paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Dovecot] Re-add listescape...

master
andryyy 2021-06-23 14:17:39 +02:00
parent 9544ffe174
commit b2272b8e35
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
6 changed files with 27 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
data/Dockerfiles/dovecot/docker-entrypoint.sh
View File

@ -110,13 +110,13 @@ EOF
echo -n ${ACL_ANYONE} > /etc/dovecot/acl_anyone echo -n ${ACL_ANYONE} > /etc/dovecot/acl_anyone
if [[ "${SKIP_SOLR}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then if [[ "${SKIP_SOLR}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
echo -n 'quota acl zlib mail_crypt mail_crypt_acl mail_log notify replication' > /etc/dovecot/mail_plugins echo -n 'quota acl zlib mail_crypt mail_crypt_acl mail_log notify listescape replication' > /etc/dovecot/mail_plugins
echo -n 'quota imap_quota imap_acl acl zlib imap_zlib imap_sieve mail_crypt mail_crypt_acl notify replication mail_log' > /etc/dovecot/mail_plugins_imap echo -n 'quota imap_quota imap_acl acl zlib imap_zlib imap_sieve mail_crypt mail_crypt_acl notify listescape replication mail_log' > /etc/dovecot/mail_plugins_imap
echo -n 'quota sieve acl zlib mail_crypt mail_crypt_acl notify replication' > /etc/dovecot/mail_plugins_lmtp echo -n 'quota sieve acl zlib mail_crypt mail_crypt_acl notify listescape replication' > /etc/dovecot/mail_plugins_lmtp
else else
echo -n 'quota acl zlib mail_crypt mail_crypt_acl mail_log notify fts fts_solr replication' > /etc/dovecot/mail_plugins echo -n 'quota acl zlib mail_crypt mail_crypt_acl mail_log notify fts fts_solr listescape replication' > /etc/dovecot/mail_plugins
echo -n 'quota imap_quota imap_acl acl zlib imap_zlib imap_sieve mail_crypt mail_crypt_acl notify mail_log fts fts_solr replication' > /etc/dovecot/mail_plugins_imap echo -n 'quota imap_quota imap_acl acl zlib imap_zlib imap_sieve mail_crypt mail_crypt_acl notify mail_log fts fts_solr listescape replication' > /etc/dovecot/mail_plugins_imap
echo -n 'quota sieve acl zlib mail_crypt mail_crypt_acl fts fts_solr notify replication' > /etc/dovecot/mail_plugins_lmtp echo -n 'quota sieve acl zlib mail_crypt mail_crypt_acl fts fts_solr notify listescape replication' > /etc/dovecot/mail_plugins_lmtp
fi fi
chmod 644 /etc/dovecot/mail_plugins /etc/dovecot/mail_plugins_imap /etc/dovecot/mail_plugins_lmtp /templates/quarantine.tpl chmod 644 /etc/dovecot/mail_plugins /etc/dovecot/mail_plugins_imap /etc/dovecot/mail_plugins_lmtp /templates/quarantine.tpl

1
data/conf/dovecot/dovecot.conf
View File

@ -220,6 +220,7 @@ plugin {
sieve_max_actions = 101 sieve_max_actions = 101
sieve_quota_max_scripts = 0 sieve_quota_max_scripts = 0
sieve_quota_max_storage = 0 sieve_quota_max_storage = 0
listescape_char = "\\"
sieve_vacation_min_period = 5s sieve_vacation_min_period = 5s
sieve_vacation_max_period = 0 sieve_vacation_max_period = 0
sieve_vacation_default_period = 60s sieve_vacation_default_period = 60s

1
data/web/lang/lang.de.json
View File

@ -1069,6 +1069,7 @@
"no_active_filter": "Kein aktiver Filter vorhanden", "no_active_filter": "Kein aktiver Filter vorhanden",
"no_last_login": "Keine letzte UI-Anmeldung gespeichert", "no_last_login": "Keine letzte UI-Anmeldung gespeichert",
"no_record": "Kein Eintrag", "no_record": "Kein Eintrag",
"open_webmail_sso": "In Webmail einloggen",
"password": "Passwort", "password": "Passwort",
"password_now": "Aktuelles Passwort (Änderungen bestätigen)", "password_now": "Aktuelles Passwort (Änderungen bestätigen)",
"password_repeat": "Passwort (Wiederholung)", "password_repeat": "Passwort (Wiederholung)",

