* Setup: support mail authentication without PHP imap extension

This commit is contained in:
Ralf Becker 2015-06-10 15:44:01 +00:00
parent 89a8ee9804
commit 6c7026fa52
5 changed files with 57 additions and 30 deletions

View File

@ -27,15 +27,13 @@ class auth_mail implements auth_backend
* *
* @param string $username username of account to authenticate * @param string $username username of account to authenticate
* @param string $passwd corresponding password * @param string $passwd corresponding password
* @param string $passwd_type='text' 'text' for cleartext passwords (default) * @param string $passwd_type ='text' 'text' for cleartext passwords (default)
* @return boolean true if successful authenticated, false otherwise * @return boolean true if successful authenticated, false otherwise
*/ */
function authenticate($username, $passwd, $passwd_type='text') function authenticate($username, $passwd, $passwd_type='text')
{ {
unset($passwd_type); // not used but required by function signature unset($passwd_type); // not used but required by function signature
check_load_extension('imap', true);
switch ($GLOBALS['egw_info']['server']['mail_login_type']) switch ($GLOBALS['egw_info']['server']['mail_login_type'])
{ {
case 'vmailmgr': case 'vmailmgr':
@ -50,34 +48,57 @@ class auth_mail implements auth_backend
} }
list($host, $port) = explode(':', $GLOBALS['egw_info']['server']['mail_server']); list($host, $port) = explode(':', $GLOBALS['egw_info']['server']['mail_server']);
switch ($GLOBALS['egw_info']['server']['mail_server_type'])
{
case 'imap':
default:
if (!isset($port)) $port = 143;
$mailauth = imap_open('{'.$host.':'.$port.'/imap/novalidate-cert}INBOX', $username , $passwd);
break;
case 'imaps':
if (!isset($port)) $port = 993;
$mailauth = imap_open('{'.$host.'/imap/ssl/novalidate-cert:'.$port.'}INBOX', $username , $passwd);
break;
case 'pop3':
if (!isset($port)) $port = 110;
$mailauth = imap_open('{'.$host.'/pop3/novalidate-cert:'.$port.'}INBOX', $username , $passwd);
break;
case 'pop3s':
if (!isset($port)) $port = 995;
$mailauth = imap_open('{'.$host.'/pop3/ssl/novalidate-cert:'.$port.'}INBOX', $username , $passwd);
break;
}
if (!$mailauth) // use Horde_Imap_Client by default, to not require PHP imap extension anymore
if (class_exists('Horde_Imap_Client_Socket') && !in_array($GLOBALS['egw_info']['server']['mail_server_type'], array('pop', 'pops')))
{ {
return False; $imap = new Horde_Imap_Client_Socket(array(
} 'username' => $username,
imap_close($mailauth); 'password' => $passwd,
'hostspec' => $host,
'port' => $port ? $port : ($GLOBALS['egw_info']['server']['mail_server_type'] == 'imaps' ? 993 : 143),
'secure' => $GLOBALS['egw_info']['server']['mail_server_type'] == 'imaps' ? 'ssl' : 'tls',
));
try {
$imap->login();
$mailauth = true;
$imap->logout();
}
catch(Horde_Imap_Client_Exception $e) {
// throw everything but authentication failed as exception
if ($e->getCode() != Horde_Imap_Client_Exception::LOGIN_AUTHENTICATIONFAILED) throw $e;
return True; $mailauth = false;
}
error_log(__METHOD__."('$username', \$passwd) checked via Horde code returning ".array2string($mailauth));
}
else
{
check_load_extension('imap', true);
switch ($GLOBALS['egw_info']['server']['mail_server_type'])
{
case 'imap':
default:
if (!isset($port)) $port = 143;
$mailauth = imap_open('{'.$host.':'.$port.'/imap/novalidate-cert}INBOX', $username , $passwd);
break;
case 'imaps':
if (!isset($port)) $port = 993;
$mailauth = imap_open('{'.$host.'/imap/ssl/novalidate-cert:'.$port.'}INBOX', $username , $passwd);
break;
case 'pop3':
if (!isset($port)) $port = 110;
$mailauth = imap_open('{'.$host.'/pop3/novalidate-cert:'.$port.'}INBOX', $username , $passwd);
break;
case 'pop3s':
if (!isset($port)) $port = 995;
$mailauth = imap_open('{'.$host.'/pop3/ssl/novalidate-cert:'.$port.'}INBOX', $username , $passwd);
break;
}
if ($mailauth) imap_close($mailauth);
}
return !!$mailauth;
} }
/** /**
@ -85,7 +106,7 @@ class auth_mail implements auth_backend
* *
* @param string $old_passwd must be cleartext or empty to not to be checked * @param string $old_passwd must be cleartext or empty to not to be checked
* @param string $new_passwd must be cleartext * @param string $new_passwd must be cleartext
* @param int $account_id=0 account id of user whose passwd should be changed * @param int $account_id =0 account id of user whose passwd should be changed
* @return boolean true if password successful changed, false otherwise * @return boolean true if password successful changed, false otherwise
*/ */
function change_password($old_passwd, $new_passwd, $account_id=0) function change_password($old_passwd, $new_passwd, $account_id=0)

