[squirrelmail.git] / plugins / change_password / backend / vmailmgrd.php

<?php

/**
 * Change password vmailmgrd backend
 *
 * Backend won't work, if vmail.inc file is not included. vmail.inc file
 * should be part of your vmailmgr install. In some cases it is included in
 * separate package.
 *
 * If you use modified vmail.inc, it must provide vchpass() function that
 * acts same way as stock (vmailmgr v.0.96.9) vmail.inc function call
 * and other vmail.inc functions should use same $vm_tcphost and
 * $vm_tcphost_port globals as used by stock vm_daemon_raw() function call.
 * If you have heavily modified vmail.inc and this backend does not work
 * correctly - recheck, if you can reproduce your problem with stock
 * vmail.inc or adjust backend configuration for your site.
 *
 * Backend also needs vmailmgrd service. You can find information about
 * installing this service in vmailmgr FAQ and vmailmgrd.html.
 *
 * Backend might require functions, that are available only in SquirrelMail
 * v.1.5.1 and v.1.4.4.
 *
 * @author Tomas Kuliavas <tokul at users.sourceforge.net>
 * @copyright 2005-2019 The SquirrelMail Project Team
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
 * @version $Id$
 * @link http://www.vmailmgr.org vmailmgr site
 * @package plugins
 * @subpackage change_password
 */

/* Default backend configuration */

/**
 * path to vmail.inc
 *
 * This variable must provide full path to vmail.inc file including filename.
 *
 * WARNING: Don't disable this variable. It must be set to correct value or
 * to empty string. If variable is missing, backend can have security problems
 * in some PHP configurations.
 * @global string $vmail_inc_path
 */
global $vmail_inc_path;
$vmail_inc_path='';

/**
 * address of vmailmgrd host.
 *
 * Leave it empty, if you want to use unix socket
 * global is used by vmail.inc functions
 * @global string $vm_tcphost
 */
global $vm_tcphost;
$vm_tcphost='';

/**
 * port of vmailmgrd
 *
 * global is used by vmail.inc functions.
 * @global integer $vm_tcphost_port
 */
global $vm_tcphost_port;
$vm_tcphost_port=322;

/**
 * Option that controls use of 8bit passwords
 * Use of such passwords is not safe, because squirrelmail interface
 * can be running in different charsets.
 * @global boolean
 */
global $cpw_vmailmgrd_8bitpw;
$cpw_vmailmgrd_8bitpw=false;

/* end of backend configuration */

/** load configuration from config.php */
if ( isset($cpw_vmailmgrd) && is_array($cpw_vmailmgrd) && !empty($cpw_vmailmgrd) ) {
    if (isset($cpw_vmailmgrd['vmail_inc_path']))
        $vmail_inc_path=$cpw_vmailmgrd['vmail_inc_path'];
    if (isset($cpw_vmailmgrd['vm_tcphost']))
        $vm_tcphost=$cpw_vmailmgrd['vm_tcphost'];
    if (isset($cpw_vmailmgrd['vm_tcphost_port']))
        $vm_tcphost_port=$cpw_vmailmgrd['vm_tcphost_port'];
    if (isset($cpw_vmailmgrd['8bitpw']))
        $cpw_vmailmgrd_8bitpw=$cpw_vmailmgrd['8bitpw'];
}


/**
 * Init change_password plugin hooks.
 */
global $squirrelmail_plugin_hooks;
$squirrelmail_plugin_hooks['change_password_dochange']['vmailmgrd'] =
        'cpw_vmailmgrd_dochange';
$squirrelmail_plugin_hooks['change_password_init']['vmailmgrd'] =
        'cpw_vmailmgrd_init';


