.com/postfixadmin/postfixadmin/archive/%{name}-%{version}.tar.gz ++++++ postfixadmin-3.3.10.tar.gz -> postfixadmin-3.3.11.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfixadmin-postfixadmin-3.3.10/CHANGELOG.TXT new/postfixadmin-postfixadmin-3.3.11/CHANGELOG.TXT --- old/postfixadmin-postfixadmin-3.3.10/CHANGELOG.TXT 2021-08-09 10:41:35.000000000 +0200 +++ new/postfixadmin-postfixadmin-3.3.11/CHANGELOG.TXT 2022-03-02 15:06:26.000000000 +0100 @@ -6,6 +6,12 @@ # # Further details on the project are available at https://github.com/postfixadmin/postfixadmin +Version 3.3.11 - 2022/03/02 +------------------------------------------------- + - Fix PHP 8 compatability for crypt() usage (see https://github.com/postfixadmin/postfixadmin/issues/547) + - Support $CONF['database_port'] for MySQL databases (see https://github.com/postfixadmin/postfixadmin/issues/549 and https://github.com/postfixadmin/postfixadmin/issues/553) + + Version 3.3.10 - 2021/08/09 ------------------------------------------------- - Merge password expiration fixes from https://github.com/postfixadmin/postfixadmin/pull/493 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfixadmin-postfixadmin-3.3.10/config.inc.php new/postfixadmin-postfixadmin-3.3.11/config.inc.php --- old/postfixadmin-postfixadmin-3.3.10/config.inc.php 2021-08-09 10:41:35.000000000 +0200 +++ new/postfixadmin-postfixadmin-3.3.11/config.inc.php 2022-03-02 15:06:26.000000000 +0100 @@ -177,24 +177,28 @@ // Encrypt // In what way do you want the passwords to be crypted? +// // md5crypt = internal postfix admin md5 // md5 = md5 sum of the password // system = whatever you have set as your PHP system default // cleartext = clear text passwords (ouch!) // mysql_encrypt = useful for PAM integration // authlib = support for courier-authlib style passwords - also set $CONF['authlib_default_flavor'] +// // dovecot:CRYPT-METHOD = use dovecotpw -s 'CRYPT-METHOD'. Example: dovecot:CRAM-MD5 +// IMPORTANT: +// - don't use dovecot:* methods that include the username in the hash - you won't be able to login to PostfixAdmin in this case +// - you'll need at least dovecot 2.1 for salted passwords ('doveadm pw' 2.0.x doesn't support the '-t' option) +// - dovecot 2.0.0 - 2.0.7 is not supported +// // php_crypt:CRYPT-METHOD:DIFFICULTY:PREFIX = use PHP built in crypt()-function. Example: php_crypt:SHA512:50000 // - php_crypt CRYPT-METHOD: Supported values are DES, MD5, BLOWFISH, SHA256, SHA512 // - php_crypt DIFFICULTY: Larger value is more secure, but uses more CPU and time for each login. // - php_crypt DIFFICULTY: Set this according to your CPU processing power. // - php_crypt DIFFICULTY: Supported values are BLOWFISH:4-31, SHA256:1000-999999999, SHA512:1000-999999999 // - php_crypt DIFFICULTY: leave empty to use default values (BLOWFISH:10, SHA256:5000, SHA512:5000). Example: php_crypt:SHA512 -// IMPORTANT: -// - don't use dovecot:* methods that include the username in the hash - you won't be able to login to PostfixAdmin in this case -// - you'll need at least dovecot 2.1 for salted passwords ('doveadm pw' 2.0.x doesn't support the '-t' option) -// - dovecot 2.0.0 - 2.0.7 is not supported -// - php_crypt PREFIX: hash has specified prefix - example: php_crypt:SHA512::{SHA256-CRYPT} +// - php_crypt PREFIX: hash has specified prefix - example: php_crypt:SHA512::{SHA512-CRYPT} +// // sha512.b64 - {SHA512-CRYPT.B64} (base64 encoded sha512) (no dovecot dependency; should support migration from md5crypt) $CONF['encrypt'] = 'md5crypt'; @@ -696,7 +700,7 @@ //More details in README.password_expiration $CONF['password_expiration'] = 'YES'; -$CONF['version'] = '3.3.9'; +$CONF['version'] = '3.3.11'; // If you want to keep most settings at default values and/or want to ensure // that future updates work without problems, you can use a separate config diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfixadmin-postfixadmin-3.3.10/functions.inc.php