1
data/web/lang/lang.en.json
View File

@ -1067,6 +1067,7 @@
"no_active_filter": "No active filter available", "no_active_filter": "No active filter available",
"no_last_login": "No last UI login information", "no_last_login": "No last UI login information",
"no_record": "No record", "no_record": "No record",
"open_webmail_sso": "Login to webmail",
"password": "Password", "password": "Password",
"password_now": "Current password (confirm changes)", "password_now": "Current password (confirm changes)",
"password_repeat": "Password (repeat)", "password_repeat": "Password (repeat)",

23
data/web/sogo-auth.php
View File

@ -1,21 +1,10 @@
<?php <?php
$ALLOW_ADMIN_EMAIL_LOGIN = (preg_match(
"/^([yY][eE][sS]|[yY])+$/",
$_ENV["ALLOW_ADMIN_EMAIL_LOGIN"]
));
$session_var_user_allowed = 'sogo-sso-user-allowed'; $session_var_user_allowed = 'sogo-sso-user-allowed';
$session_var_pass = 'sogo-sso-pass'; $session_var_pass = 'sogo-sso-pass';
// prevent if feature is disabled
if (!$ALLOW_ADMIN_EMAIL_LOGIN) {
header('HTTP/1.0 403 Forbidden');
echo "this feature is disabled";
exit;
}
// validate credentials for basic auth requests // validate credentials for basic auth requests
elseif (isset($_SERVER['PHP_AUTH_USER'])) { if (isset($_SERVER['PHP_AUTH_USER'])) {
// load prerequisites only when required // load prerequisites only when required
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
$username = $_SERVER['PHP_AUTH_USER']; $username = $_SERVER['PHP_AUTH_USER'];
@ -36,11 +25,14 @@ elseif (isset($_SERVER['PHP_AUTH_USER'])) {
elseif (isset($_GET['login'])) { elseif (isset($_GET['login'])) {
// load prerequisites only when required // load prerequisites only when required
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
// check permissions // check if dual_login is active
if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['acl']['login_as'] == "1") { $is_dual = (!empty($_SESSION["dual-login"]["username"])) ? true : false;
// check permissions (if dual_login is active, deny sso when acl is not given)
$login = html_entity_decode(rawurldecode($_GET["login"])); $login = html_entity_decode(rawurldecode($_GET["login"]));
if (isset($_SESSION['mailcow_cc_role']) &&
($_SESSION['acl']['login_as'] == "1" || ($is_dual === false && $login == $_SESSION['mailcow_cc_username']))) {
if (filter_var($login, FILTER_VALIDATE_EMAIL)) { if (filter_var($login, FILTER_VALIDATE_EMAIL)) {
if (!empty(mailbox('get', 'mailbox_details', $login))) { if (user_get_alias_details($login) !== false) {
// load master password // load master password
$sogo_sso_pass = file_get_contents("/etc/sogo-sso/sogo-sso.pass"); $sogo_sso_pass = file_get_contents("/etc/sogo-sso/sogo-sso.pass");
// register username and password in session // register username and password in session
@ -53,6 +45,7 @@ elseif (isset($_GET['login'])) {
} }
} }
header('HTTP/1.0 403 Forbidden'); header('HTTP/1.0 403 Forbidden');
echo "Access is forbidden";
exit; exit;
} }
// only check for admin-login on sogo GUI requests // only check for admin-login on sogo GUI requests

9
data/web/user.php
View File

@ -178,6 +178,15 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<div class="panel panel-default"> <div class="panel panel-default">
<div class="panel-heading"><?=$lang['user']['mailbox_general'];?></div> <div class="panel-heading"><?=$lang['user']['mailbox_general'];?></div>
<div class="panel-body"> <div class="panel-body">
<div class="row">
<div class="col-md-3 col-xs-5 text-right"></div>
<div class="col-md-3 col-xs-7">
<a target="_blank" href="/sogo-auth.php?login=<?=$username;?>" role="button" class="btn btn-default btn-block">
<i class="bi bi-inbox-fill"></i> <?=$lang['user']['open_webmail_sso'];?>
</a>
</div>
</div>
<hr>
<div class="row"> <div class="row">
<div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['in_use'];?>:</div> <div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['in_use'];?>:</div>
<div class="col-md-5 col-xs-7"> <div class="col-md-5 col-xs-7">