/**
 * Use this function to do any backend-specific initialisation,
 * e.g. checking requirements, before the password change form
 * is displayed to the user.
 */
function cpw_vmailmgrd_init(){
    global $vmail_inc_path, $username, $oTemplate;

    if ($vmail_inc_path=='' || ! file_exists($vmail_inc_path)) {
        // $vmail_inc_path is not set or file does not exist
        error_box(_("Incorrent path to vmail.inc file."));
        // close html and stop script execution
        $oTemplate->display('footer.tpl');
        exit();
    }

    include_once($vmail_inc_path);

    if (! function_exists('vchpass')) {
        // included vmail.inc does not have required functions.
        error_box(_("Invalid or corrupted vmail.inc file."));
        // close html and stop script execution
        $oTemplate->display('footer.tpl');
        exit();
    }

    if (! preg_match("/(.*)\@(.*)/", $username)) {
        // username does not match vmailmgr syntax
        error_box(_("Invalid user."));
        // close html and stop script execution
        $oTemplate->display('footer.tpl');
        exit();
    }
}


/**
 * function used to change password in change_password plugin hooks.
 *
 * @param array $data The username/curpw/newpw data.
 * @return array Array of error messages.
 */
function cpw_vmailmgrd_dochange($data)
{
    global $cpw_vmailmgrd_8bitpw;

    /**
     * getting params from hook function.
     */
    $username = $data['username'];
    $curpw = $data['curpw'];
    $newpw = $data['newpw'];

    $msgs = array();

    // check for new 8bit password
    if (! $cpw_vmailmgrd_8bitpw && sq_is8bit($newpw)) {
        // 8bit chars in password when backend is configured to block them
        array_push($msgs,CPW_INVALID_PW);
        return $msgs;
    }

    // extract username and domain
    if (preg_match("/(.*)\@(.*)/", $username, $parts)) {
        $vm_user=$parts[1];
        $vm_domain=$parts[2];
    }

    // check if old password matches
    $vmgrd_response1 = cpw_vmailmgrd_passwd($vm_user,$vm_domain,$curpw,$curpw);
    if ($vmgrd_response1[0]!=0) {
        array_push($msgs, CPW_CURRENT_NOMATCH);
        return $msgs;
    }

    // change password
    $vmgrd_response2 = cpw_vmailmgrd_passwd($vm_user,$vm_domain,$curpw,$newpw);
    if ($vmgrd_response2[0]!=0) {
        // TODO: add vmail.inc error message parser.
        array_push($msgs, cpw_i18n_vmail_response($vmgrd_response2[1]));
    }

    return $msgs;
}

/**
 * function that calls required vmail.inc functions and returns error codes.
 *
 * Information about vmailmgr return codes.
 * vmailmgr functions return array with two keys.
 * Array(
 *    [0] => error code, integer (0=no error)
 *    [1] => error message, string
 * )
 * @return array
 */
function cpw_vmailmgrd_passwd($user,$domain,$oldpass,$newpass) {
    global $vmail_inc_path;

    // variable should be checked by cpw_vmailmgrd_init function
    include_once($vmail_inc_path);

