extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-12-22 14:41:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

* Setup: re-add config for mail authentication and fixed it to always try to use a TLS connection

Browse Source
This commit is contained in:
Ralf Becker 2014-05-17 08:00:17 +00:00
parent 8605c025ec
commit 9602d061ad
3 changed files with 102 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
phpgwapi/inc/class.auth_mail.inc.php
View File

@ -21,6 +21,10 @@ class auth_mail implements auth_backend
/** /**
* password authentication * password authentication
* *
* We are always trying to establish a TLS connection, but we do not
* (yet) validate certs, as most PHP installs dont validate them!
* For imap/pop3 we are NOT adding notls to use STARTTLS if server supports it.
*
* @param string $username username of account to authenticate * @param string $username username of account to authenticate
* @param string $passwd corresponding password * @param string $passwd corresponding password
* @param string $passwd_type='text' 'text' for cleartext passwords (default) * @param string $passwd_type='text' 'text' for cleartext passwords (default)
@ -28,54 +32,46 @@ class auth_mail implements auth_backend
*/ */
function authenticate($username, $passwd, $passwd_type='text') function authenticate($username, $passwd, $passwd_type='text')
{ {
$notls = '/notls'; unset($passwd_type); // not used but required by function signature
if ($GLOBALS['egw_info']['server']['mail_login_type'] == 'vmailmgr')
check_load_extension('imap', true);
switch ($GLOBALS['egw_info']['server']['mail_login_type'])
{ {
case 'vmailmgr':
$username = $username . '@' . $GLOBALS['egw_info']['server']['mail_suffix']; $username = $username . '@' . $GLOBALS['egw_info']['server']['mail_suffix'];
} break;
if ($GLOBALS['egw_info']['server']['mail_server_type']=='imap') case 'email':
{ $username = $GLOBALS['egw']->accounts->id2name($username, 'account_email');
$GLOBALS['egw_info']['server']['mail_port'] = '143'; break;
} case 'uidNumber':
elseif ($GLOBALS['egw_info']['server']['mail_server_type']=='pop3') $username = 'u'.$GLOBALS['egw']->accounts->name2id($username);
{ break;
$GLOBALS['egw_info']['server']['mail_port'] = '110';
}
elseif ($GLOBALS['egw_info']['server']['mail_server_type']=='imaps')
{
$GLOBALS['egw_info']['server']['mail_port'] = '993';
$notls = '';
}
elseif ($GLOBALS['egw_info']['server']['mail_server_type']=='pop3s')
{
$GLOBALS['egw_info']['server']['mail_port'] = '995';
} }
if( $GLOBALS['egw_info']['server']['mail_server_type']=='pop3') list($host, $port) = explode(':', $GLOBALS['egw_info']['server']['mail_server']);
switch ($GLOBALS['egw_info']['server']['mail_server_type'])
{ {
$mailauth = imap_open('{'.$GLOBALS['egw_info']['server']['mail_server'].'/pop3' case 'imap':
.':'.$GLOBALS['egw_info']['server']['mail_port'].'}INBOX', $username , $passwd); default:
} if (!isset($port)) $port = 143;
elseif ( $GLOBALS['egw_info']['server']['mail_server_type']=='imaps' ) $mailauth = imap_open('{'.$host.':'.$port.'/imap/novalidate-cert}INBOX', $username , $passwd);
{ break;
// IMAPS support: case 'imaps':
$mailauth = imap_open('{'.$GLOBALS['egw_info']['server']['mail_server']."/ssl/novalidate-cert" if (!isset($port)) $port = 993;
.':993}INBOX', $username , $passwd); $mailauth = imap_open('{'.$host.'/imap/ssl/novalidate-cert:'.$port.'}INBOX', $username , $passwd);
} break;
elseif ( $GLOBALS['egw_info']['server']['mail_server_type']=='pop3s' ) case 'pop3':
{ if (!isset($port)) $port = 110;
// POP3S support: $mailauth = imap_open('{'.$host.'/pop3/novalidate-cert:'.$port.'}INBOX', $username , $passwd);
$mailauth = imap_open('{'.$GLOBALS['egw_info']['server']['mail_server']."/ssl/novalidate-cert" break;
.':995}INBOX', $username , $passwd); case 'pop3s':
} if (!isset($port)) $port = 995;
else $mailauth = imap_open('{'.$host.'/pop3/ssl/novalidate-cert:'.$port.'}INBOX', $username , $passwd);
{ break;
/* assume imap */
$mailauth = imap_open('{'.$GLOBALS['egw_info']['server']['mail_server']
.':'.$GLOBALS['egw_info']['server']['mail_port'].$notls.'}INBOX', $username , $passwd);
} }
if ($mailauth == False) if (!$mailauth)
{ {
return False; return False;
} }
@ -94,6 +90,8 @@ class auth_mail implements auth_backend
*/ */
function change_password($old_passwd, $new_passwd, $account_id=0) function change_password($old_passwd, $new_passwd, $account_id=0)
{ {
unset($old_passwd, $new_passwd, $account_id); // not used but required by function sigature
return False; return False;
} }
} }

