Encrypt smtp passwords

Checks if smtp password is already encrypted. If not it will encrypt the smtp password.
2020-02-09 17:12:38 +01:00 · 2020-02-09 17:12:38 +01:00 · 5ca3788c97
parent 13f4ba492e
commit 5ca3788c97
2 changed files with 18 additions and 1 deletions
--- a/src/includes/psmconfig.inc.php
+++ b/src/includes/psmconfig.inc.php
@ -30,7 +30,7 @@
 /**
 * Current PSM version
 */
-define('PSM_VERSION', '3.4.6-beta.1');
+define('PSM_VERSION', '3.4.6-beta.2');

 /**
 * URL to check for updates. Will not be checked if turned off on config page.
--- a/src/psm/Util/Install/Installer.php
+++ b/src/psm/Util/Install/Installer.php
@ -348,6 +348,9 @@ class Installer
        if (version_compare($version_from, '3.4.6-beta.1', '<')) {
            $this->upgrade346();
        }
+        if (version_compare($version_from, '3.4.6-beta.2', '<')) {
+            $this->upgrade346();
+        }
        psm_update_conf('version', $version_to);
    }

@ -673,6 +676,20 @@ class Installer
            ADD `ssl_cert_expiry_days` MEDIUMINT(1) UNSIGNED NOT NULL DEFAULT '0' AFTER `warning_threshold_counter`";
        $queries[] = "ALTER TABLE `" . PSM_DB_PREFIX . "servers` 
            ADD `ssl_cert_expired_time` VARCHAR(255) NULL AFTER `ssl_cert_expiry_days`";
+            
+        if (
+            @psm_password_decrypt(
+                psm_get_conf('password_encrypt_key'),
+                psm_get_conf('email_smtp_password')
+            ) === false
+        ) {
+            // Prevents encrypting the password multiple times.
+            $queries[] = "UPDATE `" . PSM_DB_PREFIX . "config` 
+                SET `value` = '" .
+                psm_password_encrypt(psm_get_conf('password_encrypt_key'), psm_get_conf('email_smtp_password')) .
+                "' WHERE `key` = 'email_smtp_password'";
+            $this->log('SMTP password is now encrypted.');
+        }
        $this->execSQL($queries);
    }
 }