Rainloop MySQL Password Change Plugin
This is a plugin that allows you to add a custom MySQL password change plugin to your Rainloop install.
Developer's Note
Please note that while security is a mission-critical element, this plugin is still undergoing heavy development. Do not use this plugin in production.
Requirements
Minimum Requirements
- PHP 5.4
- PDO Extension with mysql driver
If you do not have the OpenSSL extension, or PHP 7,
an error will be thrown unless you manually set ALLOW_POOR_SECURITY to true.
Recommended Requirements
- PHP 7 (or with the userland random_bytes() function installed)
- PHP 5.6 with OpenSSL extension
Installing
- Clone this repo in the
pluginsdirectory on your Rainloop installation or download the zip and unzip it there. - Login to your Rainloop admin panel, and under "Plugins", activate this plugin (mysql-password-change).
- Follow the on-screen setup.
Customising
There are a number of setup options you should set when enabling this plugin.
- MySQL connection details (hostname, port, username, password)
- MySQL database name
- Table name of accounts
- Username/Email column name (uses Rainloop's account model,
\RainLoop\Account) - Password column name
- Encryption scheme
- Rounds for sha256 or sha512 schemes
Encryption schemes
Currently the following encryption schemes to hash passwords are supported. They are listed from most recommended to avoid. Please select the one currently in use on your MySQL server.
sha512_crypt: SHA512 encryption with salt and default rounds set to 5000. This is the recommended scheme to use.sha256_crypt: SHA256 encryption with salt and default rounds set to 5000.php: Uses the built-in PHPpassword_hash()with thePASSWORD_DEFAULTalgorithm. Requires PHP 5.5 or greater.mysql: Use the built-in MySQL ENCRYPT() function.sha1: Use an unsalted sha1 hash.
While php can be useful, because you're probably using Postfix to verify accounts on the IMAP(S) side, it may not be
the wisest choice as the PASSWORD_DEFAULT algorithm can change at any time.