    return vchpass($domain,$oldpass,$user,$newpass);
}

/**
 * Function is used to translate messages returned by vmailmgr
 * php library and vmailmgr daemon.
 * @param string $string vmailmrgd message.
 * @return string translated string.
 */
function cpw_i18n_vmail_response($string) {
    if ($string=='Empty domain') {
        // block one: vchpass responses
        $ret = _("Empty domain");
    } elseif ($string=='Empty domain password') {
        $ret = _("Empty domain password");
    } elseif ($string=='Empty username') {
        $ret = _("Empty username");
    } elseif ($string=='Empty new password') {
        $ret = _("Empty new password");
/*
 * block is disabled in order to reduce load on translators.
 * these error messages should be very rare.
    } elseif ($string=='Invalid or unknown base user or domain') {
        // block two: vmailmgr daemon strings
        $ret = _("Invalid or unknown base user or domain");
    } elseif ($string=='Invalid or unknown virtual user') {
        $ret = _("Invalid or unknown virtual user");
    } elseif ($string=='Invalid or incorrect password') {
        $ret = _("Invalid or incorrect password");
    } elseif ($string=='Unknown operation to stat') {
        $ret = _("Unknown operation to stat");
    } elseif (preg_match("/^Incorrect number of parameters to command (.+)/",$string,$match)) {
        $ret = sprintf(_("Incorrect number of parameters to command %s"),$match[1]);
    } elseif (preg_match("/^Invalid or unknown domain name: (.+)/",$string,$match)) {
        $ret = sprintf(_("Invalid or unknown domain name: %s"),$match[1]);
    } elseif ($string=='Invalid operation') {
        $ret = _("Invalid operation");
    } elseif (preg_match("/^Invalid or unknown base user name: (.+)/",$string,$match)) {
        $ret = sprintf(_("Invalid or unknown base user name: %s"),$match[1]);
    } elseif ($string=='Invalid or incorrect password') {
        $ret = _("Invalid or incorrect password");
    } elseif ($string=='Base user has no virtual password table') {
        $ret = _("Base user has no virtual password table");
    } elseif ($string=='Failed while writing initial OK response') {
        $ret = _("Failed while writing initial OK response");
    } elseif ($string=='Failed while writing list entry') {
        $ret = _("Failed while writing list entry");
    } elseif ($string=='Internal error -- userpass && !mustexist') {
        $ret = _("Internal error -- userpass && !mustexist");
    } elseif ($string=='Invalid or unknown base user or domain') {
        $ret = _("Invalid or unknown base user or domain");
    } elseif ($string=='Incorrect password') {
        $ret = CPW_INVALID_PW;
    } elseif ($string=='User name does not refer to a virtual user') {
        $ret = _("User name does not refer to a virtual user");
    } elseif ($string=='Invalid or unknown virtual user') {
        $ret = _("Invalid or unknown virtual user");
    } elseif ($string=='Virtual user already exists') {
        $ret = _("Virtual user already exists");
    } elseif ($string=='Timed out waiting for remote') {
        $ret = _("Timed out waiting for remote");
    } elseif ($string=='Connection to client lost') {
        $ret = _("Connection to client lost");
    } elseif ($string=="Couldn't decode the command string") {
        $ret = _("Couldn't decode the command string");
    } elseif ($string=='Empty command string') {
        $ret = _("Empty command string");
    } elseif ($string=='Error decoding a command parameter') {
        $ret = _("Error decoding a command parameter");
    } elseif ($string=='read system call failed or was interrupted') {
        $ret = _("read system call failed or was interrupted");
    } elseif ($string=='Short read while reading protocol header') {
        $ret = _("Short read while reading protocol header");
    } elseif ($string=='Invalid protocol from client') {
