Merge branch 'master' of github.com:mailcow/mailcow-dockerized
commit
851f575384
|
@ -109,7 +109,7 @@ function mail_error() {
|
||||||
SUBJECT="${BODY}"
|
SUBJECT="${BODY}"
|
||||||
BODY="Please see netfilter-mailcow for more details and triggered rules."
|
BODY="Please see netfilter-mailcow for more details and triggered rules."
|
||||||
else
|
else
|
||||||
SUBJECT="Watchdog ALERT: ${1}"
|
SUBJECT="${WATCHDOG_SUBJECT}: ${1}"
|
||||||
fi
|
fi
|
||||||
IFS=',' read -r -a MAIL_RCPTS <<< "${WATCHDOG_NOTIFY_EMAIL}"
|
IFS=',' read -r -a MAIL_RCPTS <<< "${WATCHDOG_NOTIFY_EMAIL}"
|
||||||
for rcpt in "${MAIL_RCPTS[@]}"; do
|
for rcpt in "${MAIL_RCPTS[@]}"; do
|
||||||
|
|
|
@ -88,23 +88,29 @@ function hash_password($password) {
|
||||||
// in case default pass scheme is not defined, falling back to BLF-CRYPT.
|
// in case default pass scheme is not defined, falling back to BLF-CRYPT.
|
||||||
global $default_pass_scheme;
|
global $default_pass_scheme;
|
||||||
$pw_hash = NULL;
|
$pw_hash = NULL;
|
||||||
switch (strtoupper($default_pass_scheme)) {
|
// support pre-hashed passwords
|
||||||
case "SSHA":
|
if (preg_match('/^{(ARGON2I|ARGON2ID|BLF-CRYPT|CLEAR|CLEARTEXT|CRYPT|DES-CRYPT|LDAP-MD5|MD5|MD5-CRYPT|PBKDF2|PLAIN|PLAIN-MD4|PLAIN-MD5|PLAIN-TRUNC|PLAIN-TRUNC|SHA|SHA1|SHA256|SHA256-CRYPT|SHA512|SHA512-CRYPT|SMD5|SSHA|SSHA256|SSHA512)}/i', $password)) {
|
||||||
$salt_str = bin2hex(openssl_random_pseudo_bytes(8));
|
$pw_hash = $password;
|
||||||
$pw_hash = "{SSHA}".base64_encode(hash('sha1', $password . $salt_str, true) . $salt_str);
|
}
|
||||||
break;
|
else {
|
||||||
case "SSHA256":
|
switch (strtoupper($default_pass_scheme)) {
|
||||||
$salt_str = bin2hex(openssl_random_pseudo_bytes(8));
|
case "SSHA":
|
||||||
$pw_hash = "{SSHA256}".base64_encode(hash('sha256', $password . $salt_str, true) . $salt_str);
|
$salt_str = bin2hex(openssl_random_pseudo_bytes(8));
|
||||||
break;
|
$pw_hash = "{SSHA}".base64_encode(hash('sha1', $password . $salt_str, true) . $salt_str);
|
||||||
case "SSHA512":
|
break;
|
||||||
$salt_str = bin2hex(openssl_random_pseudo_bytes(8));
|
case "SSHA256":
|
||||||
$pw_hash = "{SSHA512}".base64_encode(hash('sha512', $password . $salt_str, true) . $salt_str);
|
$salt_str = bin2hex(openssl_random_pseudo_bytes(8));
|
||||||
break;
|
$pw_hash = "{SSHA256}".base64_encode(hash('sha256', $password . $salt_str, true) . $salt_str);
|
||||||
case "BLF-CRYPT":
|
break;
|
||||||
default:
|
case "SSHA512":
|
||||||
$pw_hash = "{BLF-CRYPT}" . password_hash($password, PASSWORD_BCRYPT);
|
$salt_str = bin2hex(openssl_random_pseudo_bytes(8));
|
||||||
break;
|
$pw_hash = "{SSHA512}".base64_encode(hash('sha512', $password . $salt_str, true) . $salt_str);
|
||||||
|
break;
|
||||||
|
case "BLF-CRYPT":
|
||||||
|
default:
|
||||||
|
$pw_hash = "{BLF-CRYPT}" . password_hash($password, PASSWORD_BCRYPT);
|
||||||
|
break;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return $pw_hash;
|
return $pw_hash;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1062,13 +1062,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||||
);
|
);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
// support pre hashed passwords
|
$password_hashed = hash_password($password);
|
||||||
if (preg_match('/^{(ARGON2I|ARGON2ID|BLF-CRYPT|CLEAR|CLEARTEXT|CRYPT|DES-CRYPT|LDAP-MD5|MD5|MD5-CRYPT|PBKDF2|PLAIN|PLAIN-MD4|PLAIN-MD5|PLAIN-TRUNC|PLAIN-TRUNC|SHA|SHA1|SHA256|SHA256-CRYPT|SHA512|SHA512-CRYPT|SMD5|SSHA|SSHA256|SSHA512)}/i', $password)) {