24
setup/inc/hook_config_validate.inc.php
View File

@ -19,9 +19,31 @@ $GLOBALS['egw_info']['server']['found_validation_hook'] = array(
'files_dir', 'files_dir',
'backup_dir', 'backup_dir',
'mcrypt_algo', 'mcrypt_algo',
'ldap_search_filter' 'ldap_search_filter',
'auth_type',
); );
/**
* Validate different auth-types
*
* @param array $settings
*/
function auth_type($settings)
{
switch($settings['auth_type'])
{
case 'mail':
try {
check_load_extension('imap', true);
}
catch (Exception $ex)
{
$GLOBALS['config_error'] = $ex->getMessage();
}
break;
}
}
/** /**
* Set vfs_fstab depending from what the user selected for vfs_storage_mode * Set vfs_fstab depending from what the user selected for vfs_storage_mode
* *

38
setup/templates/default/config.tpl
View File

@ -445,6 +445,44 @@
<td colspan="2">&nbsp;</td> <td colspan="2">&nbsp;</td>
</tr> </tr>
<tr class="th">
<td colspan="2"><b>{lang_If_using_Mail_authentication_(requires_PHP_IMAP_extension!}:</b></td>
</tr>
<tr class="row_on">
<td>{lang_POP/IMAP_mail_server_hostname_or_IP_address}[:{lang_port}]:</td>
<td><input name="newsettings[mail_server]" value="{value_mail_server}"></td>
</tr>
<tr class="row_off">
<td>{lang_Mail_server_protocol}:</td>
<td>
<select name="newsettings[mail_server_type]">
<option value="imap" {selected_mail_server_type_imap}>IMAP</option>
<option value="imaps" {selected_mail_server_type_imaps}>IMAPS</option>
<option value="pop3" {selected_mail_server_type_pop3}>POP3</option>
<option value="pop3s" {selected_mail_server_type_pop3s}>POP3s</option>
</select>
</td>
</tr>
<tr class="row_on">
<td>{lang_Mail_server_login_type}:</td>
<td>
<select name="newsettings[mail_login_type]">
<option value="standard" {selected_mail_login_type_standard}>{lang_username_(standard)}</option>
<option value="vmailmgr" {selected_mail_login_type_vmailmgr}>{lang_username@domainname_(Virtual_MAIL_ManaGeR)}</option>
<option value="email" {selected_mail_login_type_email}>{lang_EMail-address}</option>
<option value="uidNumber" {selected_mail_login_type_uidNumber}>{lang_UserId@domain_eg._u1234@domain}</option>
</select>
</td>
</tr>
<tr class="row_off">
<td>{lang_Mail_domain_(for_Virtual_MAIL_ManaGeR)}:</td>
<td><input name="newsettings[mail_suffix]" value="{value_mail_suffix}"></td>
</tr>
<tr class="row_off">
<td colspan="2">&nbsp;</td>
</tr>
<tr class="th"> <tr class="th">
<td colspan="2"><b>{lang_If_using_CAS_(Central_Authentication_Service):}</b></td> <td colspan="2"><b>{lang_If_using_CAS_(Central_Authentication_Service):}</b></td>
</tr> </tr>