new/postfixadmin-postfixadmin-3.3.11/functions.inc.php --- old/postfixadmin-postfixadmin-3.3.10/functions.inc.php 2021-08-09 10:41:35.000000000 +0200 +++ new/postfixadmin-postfixadmin-3.3.11/functions.inc.php 2022-03-02 15:06:26.000000000 +0100 @@ -926,8 +926,10 @@ if ($pw_db) { return crypt($pw, $pw_db); } - // Throws E_NOTICE as salt is not specified. - return crypt($pw); + // PHP8 - we have to specify a salt here.... + $salt = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 2); + + return crypt($pw, $salt); } /** @@ -1577,11 +1579,18 @@ $database_name = Config::read_string('database_name'); + $dsn = 'mysql:'; if ($socket) { - $dsn = "mysql:unix_socket={$socket};dbname={$database_name};charset=UTF8"; + $dsn .= "unix_socket={$socket}"; } else { - $dsn = "mysql:host={$CONF['database_host']};dbname={$database_name};charset=UTF8"; + $dsn .= "host={$CONF['database_host']}"; + } + + if (isset($CONF['database_port'])) { + $dsn .= ";port={$CONF['database_port']}"; } + + $dsn .= ";dbname={$database_name};charset=UTF8"; } elseif (db_sqlite()) { $db = $CONF['database_name']; @@ -2305,7 +2314,7 @@ } } } else { - $stat_string .= "; "; + $stat_string .= " "; } // $stat_string .= "<span style='background-color:green'> </span> " . diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfixadmin-postfixadmin-3.3.10/model/AdminpasswordHandler.php new/postfixadmin-postfixadmin-3.3.11/model/AdminpasswordHandler.php --- old/postfixadmin-postfixadmin-3.3.10/model/AdminpasswordHandler.php 2021-08-09 10:41:35.000000000 +0200 +++ new/postfixadmin-postfixadmin-3.3.11/model/AdminpasswordHandler.php 2022-03-02 15:06:26.000000000 +0100 @@ -35,7 +35,7 @@ ); } - public function init($id) :bool { + public function init(string $id) :bool { # hardcode to logged in admin if ($this->admin_username == '') { die("No admin logged in"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfixadmin-postfixadmin-3.3.10/model/AliasdomainHandler.php new/postfixadmin-postfixadmin-3.3.11/model/AliasdomainHandler.php --- old/postfixadmin-postfixadmin-3.3.10/model/AliasdomainHandler.php 2021-08-09 10:41:35.000000000 +0200 +++ new/postfixadmin-postfixadmin-3.3.11/model/AliasdomainHandler.php 2022-03-02 15:06:26.000000000 +0100 @@ -51,7 +51,7 @@ } } - public function init($id) : bool { + public function init(string $id) : bool { $success = parent::init($id); if ($success) { if (count($this->struct['alias_domain']['options']) == 0 && $this->new) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfixadmin-postfixadmin-3.3.10/model/MailboxHandler.php new/postfixadmin-postfixadmin-3.3.11/model/MailboxHandler.php --- old/postfixadmin-postfixadmin-3.3.10/model/MailboxHandler.php 2021-08-09 10:41:35.000000000 +0200 +++ new/postfixadmin-postfixadmin-3.3.11/model/MailboxHandler.php 2022-03-02 15:06:26.000000000 +0100 @@ -60,7 +60,7 @@ } } - public function init($id) : bool { + public function init(string $id) : bool { if (!parent::init($id)) { return false; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfixadmin-postfixadmin-3.3.10/model/VacationHandler.php new/postfixadmin-postfixadmin-3.3.11/model/VacationHandler.php --- old/postfixadmin-postfixadmin-3.3.10/model/VacationHandler.php 2021-08-09 10:41:35.000000000 +0200 +++ new/postfixadmin-postfixadmin-3.3.11/model/VacationHandler.php 2022-03-02 15:06:26.000000000 +0100 @@ -18,7 +18,7 @@ */ protected $domain_field = 'domain'; - public function init($id) : bool { + public function init(string $id) : bool { throw new \Exception('VacationHandler is not yet ready to be used with *Handler methods'); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfixadmin-postfixadmin-3.3.10/public/setup.php new/postfixadmin-postfixadmin-3.3.11/public/setup.php --- old/postfixadmin-postfixadmin-3.3.10/public/setup.php 2021-08-09 10:41:35.000000000 +0200 +++ new/postfixadmin-postfixadmin-3.3.11/public/setup.php 2022-03-02 15:06:26.000000000 +0100 @@ -647,9 +647,6 @@ if ($m_pdo_sqlite == 1) { $info[] = "Database - SQLite support available"; - if (Config::read_string('database_type') != 'sqlite') { - $warn[] = "Change the database_type to 'sqlite' in config.local.php if you want to use SQLite"; - } } else { $warn[] = "Database support - SQLite (pdo_sqlite) extension not found"; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfixadmin-postfixadmin-3.3.10/public/viewlog.php new/postfixadmin-postfixadmin-3.3.11/public/viewlog.php --- old/postfixadmin-postfixadmin-3.3.10/public/viewlog.php 2021-08-09 10:41:35.000000000 +0200 +++ new/postfixadmin-postfixadmin-3.3.11/public/viewlog.php 2022-03-02 15:06:26.000000000 +0100 @@ -69,15 +69,15 @@ $where = []; $params = []; - if($fDomain) { + if ($fDomain) { $where[] = 'domain = :domain' ; $params['domain'] = $fDomain; } $where_sql = ''; - if(!empty($where)) { + if (!empty($where)) { $where_sql = 'WHERE ' . implode(' AND ', $where); - } + } $query = "SELECT timestamp,username,domain,action,data FROM $table_log $where_sql ORDER BY timestamp DESC LIMIT $page_size"; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfixadmin-postfixadmin-3.3.10/templates/menu.tpl new/postfixadmin-postfixadmin-3.3.11/templates/menu.tpl --- old/postfixadmin-postfixadmin-3.3.10/templates/menu.tpl 2021-08-09 10:41:35.000000000 +0200 +++ new/postfixadmin-postfixadmin-3.3.11/templates/menu.tpl 2022-03-02 15:06:26.000000000 +0100 @@ -107,20 +107,23 @@ </ul> <ul class="nav navbar-nav navbar-right"> {* password *} - <li><a class="btn btn-default navbar-btn btn-sm" type="button" + <li><a class="btn btn-default btn-sm" type="button" href="{#url_password#}">{$PALANG.pMenu_password}</a></li> {* backup *} {if $authentication_has_role.global_admin && $CONF.database_type!=='pgsql' && $CONF.backup === 'YES'} - <li><a class="btn btn-default navbar-btn btn-sm" type="button" + <li><a class="btn btn-default btn-sm" type="button" href="{#url_backup#}">{$PALANG.pAdminMenu_backup}</a></li> {/if} {* viewlog *} {if $CONF.logging==='YES'} - <li><a class="btn btn-default navbar-btn btn-sm" type="button" + <li><a class="btn btn-default btn-sm" type="button" href="{#url_viewlog#}">{$PALANG.pMenu_viewlog}</a></li> {/if} + + <li><a class="btn btn-default btn-sm" type="button" href="setup.php">Setup / Diagnostics</a></li> + {* logout *} - <li><a class="btn btn-default navbar-btn btn-sm" type="button" + <li><a class="btn btn-default btn-sm" type="button" href="{#url_logout#}">{$PALANG.pMenu_logout}</a></li> </ul> </div><!--/.nav-collapse --> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfixadmin-postfixadmin-3.3.10/tests/PacryptTest.php new/postfixadmin-postfixadmin-3.3.11/tests/PacryptTest.php --- old/postfixadmin-postfixadmin-3.3.10/tests/PacryptTest.php 2021-08-09 10:41:35.000000000 +0200 +++ new/postfixadmin-postfixadmin-3.3.11/tests/PacryptTest.php 2022-03-02 15:06:26.000000000 +0100 @@ -83,8 +83,27 @@ $this->assertNotEquals($sha512, _pacrypt_dovecot('foobarbaz', $sha512)); } + public function testPhpCrypt() { $config = Config::getInstance(); + Config::write('encrypt', 'php_crypt'); + + + $CONF = Config::getInstance()->getAll(); + + $sha512_crypt = '$6$ijF8bgunALqnEHTo$LHVa6XQBpM5Gt16RMFQuXqrGAS0y0ymaLS8pnkeVUTSx3t2DrGqWwRj6q4ef3V3SWYkb5xkuN9bv7joxNd8kA1'; + + $enc = _pacrypt_php_crypt('foo', $sha512_crypt); + + $this->assertEquals($enc, $sha512_crypt); + + $fail = _pacrypt_php_crypt('bar', $sha512_crypt); + + $this->assertNotEquals($fail, $sha512_crypt); + } + + public function testPhpCryptMd5() { + $config = Config::getInstance(); Config::write('encrypt', 'php_crypt:MD5'); @@ -154,7 +173,6 @@ $this->assertNotEmpty($str2); $this->assertNotEquals($str1, $str2); // should have different salts - $actualHash = '{SHA512-CRYPT.B64}JDYkM2NWcFM1WFNlUHl5MzdwSiRZWW80d0FmeWg5MXpxcS4uY3dtYUR1Y1RodTJGTDY1NHpXNUNvRU0wT3hXVFFzZkxIZ1JJSTZmT281OVpDUWJOTTF2L0JXajloME0vVjJNbENNMUdwLg=='; $check = _pacrypt_sha512_b64('test', $actualHash);