        $ret = _("Invalid protocol from client");
    } elseif ($string=='Short read while reading message data') {
        $ret = _("Short read while reading message data");
    } elseif ($string=='Error writing response') {
        $ret = _("Error writing response");
*/
    } else {
        // return unknown strings
        $ret = $string;
    }
    return $ret;
}
Commit	Line	Data
ebf9211b	1	<?php
4b4abf93	2
ebf9211b	3	/**
	4	* Change password vmailmgrd backend
	5	*
d04cab42	6	* Backend won't work, if vmail.inc file is not included. vmail.inc file
d04cab42	7	* should be part of your vmailmgr install. In some cases it is included in
ebf9211b	8	* separate package.
ebf9211b	9	*
d04cab42	10	* If you use modified vmail.inc, it must provide vchpass() function that
	11	* acts same way as stock (vmailmgr v.0.96.9) vmail.inc function call
	12	* and other vmail.inc functions should use same $vm_tcphost and
ebf9211b	13	* $vm_tcphost_port globals as used by stock vm_daemon_raw() function call.
d04cab42	14	* If you have heavily modified vmail.inc and this backend does not work
d04cab42	15	* correctly - recheck, if you can reproduce your problem with stock
ebf9211b	16	* vmail.inc or adjust backend configuration for your site.
ebf9211b	17	*
d04cab42	18	* Backend also needs vmailmgrd service. You can find information about
ebf9211b	19	* installing this service in vmailmgr FAQ and vmailmgrd.html.
ebf9211b	20	*
d04cab42	21	* Backend might require functions, that are available only in SquirrelMail
ebf9211b	22	* v.1.5.1 and v.1.4.4.
ebf9211b	23	*
4b4abf93	24	* @author Tomas Kuliavas <tokul at users.sourceforge.net>
8ed19238	25	* @copyright 2005-2019 The SquirrelMail Project Team
4b4abf93	26	* @license http://opensource.org/licenses/gpl-license.php GNU Public License
ebf9211b	27	* @version $Id$
	28	* @link http://www.vmailmgr.org vmailmgr site
	29	* @package plugins
	30	* @subpackage change_password
	31	*/
	32
a391f3af	33	/* Default backend configuration */
ebf9211b	34
	35	/**
	36	* path to vmail.inc
	37	*
	38	* This variable must provide full path to vmail.inc file including filename.
d04cab42	39	*
	40	* WARNING: Don't disable this variable. It must be set to correct value or
	41	* to empty string. If variable is missing, backend can have security problems
	42	* in some PHP configurations.
ebf9211b	43	* @global string $vmail_inc_path
	44	*/
	45	global $vmail_inc_path;
	46	$vmail_inc_path='';
	47
	48	/**
	49	* address of vmailmgrd host.
	50	*
	51	* Leave it empty, if you want to use unix socket
	52	* global is used by vmail.inc functions
	53	* @global string $vm_tcphost
	54	*/
	55	global $vm_tcphost;
	56	$vm_tcphost='';
	57
	58	/**
	59	* port of vmailmgrd
	60	*
	61	* global is used by vmail.inc functions.
	62	* @global integer $vm_tcphost_port
	63	*/
	64	global $vm_tcphost_port;
	65	$vm_tcphost_port=322;
	66
	67	/**
	68	* Option that controls use of 8bit passwords
	69	* Use of such passwords is not safe, because squirrelmail interface
	70	* can be running in different charsets.
	71	* @global boolean
	72	*/
	73	global $cpw_vmailmgrd_8bitpw;
	74	$cpw_vmailmgrd_8bitpw=false;
	75
	76	/* end of backend configuration */
	77
a391f3af	78	/** load configuration from config.php */
76063016	79	if ( isset($cpw_vmailmgrd) && is_array($cpw_vmailmgrd) && !empty($cpw_vmailmgrd) ) {
	80	if (isset($cpw_vmailmgrd['vmail_inc_path']))
	81	$vmail_inc_path=$cpw_vmailmgrd['vmail_inc_path'];
	82	if (isset($cpw_vmailmgrd['vm_tcphost']))
	83	$vm_tcphost=$cpw_vmailmgrd['vm_tcphost'];
	84	if (isset($cpw_vmailmgrd['vm_tcphost_port']))
	85	$vm_tcphost_port=$cpw_vmailmgrd['vm_tcphost_port'];
	86	if (isset($cpw_vmailmgrd['8bitpw']))
	87	$cpw_vmailmgrd_8bitpw=$cpw_vmailmgrd['8bitpw'];
a391f3af	88	}
a391f3af	89
ebf9211b	90
ebf9211b	91	/**
d04cab42	92	* Init change_password plugin hooks.
ebf9211b	93	*/
	94	global $squirrelmail_plugin_hooks;
