paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Web] Fix autodiscover triggering fail2ban implementation, fixes #1069

master
André Peters 2018-02-22 09:16:16 +01:00
parent 035b153445
commit eb4dd632ae
2 changed files with 74 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
data/conf/rspamd/override.d/worker-controller-password.inc 100644
View File

12
data/web/autodiscover.php
View File

@ -36,9 +36,8 @@ $opt = [
$pdo = new PDO($dsn, $database_user, $database_pass, $opt); $pdo = new PDO($dsn, $database_user, $database_pass, $opt);
$login_user = strtolower(trim($_SERVER['PHP_AUTH_USER'])); $login_user = strtolower(trim($_SERVER['PHP_AUTH_USER']));
$login_pass = trim(htmlspecialchars_decode($_SERVER['PHP_AUTH_PW'])); $login_pass = trim(htmlspecialchars_decode($_SERVER['PHP_AUTH_PW']));
$login_role = check_login($login_user, $login_pass);
if (!isset($_SERVER['PHP_AUTH_USER']) OR $login_role !== "user") { if (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW'])) {
try { try {
$json = json_encode( $json = json_encode(
array( array(
@ -62,9 +61,10 @@ if (!isset($_SERVER['PHP_AUTH_USER']) OR $login_role !== "user") {
header('HTTP/1.0 401 Unauthorized'); header('HTTP/1.0 401 Unauthorized');
exit(0); exit(0);
} }
else {
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { $login_role = check_login($login_user, $login_pass);
if ($login_role === "user") {
if ($login_role === "user") {
header("Content-Type: application/xml"); header("Content-Type: application/xml");
echo '<?xml version="1.0" encoding="utf-8" ?>' . PHP_EOL; echo '<?xml version="1.0" encoding="utf-8" ?>' . PHP_EOL;
?> ?>
@ -214,7 +214,5 @@ else {
?> ?>
</Autodiscover> </Autodiscover>
<?php <?php
}
}
} }
?> ?>