#!/usr/bin/env perl
# conf.pl
#
-# Copyright (c) 1999-2007 The SquirrelMail Project Team
+# Copyright (c) 1999-2010 The SquirrelMail Project Team
# Licensed under the GNU GPL. For full terms see COPYING.
#
# A simple configure script to configure SquirrelMail
$disable_plugins = 'false' if ( !$disable_plugins );
$disable_plugins_user = '' if ( !$disable_plugins_user );
$only_secure_cookies = 'true' if ( !$only_secure_cookies );
+$disable_security_tokens = 'false' if ( !$disable_security_tokens );
+$check_referrer = '' if ( !$check_referrer );
$ask_user_info = 'true' if ( !$ask_user_info );
if ( $ARGV[0] eq '--install-plugin' ) {
" hmailserver = hMailServer\n" .
" macosx = Mac OS X Mailserver\n" .
" mercury32 = Mercury/32\n" .
- " uw = University of Washington's IMAP server\n";
+ " uw = University of Washington's IMAP server\n" .
+ " gmail = IMAP access to Google mail (Gmail) accounts\n";
#####################################################################################
if ( $config_use_color == 1 ) {
- $WHT = "\x1B[37;1m";
+ $WHT = "\x1B[1m";
$NRM = "\x1B[0m";
} else {
$WHT = "";
print "15. Time zone configuration : $WHT$time_zone_type$NRM\n";
print "16. Location base : $WHT$config_location_base$NRM\n";
print "17. Only secure cookies if poss. : $WHT$only_secure_cookies$NRM\n";
+ print "18. Disable secure forms : $WHT$disable_security_tokens$NRM\n";
+ print "19. Page referal requirement : $WHT$check_referrer$NRM\n";
print "\n";
print "R Return to Main Menu\n";
} elsif ( $menu == 5 ) {
$NRM = "";
} else {
$config_use_color = 1;
- $WHT = "\x1B[37;1m";
+ $WHT = "\x1B[1m";
$NRM = "\x1B[0m";
}
} elsif ( $command =~ /^w([0-9]+)/ ) {
elsif ( $command == 15 ) { $time_zone_type = command318(); }
elsif ( $command == 16 ) { $config_location_base = command_config_location_base(); }
elsif ( $command == 17 ) { $only_secure_cookies = command319(); }
+ elsif ( $command == 18 ) { $disable_security_tokens = command320(); }
+ elsif ( $command == 19 ) { $check_referrer = command321(); }
} elsif ( $menu == 5 ) {
if ( $command == 1 ) { $use_icons = commandB3(); }
# elsif ( $command == 3 ) { $icon_theme_def = command53(); }
this setting will make it difficult to determine who sent what where.
Use at your own risk.
+ Note: If you have defined a header encryption key in your SMTP or
+ Sendmail settings (see the \"Server Settings\" option page), this
+ setting is ignored because all user information in outgoing messages
+ is encoded.
+
";
if ( lc($hide_auth_header) eq "true" ) {
}
+# disable_security_tokens (since 1.5.2)
+sub command320 {
+ print "This option allows you to turn off the security checks in the forms\n";
+ print "that SquirrelMail generates. It is NOT RECOMMENDED that you disable\n";
+ print "this feature - otherwise, your users may be exposed to phishing and\n";
+ print "other attacks.\n";
+ print "Unless you know what you are doing, you should leave this set to \"NO\".\n";
+ print "\n";
+
+ if ( lc($disable_security_tokens) eq 'true' ) {
+ $default_value = "y";
+ } else {
+ $default_value = "n";
+ }
+ print "Disable secure forms? (y/n) [$WHT$default_value$NRM]: $WHT";
+ $disable_security_tokens = <STDIN>;
+ if ( ( $disable_security_tokens =~ /^y\n/i ) || ( ( $disable_security_tokens =~ /^\n/ ) && ( $default_value eq "y" ) ) ) {
+ $disable_security_tokens = 'true';
+ } else {
+ $disable_security_tokens = 'false';
+ }
+ return $disable_security_tokens;
+}
+
+
+
+# check_referrer (since 1.1.5.2)
+sub command321 {
+ print "This option allows you to enable referal checks for all page requests\n";
+ print "made to SquirrelMail. This can help ensure that page requests came\n";
+ print "from the same server and not from an attacker's site (usually the\n";
+ print "result of a XSS or phishing attack). To enable referal checking,\n";
+ print "this setting can be set to the domain where your SquirrelMail is\n";
+ print "being hosted (usually the same as the Domain setting under Server\n";
+ print "Settings). For example, it could be \"example.com\", or if you\n";
+ print "use a plugin (such as Login Manager) to host SquirrelMail on more\n";
+ print "than one domain, you can set this to \"###DOMAIN###\" to tell it\n";
+ print "to use the current domain.\n";
+ print "\n";
+ print "However, in some cases (where proxy servers are in use, etc.), the\n";
+ print "domain might be different.\n";
+ print "\n";
