[pkg-horde] Bug#385788: Fails to unencrypt admin passwd from
servers.php
sam
sam at davidoffdotnet.net
Sun Sep 3 04:27:07 UTC 2006
Package: imp4
Version: 4.0.2-2
When trying to administer IMAP users by filing in the "admin" array
in servers.php, an error is generated when going to "Users" under the
Horde "Administration" tab. The problem appears to be that the
password is encrypted in the session, but not decrypted for login to
the IMAP server for administration purposes. (Regular user IMAP
login does decrypt, and so works fine.)
The fix is easy. Change /usr/share/horde3/imp/lib/api.php line 265 from
$params['admin_password'] = $params['password'];
to
$params['admin_password'] = Secret::read(Secret::getKey('imp'),
$params['password']);
This change appears to have always been in upstream, so I'm not sure
how the bug crept in here. See http://cvs.horde.org/diff.php?
r1=1.86&r2=1.87&f=imp%2Flib%2Fapi.php
More information about the pkg-horde-hackers
mailing list