Upgrade¶
From 1.4 to 1.5¶
Multiple attributes for mail and mobile¶
You can now configure multiple LDAP attributes for mail and mobile. The search will be done in each attribute, the first value found will be used.
The old parameters $mail_attribute
and $sms_attribute
need to be replaced by $mail_attributes
and $sms_attributes
which are now an array of values:
$mail_attributes = array( "mail", "gosaMailAlternateAddress", "proxyAddresses" );
$sms_attributes = array( "mobile", "pager", "ipPhone", "homephone" );
Rate limit¶
Now rate limit configuration is applied to all features:
Password change
Password reset by questions
Password reset by tokens (mail or SMS)
SSH key change
Tip
Before 1.5, it was just used with tokens.
Another improvement is the possibility to adapt rate limit by IP, see $ratelimit_filter_by_ip_jsonfile
parameter.
Argon2¶
The password can now be hashed with Argon2. To use it, just set it into $hash
parameter:
$hash = "ARGON2";
Security¶
We now hide by default the error “mail not found”, this can be reverted by editing the $obscure_failure_messages
parameter. See security documentation for more information.
PHP compatibility¶
Version 1.5 should now be working with latest PHP version.