|
|
||||||
$password_hashed = $password;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$password_hashed = hash_password($password);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$_SESSION['return'][] = array(
|
$_SESSION['return'][] = array(
|
||||||
|
|
|
@ -437,6 +437,7 @@ services:
|
||||||
- USE_WATCHDOG=${USE_WATCHDOG:-n}
|
- USE_WATCHDOG=${USE_WATCHDOG:-n}
|
||||||
- WATCHDOG_NOTIFY_EMAIL=${WATCHDOG_NOTIFY_EMAIL}
|
- WATCHDOG_NOTIFY_EMAIL=${WATCHDOG_NOTIFY_EMAIL}
|
||||||
- WATCHDOG_NOTIFY_BAN=${WATCHDOG_NOTIFY_BAN:-y}
|
- WATCHDOG_NOTIFY_BAN=${WATCHDOG_NOTIFY_BAN:-y}
|
||||||
|
- WATCHDOG_SUBJECT=${WATCHDOG_SUBJECT:-Watchdog ALERT}
|
||||||
- WATCHDOG_EXTERNAL_CHECKS=${WATCHDOG_EXTERNAL_CHECKS:-n}
|
- WATCHDOG_EXTERNAL_CHECKS=${WATCHDOG_EXTERNAL_CHECKS:-n}
|
||||||
- WATCHDOG_MYSQL_REPLICATION_CHECKS=${WATCHDOG_MYSQL_REPLICATION_CHECKS:-n}
|
- WATCHDOG_MYSQL_REPLICATION_CHECKS=${WATCHDOG_MYSQL_REPLICATION_CHECKS:-n}
|
||||||
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
|
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
|
||||||
|
|
|
@ -279,6 +279,9 @@ USE_WATCHDOG=y
|
||||||
# Notify about banned IP (includes whois lookup)
|
# Notify about banned IP (includes whois lookup)
|
||||||
WATCHDOG_NOTIFY_BAN=n
|
WATCHDOG_NOTIFY_BAN=n
|
||||||
|
|
||||||
|
# Subject for watchdog mails. Defaults to "Watchdog ALERT" followed by the error message.
|
||||||
|
#WATCHDOG_SUBJECT=
|
||||||
|
|
||||||
# Checks if mailcow is an open relay. Requires a SAL. More checks will follow.
|
# Checks if mailcow is an open relay. Requires a SAL. More checks will follow.
|
||||||
# https://www.servercow.de/mailcow?lang=en
|
# https://www.servercow.de/mailcow?lang=en
|
||||||
# https://www.servercow.de/mailcow?lang=de
|
# https://www.servercow.de/mailcow?lang=de
|
||||||
|
|
|
@ -191,6 +191,7 @@ CONFIG_ARRAY=(
|
||||||
"WATCHDOG_NOTIFY_EMAIL"
|
"WATCHDOG_NOTIFY_EMAIL"
|
||||||
"WATCHDOG_NOTIFY_BAN"
|
"WATCHDOG_NOTIFY_BAN"
|
||||||
"WATCHDOG_EXTERNAL_CHECKS"
|
"WATCHDOG_EXTERNAL_CHECKS"
|
||||||
|
"WATCHDOG_SUBJECT"
|
||||||
"SKIP_CLAMD"
|
"SKIP_CLAMD"
|
||||||
"SKIP_IP_CHECK"
|
"SKIP_IP_CHECK"
|
||||||
"ADDITIONAL_SAN"
|
"ADDITIONAL_SAN"
|
||||||
|
@ -361,6 +362,12 @@ for option in ${CONFIG_ARRAY[@]}; do
|
||||||
echo '# Notify about banned IP. Includes whois lookup.' >> mailcow.conf
|
echo '# Notify about banned IP. Includes whois lookup.' >> mailcow.conf
|
||||||
echo "WATCHDOG_NOTIFY_BAN=y" >> mailcow.conf
|
echo "WATCHDOG_NOTIFY_BAN=y" >> mailcow.conf
|
||||||
fi
|
fi
|
||||||
|
elif [[ ${option} == "WATCHDOG_SUBJECT" ]]; then
|
||||||
|
if ! grep -q ${option} mailcow.conf; then
|
||||||
|
echo "Adding new option \"${option}\" to mailcow.conf"
|
||||||
|
echo '# Subject for watchdog mails. Defaults to "Watchdog ALERT" followed by the error message.' >> mailcow.conf
|
||||||
|
echo "#WATCHDOG_SUBJECT=" >> mailcow.conf
|
||||||
|
fi
|
||||||
elif [[ ${option} == "WATCHDOG_EXTERNAL_CHECKS" ]]; then
|
elif [[ ${option} == "WATCHDOG_EXTERNAL_CHECKS" ]]; then
|
||||||
if ! grep -q ${option} mailcow.conf; then
|
if ! grep -q ${option} mailcow.conf; then
|
||||||
echo "Adding new option \"${option}\" to mailcow.conf"
|
echo "Adding new option \"${option}\" to mailcow.conf"
|
||||||
|
|
Loading…
Reference in New Issue