	95	$squirrelmail_plugin_hooks['change_password_dochange']['vmailmgrd'] =
	96	'cpw_vmailmgrd_dochange';
	97	$squirrelmail_plugin_hooks['change_password_init']['vmailmgrd'] =
	98	'cpw_vmailmgrd_init';
	99
	100
	101	/**
	102	* Use this function to do any backend-specific initialisation,
	103	* e.g. checking requirements, before the password change form
	104	* is displayed to the user.
	105	*/
	106	function cpw_vmailmgrd_init(){
1b858d86	107	global $vmail_inc_path, $username, $oTemplate;
ebf9211b	108
ebf9211b	109	if ($vmail_inc_path=='' \|\| ! file_exists($vmail_inc_path)) {
ebf9211b	110	// $vmail_inc_path is not set or file does not exist
1b858d86	111	error_box(_("Incorrent path to vmail.inc file."));
ebf9211b	112	// close html and stop script execution
1b858d86	113	$oTemplate->display('footer.tpl');
ebf9211b	114	exit();
	115	}
	116
	117	include_once($vmail_inc_path);
	118
	119	if (! function_exists('vchpass')) {
	120	// included vmail.inc does not have required functions.
1b858d86	121	error_box(_("Invalid or corrupted vmail.inc file."));
ebf9211b	122	// close html and stop script execution
1b858d86	123	$oTemplate->display('footer.tpl');
ebf9211b	124	exit();
	125	}
	126
	127	if (! preg_match("/(.)\@(.)/", $username)) {
	128	// username does not match vmailmgr syntax
1b858d86	129	error_box(_("Invalid user."));
ebf9211b	130	// close html and stop script execution
1b858d86	131	$oTemplate->display('footer.tpl');
ebf9211b	132	exit();
	133	}
	134	}
	135
	136
	137	/**
	138	* function used to change password in change_password plugin hooks.
	139	*
06f1fc3a	140	* @param array $data The username/curpw/newpw data.
ebf9211b	141	* @return array Array of error messages.
	142	*/
	143	function cpw_vmailmgrd_dochange($data)
	144	{
	145	global $cpw_vmailmgrd_8bitpw;
	146
	147	/**
	148	* getting params from hook function.
	149	*/
	150	$username = $data['username'];
	151	$curpw = $data['curpw'];
	152	$newpw = $data['newpw'];
	153
	154	$msgs = array();
	155
	156	// check for new 8bit password
	157	if (! $cpw_vmailmgrd_8bitpw && sq_is8bit($newpw)) {
	158	// 8bit chars in password when backend is configured to block them
	159	array_push($msgs,CPW_INVALID_PW);
	160	return $msgs;
	161	}
	162
	163	// extract username and domain
	164	if (preg_match("/(.)\@(.)/", $username, $parts)) {
	165	$vm_user=$parts[1];
	166	$vm_domain=$parts[2];
	167	}
	168
	169	// check if old password matches
	170	$vmgrd_response1 = cpw_vmailmgrd_passwd($vm_user,$vm_domain,$curpw,$curpw);
	171	if ($vmgrd_response1[0]!=0) {
	172	array_push($msgs, CPW_CURRENT_NOMATCH);
	173	return $msgs;
	174	}
	175
	176	// change password
	177	$vmgrd_response2 = cpw_vmailmgrd_passwd($vm_user,$vm_domain,$curpw,$newpw);
	178	if ($vmgrd_response2[0]!=0) {
	179	// TODO: add vmail.inc error message parser.
47a29972	180	array_push($msgs, cpw_i18n_vmail_response($vmgrd_response2[1]));
ebf9211b	181	}
	182
	183	return $msgs;
	184	}
	185
	186	/**
	187	* function that calls required vmail.inc functions and returns error codes.
	188	*
	189	* Information about vmailmgr return codes.
	190	* vmailmgr functions return array with two keys.
	191	* Array(
	192	* [0] => error code, integer (0=no error)
	193	* [1] => error message, string
	194	* )
	195	* @return array
	196	*/
	197	function cpw_vmailmgrd_passwd($user,$domain,$oldpass,$newpass) {
	198	global $vmail_inc_path;
	199
	200	// variable should be checked by cpw_vmailmgrd_init function
	201	include_once($vmail_inc_path);
	202
	203	return vchpass($domain,$oldpass,$user,$newpass);
	204	}
47a29972	205
47a29972	206	/**
c683d87f	207	* Function is used to translate messages returned by vmailmgr
47a29972	208	* php library and vmailmgr daemon.
	209	* @param string $string vmailmrgd message.
	210	* @return string translated string.
	211	*/
	212	function cpw_i18n_vmail_response($string) {
	213	if ($string=='Empty domain') {