+ print "NOTE that referal checks are not foolproof - they can be spoofed by\n";
+ print "browsers, and some browsers intentionally don't send referal\n";
+ print "information (in which case, the check is silently bypassed)\n";
+ print "\n";
+
+ print "Referal requirement? [$WHT$check_referrer$NRM]: $WHT";
+ $new_check_referrer = <STDIN>;
+ chomp($new_check_referrer);
+ $check_referrer = $new_check_referrer;
+
+ return $check_referrer;
+}
+
+
+
sub command_userThemes {
print "\nDefine the user themes that you wish to use. If you have added\n";
print "a theme of your own, just follow the instructions (?) about\n";
# string
print CF "\$session_name = '$session_name';\n";
# boolean
- print CF "\$only_secure_cookies = $only_secure_cookies;\n";
+ print CF "\$only_secure_cookies = $only_secure_cookies;\n";
+ print CF "\$disable_security_tokens = $disable_security_tokens;\n";
+
+ # string
+ print CF "\$check_referrer = '$check_referrer';\n";
print CF "\n";
$message = "\nIf you use IMAPdir depot, you must set default folder prefix to empty string.\n";
$continue = 1;
+ } elsif ( $server eq "gmail" ) {
+ $imap_server_type = "gmail";
+ $default_folder_prefix = "";
+ $trash_folder = "[Gmail]/Trash";
+ $default_move_to_trash = true;
+ $sent_folder = "[Gmail]/Sent Mail";
+ $draft_folder = "[Gmail]/Drafts";
+ $auto_create_special = false;
+ $show_prefix_option = false;
+ $default_sub_of_inbox = false;
+ $show_contain_subfolders_option = false;
+ $delete_folder = true;
+ $force_username_lowercase = false;
+ $optional_delimiter = "/";
+ $disp_default_folder_prefix = "<none>";
+ $domain = "gmail.com";
+ $imapServerAddress = "imap.gmail.com";
+ $imapPort = 993;
+ $use_imap_tls = true;
+ $imap_auth_mech = "login";
+ $smtpServerAddress = "smtp.gmail.com";
+ $smtpPort = 465;
+ $pop_before_smtp = false;
+ $useSendmail = false;
+ $use_smtp_tls = true;
+ $smtp_auth_mech = "login";
+ $continue = 1;
+
+ # Gmail changes system folder names (Drafts, Sent, Trash) out
+ # from under you when the user changes language settings
+ $message = "\nNOTE! When a user changes languages in Gmail's interface, the\n"
+ . "Drafts, Sent and Trash folder names are changed to localized\n"
+ . "versions thereof. To see those folders correctly in SquirrelMail,\n"
+ . "the user should change the SquirrelMail language to match.\n"
+ . "Moreover, SquirrelMail then needs to be told what folders to use\n"
+ . "for Drafts, Sent and Trash in Options --> Folder Preferences.\n"
+ . "These default settings will only correctly find the Sent, Trash\n"
+ . "and Drafts folders if both Gmail and SquirrelMail languages are\n"
+ . "set to English.\n\n"
+ . "Also note that in some regions (Europe?), the default folder\n"
+ . "names (see main menu selection 3. Folder Defaults) are different\n"
+ . "(they may need to have the prefix \"[Google Mail]\" instead of\n"
+ . "\"[Gmail]\") and \"Trash\" may be called \"Bin\" instead.\n";
+
} elsif ( $server eq "quit" ) {
$continue = 1;
} else {
# the SM directory tree, the SM_PATH variable will be
# prepended to the path, if not, then the path will be
# converted to an absolute path, e.g.
-# '../images/logo.gif' --> SM_PATH . 'images/logo.gif'
-# '../../someplace/data' --> '/absolute/path/someplace/data'
-# 'images/logo.gif' --> SM_PATH . 'config/images/logo.gif'
-# '/absolute/path/logo.gif' --> '/absolute/path/logo.gif'
-# 'http://whatever/' --> 'http://whatever'
-# $some_var/path --> "$some_var/path"
+# '../images/logo.gif' --> SM_PATH . 'images/logo.gif'
+# '../../someplace/data' --> '/absolute/path/someplace/data'
+# 'images/logo.gif' --> SM_PATH . 'config/images/logo.gif'
+# '/absolute/path/logo.gif' --> '/absolute/path/logo.gif'
+# 'C:\absolute\path\logo.gif' --> 'C:\absolute\path\logo.gif'
+# 'http://whatever/' --> 'http://whatever'
+# $some_var/path --> "$some_var/path"
sub change_to_SM_path() {
my ($old_path) = @_;
my $new_path = '';
# If the path is absolute, don't bother.
return "\'" . $old_path . "\'" if ( $old_path eq '');
return "\'" . $old_path . "\'" if ( $old_path =~ /^(\/|http)/ );
- return "\'" . $old_path . "\'" if ( $old_path =~ /^\w:\// );
+ return "\'" . $old_path . "\'" if ( $old_path =~ /^\w:(\\|\/)/ );
return $old_path if ( $old_path =~ /^\'(\/|http)/ );
return $old_path if ( $old_path =~ /^\'\w:\// );
return $old_path if ( $old_path =~ /^SM_PATH/);
projects / squirrelmail.git / blobdiff