View File

@ -33,6 +33,10 @@ function auth_type($settings)
switch($settings['auth_type']) switch($settings['auth_type'])
{ {
case 'mail': case 'mail':
if (class_exists('Horde_Imap_Client_Socket') && !in_array($settings['mail_server_type'], array('pop', 'pops')))
{
return; // we use Horde code instead of imap extension
}
try { try {
check_load_extension('imap', true); check_load_extension('imap', true);
} }

View File

@ -337,6 +337,7 @@ if using ads (active directory) setup de Wenn Sie ADS (Active Directory) benutze
if using cas (central authentication service): setup de Wenn Sie CAS (Central Authentication Service) benutzen if using cas (central authentication service): setup de Wenn Sie CAS (Central Authentication Service) benutzen
if using ldap setup de Wenn Sie LDAP verwenden if using ldap setup de Wenn Sie LDAP verwenden
if using ldap, do you want to manage homedirectory and loginshell attributes? setup de Wenn Sie LDAP verwenden, wollen Sie Benutzerverzeichnisse und Kommandointerpreter verwalten ? if using ldap, do you want to manage homedirectory and loginshell attributes? setup de Wenn Sie LDAP verwenden, wollen Sie Benutzerverzeichnisse und Kommandointerpreter verwalten ?
if using mail authentication setup de Wenn Sie Mail Authentifizierung verwenden
if you can only access the docroot choose <b>database</b> for where to store the file content and use same path as for temporary files. setup de Wenn Sie nur die Documentroot erreichen können, wählen Sie bei Inhalt von Dateien speichern <b>Datenbank</b> UND benutzen Sie hier den Pfad für temporäre Dateien. if you can only access the docroot choose <b>database</b> for where to store the file content and use same path as for temporary files. setup de Wenn Sie nur die Documentroot erreichen können, wählen Sie bei Inhalt von Dateien speichern <b>Datenbank</b> UND benutzen Sie hier den Pfad für temporäre Dateien.
if you did not receive any errors, your applications have been setup de Wenn Sie keine Fehlermeldungen erhalten, wurden Ihre Anwendungen if you did not receive any errors, your applications have been setup de Wenn Sie keine Fehlermeldungen erhalten, wurden Ihre Anwendungen
if you did not receive any errors, your tables have been setup de Wenn Sie keine Fehlermeldungen erhalten, wurden Ihre Tabellen if you did not receive any errors, your tables have been setup de Wenn Sie keine Fehlermeldungen erhalten, wurden Ihre Tabellen

View File

@ -337,6 +337,7 @@ if using ads (active directory) setup en If using ADS (Active Directory) authent
if using cas (central authentication service): setup en if using cas (Central Authentication Service): if using cas (central authentication service): setup en if using cas (Central Authentication Service):
if using ldap setup en If using LDAP if using ldap setup en If using LDAP
if using ldap, do you want to manage homedirectory and loginshell attributes? setup en If using LDAP, do you want to manage home directory and login shell attributes? if using ldap, do you want to manage homedirectory and loginshell attributes? setup en If using LDAP, do you want to manage home directory and login shell attributes?
if using mail authentication setup en If using Mail authentication
if you can only access the docroot choose <b>database</b> for where to store the file content and use same path as for temporary files. setup en If you can only access the docroot choose <b>Database</b> for where to store the file content AND use same path as for temporary files. if you can only access the docroot choose <b>database</b> for where to store the file content and use same path as for temporary files. setup en If you can only access the docroot choose <b>Database</b> for where to store the file content AND use same path as for temporary files.
if you did not receive any errors, your applications have been setup en If you did not receive any errors, your applications have been if you did not receive any errors, your applications have been setup en If you did not receive any errors, your applications have been
if you did not receive any errors, your tables have been setup en If you did not receive any errors, your tables have been if you did not receive any errors, your tables have been setup en If you did not receive any errors, your tables have been

View File

@ -444,7 +444,7 @@
</tr> </tr>
<tr class="th"> <tr class="th">
<td colspan="2"><b>{lang_If_using_Mail_authentication_(requires_PHP_IMAP_extension!}:</b></td> <td colspan="2"><b>{lang_If_using_Mail_authentication}:</b></td>
</tr> </tr>
<tr class="row_on"> <tr class="row_on">
<td>{lang_POP/IMAP_mail_server_hostname_or_IP_address}[:{lang_port}]:</td> <td>{lang_POP/IMAP_mail_server_hostname_or_IP_address}[:{lang_port}]:</td>