	214	// block one: vchpass responses
	215	$ret = _("Empty domain");
	216	} elseif ($string=='Empty domain password') {
	217	$ret = _("Empty domain password");
	218	} elseif ($string=='Empty username') {
	219	$ret = _("Empty username");
	220	} elseif ($string=='Empty new password') {
	221	$ret = _("Empty new password");
	222	/*
	223	* block is disabled in order to reduce load on translators.
	224	* these error messages should be very rare.
	225	} elseif ($string=='Invalid or unknown base user or domain') {
	226	// block two: vmailmgr daemon strings
	227	$ret = _("Invalid or unknown base user or domain");
	228	} elseif ($string=='Invalid or unknown virtual user') {
	229	$ret = _("Invalid or unknown virtual user");
	230	} elseif ($string=='Invalid or incorrect password') {
	231	$ret = _("Invalid or incorrect password");
	232	} elseif ($string=='Unknown operation to stat') {
	233	$ret = _("Unknown operation to stat");
	234	} elseif (preg_match("/^Incorrect number of parameters to command (.+)/",$string,$match)) {
	235	$ret = sprintf(_("Incorrect number of parameters to command %s"),$match[1]);
	236	} elseif (preg_match("/^Invalid or unknown domain name: (.+)/",$string,$match)) {
	237	$ret = sprintf(_("Invalid or unknown domain name: %s"),$match[1]);
	238	} elseif ($string=='Invalid operation') {
	239	$ret = _("Invalid operation");
	240	} elseif (preg_match("/^Invalid or unknown base user name: (.+)/",$string,$match)) {
	241	$ret = sprintf(_("Invalid or unknown base user name: %s"),$match[1]);
	242	} elseif ($string=='Invalid or incorrect password') {
	243	$ret = _("Invalid or incorrect password");
	244	} elseif ($string=='Base user has no virtual password table') {
	245	$ret = _("Base user has no virtual password table");
	246	} elseif ($string=='Failed while writing initial OK response') {
	247	$ret = _("Failed while writing initial OK response");
	248	} elseif ($string=='Failed while writing list entry') {
	249	$ret = _("Failed while writing list entry");
	250	} elseif ($string=='Internal error -- userpass && !mustexist') {
	251	$ret = _("Internal error -- userpass && !mustexist");
	252	} elseif ($string=='Invalid or unknown base user or domain') {
	253	$ret = _("Invalid or unknown base user or domain");
	254	} elseif ($string=='Incorrect password') {
	255	$ret = CPW_INVALID_PW;
	256	} elseif ($string=='User name does not refer to a virtual user') {
	257	$ret = _("User name does not refer to a virtual user");
	258	} elseif ($string=='Invalid or unknown virtual user') {
	259	$ret = _("Invalid or unknown virtual user");
	260	} elseif ($string=='Virtual user already exists') {
	261	$ret = _("Virtual user already exists");
	262	} elseif ($string=='Timed out waiting for remote') {
	263	$ret = _("Timed out waiting for remote");
	264	} elseif ($string=='Connection to client lost') {
	265	$ret = _("Connection to client lost");
	266	} elseif ($string=="Couldn't decode the command string") {
	267	$ret = _("Couldn't decode the command string");
	268	} elseif ($string=='Empty command string') {
	269	$ret = _("Empty command string");
	270	} elseif ($string=='Error decoding a command parameter') {
	271	$ret = _("Error decoding a command parameter");
272	} elseif ($string=='read system call failed or was interrupted') {
273	$ret = _("read system call failed or was interrupted");
274	} elseif ($string=='Short read while reading protocol header') {
275	$ret = _("Short read while reading protocol header");
276	} elseif ($string=='Invalid protocol from client') {
277	$ret = _("Invalid protocol from client");
278	} elseif ($string=='Short read while reading message data') {
279	$ret = _("Short read while reading message data");
280	} elseif ($string=='Error writing response') {
281	$ret = _("Error writing response");
282	*/
283	} else {
284	// return unknown strings
285	$ret = $string;
286	}
287	return $ret;
288	}