From: tokul Date: Wed, 19 Apr 2006 18:03:24 +0000 (+0000) Subject: if $key is set to false, sqimap_login() function will use sqauth_read_password() X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=045ec1a17de3de6297f2dfc576db99f5edbdb15b;p=squirrelmail.git if $key is set to false, sqimap_login() function will use sqauth_read_password() to retrieve user password. sqimap_login() calls in plugins are modified to use this code. It allows to centralize place that is used to access password information. Older way is preserved for backwards compatibility and different IMAP login credentials. git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@11058 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- diff --git a/ChangeLog b/ChangeLog index 969a8fd2..1ad32247 100644 --- a/ChangeLog +++ b/ChangeLog @@ -37,6 +37,9 @@ Version 1.5.2 - CVS - Fixed sqsession_cookie function for setting HttpOnly cookie attribute. - Reduce references header in a smart way to avoid "header too long" errors from SMTP servers in really long threads (#1167754, #1465342). + - Added code that allows to use internal password functions in sqimap_login(). + Switched plugins to use this code instead of accessing key and otp information + directly. Version 1.5.1 (branched on 2006-02-12) -------------------------------------- diff --git a/functions/imap_general.php b/functions/imap_general.php index 1afcafff..80d40d12 100755 --- a/functions/imap_general.php +++ b/functions/imap_general.php @@ -743,7 +743,9 @@ function sqimap_create_stream($server,$port,$tls=0) { * Logs the user into the IMAP server. If $hide is set, no error messages * will be displayed. This function returns the IMAP connection handle. * @param string $username user name - * @param string $password encrypted password + * @param string $password password encrypted with onetimepad. Since 1.5.2 + * function can use internal password functions, if parameter is set to + * boolean false. * @param string $imap_server_address address of imap server * @param integer $imap_port port of imap server * @param boolean $hide controls display connection errors @@ -753,9 +755,19 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $ global $color, $squirrelmail_language, $onetimepad, $use_imap_tls, $imap_auth_mech, $sqimap_capabilities; - if (!isset($onetimepad) || empty($onetimepad)) { - sqgetglobalvar('onetimepad' , $onetimepad , SQ_SESSION ); + /* get imap login password */ + if ($password===false) { + /* standard functions */ + $password = sqauth_read_password(); + } else { + /* old way. $key must be extracted from cookie */ + if (!isset($onetimepad) || empty($onetimepad)) { + sqgetglobalvar('onetimepad' , $onetimepad , SQ_SESSION ); + } + /* Decrypt the password */ + $password = OneTimePadDecrypt($password, $onetimepad); } + if (!isset($sqimap_capabilities)) { sqgetglobalvar('sqimap_capabilities' , $capability , SQ_SESSION ); } @@ -765,9 +777,6 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $ $imap_stream = sqimap_create_stream($imap_server_address,$imap_port,$use_imap_tls); - /* Decrypt the password */ - $password = OneTimePadDecrypt($password, $onetimepad); - if (($imap_auth_mech == 'cram-md5') OR ($imap_auth_mech == 'digest-md5')) { // We're using some sort of authentication OTHER than plain or login $tag=sqimap_session_id(false); diff --git a/include/options/folder.php b/include/options/folder.php index ce55f516..451def5a 100644 --- a/include/options/folder.php +++ b/include/options/folder.php @@ -33,12 +33,11 @@ define('SMOPT_GRP_FOLDERSELECT', 2); * @return array all option information */ function load_optpage_data_folder() { - global $username, $key, $imapServerAddress, $imapPort; + global $username, $imapServerAddress, $imapPort; global $folder_prefix, $default_folder_prefix, $show_prefix_option; /* Get some imap data we need later. */ - $imapConnection = - sqimap_login($username, $key, $imapServerAddress, $imapPort, 0); + $imapConnection = sqimap_login($username, false, $imapServerAddress, $imapPort, 0); $boxes = sqimap_mailbox_list($imapConnection); /* Build a simple array into which we will build options. */ diff --git a/plugins/info/options.php b/plugins/info/options.php index e27ae576..1046b86b 100644 --- a/plugins/info/options.php +++ b/plugins/info/options.php @@ -42,8 +42,6 @@ if (! is_plugin_enabled('info')) { /* GLOBALS */ sqgetGlobalVar('username', $username, SQ_SESSION); -sqgetGlobalVar('key', $key, SQ_COOKIE); -sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION); sqgetGlobalVar('submit', $submit, SQ_POST); @@ -56,7 +54,7 @@ for($i = 0; $i <= 9; $i++){ /* END GLOBALS */ -$imap_stream = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0); +$imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 0); $caps_array = get_caps($imap_stream); $list = array ('TEST_0', 'TEST_1', diff --git a/plugins/message_details/message_details_bottom.php b/plugins/message_details/message_details_bottom.php index f3eee63a..f66817db 100644 --- a/plugins/message_details/message_details_bottom.php +++ b/plugins/message_details/message_details_bottom.php @@ -126,9 +126,8 @@ global $imapServerAddress, $imapPort, $color,$msgd_8bit_in_hex; $returnValue = ''; sqgetGlobalVar('username', $username, SQ_SESSION); -sqgetGlobalVar('key', $key, SQ_COOKIE); -$imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0); +$imapConnection = sqimap_login($username, false, $imapServerAddress, $imapPort, 0); $read = sqimap_mailbox_select($imapConnection, $mailbox); $start = gettimeofday(); $body = sqimap_run_command($imapConnection, "FETCH $passed_id RFC822",true, $response, $readmessage, TRUE); diff --git a/plugins/sent_subfolders/setup.php b/plugins/sent_subfolders/setup.php index 14427d15..42070e33 100644 --- a/plugins/sent_subfolders/setup.php +++ b/plugins/sent_subfolders/setup.php @@ -104,11 +104,9 @@ function sent_subfolders_optpage_loadhook_folders() { global $optpage_data, $imapServerAddress, $imapPort, $show_contain_subfolders_option; sqgetGlobalVar('username', $username, SQ_SESSION); - sqgetGlobalVar('key', $key, SQ_COOKIE); /* Get some imap data we need later. */ - $imapConnection = - sqimap_login($username, $key, $imapServerAddress, $imapPort, 0); + $imapConnection = sqimap_login($username, false, $imapServerAddress, $imapPort, 0); $boxes = sqimap_mailbox_list($imapConnection); sqimap_logout($imapConnection); @@ -197,7 +195,6 @@ function sent_subfolders_update_sentfolder() { global $use_sent_subfolders, $move_to_sent; sqgetGlobalVar('username', $username, SQ_SESSION); - sqgetGlobalVar('key', $key, SQ_COOKIE); sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); if ($use_sent_subfolders || $move_to_sent) { @@ -246,7 +243,7 @@ function sent_subfolders_update_sentfolder() { /* Auto-create folders, if they do not yet exist. */ if ($sent_subfolder != 'none') { /* Create the imap connection. */ - $ic = sqimap_login($username, $key, $imapServerAddress, $imapPort, 10); + $ic = sqimap_login($username, false, $imapServerAddress, $imapPort, 10); $boxes = false; /** diff --git a/plugins/spamcop/functions.php b/plugins/spamcop/functions.php index d3a21dee..44c542ef 100644 --- a/plugins/spamcop/functions.php +++ b/plugins/spamcop/functions.php @@ -131,13 +131,12 @@ function spamcop_options_function() { */ function spamcop_while_sending_function() { global $mailbox, $spamcop_delete, $spamcop_save, $spamcop_is_composing, $auto_expunge, - $username, $key, $imapServerAddress, $imapPort; + $username, $imapServerAddress, $imapPort; if (sqgetGlobalVar('spamcop_is_composing' , $spamcop_is_composing)) { // delete spam message if ($spamcop_delete) { - $imapConnection = sqimap_login($username, $key, $imapServerAddress, - $imapPort, 0); + $imapConnection = sqimap_login($username, false, $imapServerAddress, $imapPort, 0); sqimap_mailbox_select($imapConnection, $mailbox); sqimap_msgs_list_delete($imapConnection, $mailbox, array($spamcop_is_composing)); if ($auto_expunge) diff --git a/plugins/spamcop/spamcop.php b/plugins/spamcop/spamcop.php index 5dc226b2..a0730344 100644 --- a/plugins/spamcop/spamcop.php +++ b/plugins/spamcop/spamcop.php @@ -23,8 +23,6 @@ include_once(SM_PATH . 'plugins/spamcop/functions.php'); /* GLOBALS */ sqgetGlobalVar('username', $username, SQ_SESSION); -sqgetGlobalVar('key', $key, SQ_COOKIE); -sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION); sqgetGlobalVar('mailbox', $mailbox, SQ_GET); sqgetGlobalVar('passed_id', $passed_id, SQ_GET); @@ -64,8 +62,7 @@ if (! is_plugin_enabled('spamcop')) { exit(); } - $imap_stream = sqimap_login($username, $key, $imapServerAddress, - $imapPort, 0); + $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 0); sqimap_mailbox_select($imap_stream, $mailbox); if ($spamcop_method == 'quick_email' ||