}
if ( !$imap_auth_mech ) {
- $imap_auth_mech = 'plain';
+ $imap_auth_mech = 'login';
}
if (!$session_name ) {
print "possible. If you set up an organization name, most places where\n";
print "SquirrelMail would take credit will be credited to your organization.\n";
print "\n";
+ print "If your Organization Name includes a '\$', please precede it with a \\. \n";
+ print "Other '\$' will be considered the beginning of a variable that\n";
+ print "must be defined before the \$org_name is printed.\n";
+ print "\$version, for example, is included by default, and will print the\n";
+ print "string representing the current SquirrelMail version.\n";
+ print "\n";
print "[$WHT$org_name$NRM]: $WHT";
$new_org_name = <STDIN>;
if ( $new_org_name eq "\n" ) {
print "Your organization's logo is an image that will be displayed at\n";
print "different times throughout SquirrelMail. This is asking for the\n";
print "literal (/usr/local/squirrelmail/images/logo.png) or relative\n";
- print "(../images/logo.png) path to your logo.\n";
+ print "(../images/logo.png) path from the config directory to your logo.\n";
print "Relative paths to files outside the SquirrelMail distribution\n";
print "will be converted to their absolute path equivalents in config.php.\n";
print "\n";
print "the titlebar. Usually this will end up looking something like:\n";
print "\"Netscape: $org_title\"\n";
print "\n";
+ print "If your Organization Title includes a '\$', please precede it with a \\. \n";
+ print "Other '\$' will be considered the beginning of a variable that\n";
+ print "must be defined before the \$org_title is printed.\n";
+ print "\$version, for example, is included by default, and will print the\n";
+ print "string representing the current SquirrelMail version.\n";
+ print "\n";
print "[$WHT$org_title$NRM]: $WHT";
$new_org_title = <STDIN>;
if ( $new_org_title eq "\n" ) {
return $new_optional_delimiter;
}
# IMAP authentication type
-# Possible values: plain, cram-md5, digest-md5
+# Possible values: login, cram-md5, digest-md5
# Now offers to detect supported mechs, assuming server & port are set correctly
sub command112a {
print "If you have already set the hostname and port number, I can try to\n";
print "detect the mechanisms your IMAP server supports.\n";
print "I will try to detect CRAM-MD5 and DIGEST-MD5 support. I can't test\n";
- print "for \"plain\" without knowing a username and password.\n";
+ print "for \"login\" without knowing a username and password.\n";
print "Auto-detecting is optional - you can safely say \"n\" here.\n";
print "\nTry to detect supported mechanisms? [y/N]: ";
$inval=<STDIN>;
}
print "\nWhat authentication mechanism do you want to use for IMAP connections?\n\n";
- print $WHT . "plain" . $NRM . " - Plaintext. If you can do better, you probably should.\n";
- print $WHT . "cram-md5" . $NRM . " - Slightly better than plaintext.\n";
+ print $WHT . "login" . $NRM . " - Plaintext. If you can do better, you probably should.\n";
+ print $WHT . "cram-md5" . $NRM . " - Slightly better than plaintext methods.\n";
print $WHT . "digest-md5" . $NRM . " - Privacy protection - better than cram-md5.\n";
print "\n*** YOUR IMAP SERVER MUST SUPPORT THE MECHANISM YOU CHOOSE HERE ***\n";
- print "If you don't understand or are unsure, you probably want \"plain\"\n\n";
- print "plain, cram-md5, or digest-md5 [$WHT$imap_auth_mech$NRM]: $WHT";
+ print "If you don't understand or are unsure, you probably want \"login\"\n\n";
+ print "login, cram-md5, or digest-md5 [$WHT$imap_auth_mech$NRM]: $WHT";
$inval=<STDIN>;
chomp($inval);
- if ( ($inval =~ /^cram-md5\b/i) || ($inval =~ /^digest-md5\b/i) || ($inval =~ /^plain\b/i)) {
+ if ( ($inval =~ /^cram-md5\b/i) || ($inval =~ /^digest-md5\b/i) || ($inval =~ /^login\b/i)) {
return lc($inval);
} else {
# user entered garbage or default value so nothing needs to be set
print "Trying to detect supported methods (SMTP)...\n";
# Special case!
- # Check none by trying to relay to junk@birdbrained.org
+ # Check none by trying to relay to junk@microsoft.com
$host = $smtpServerAddress . ':' . $smtpPort;
use IO::Socket;
my $sock = IO::Socket::INET->new($host);
} else {
print $sock "mail from: tester\@squirrelmail.org\n";
$got = <$sock>; # Discard
- print $sock "rcpt to: junk\@birdbrained.org\n";
+ print $sock "rcpt to: junk\@microsoft.com\n";
$got = <$sock>; # This is the important line
if ($got =~ /^250\b/) { # SMTP will relay without auth
print "SUPPORTED$NRM\n";
print $sock "quit\n";
close $sock;
}
- # Try plain (SquirrelMail default)
- print "Testing plain:\t\t";
+ # Try login (SquirrelMail default)
+ print "Testing login:\t\t";
$tmp=detect_auth_support('SMTP',$host,'LOGIN');
if (defined($tmp)) {
if ($tmp eq 'YES') {
}
print "\tWhat authentication mechanism do you want to use for SMTP connections?\n";
print $WHT . "none" . $NRM . " - Your SMTP server does not require authorization.\n";
- print $WHT . "plain" . $NRM . " - Plaintext. If you can do better, you probably should.\n";
+ print $WHT . "login" . $NRM . " - Plaintext. If you can do better, you probably should.\n";
print $WHT . "cram-md5" . $NRM . " - Slightly better than plaintext.\n";
print $WHT . "digest-md5" . $NRM . " - Privacy protection - better than cram-md5.\n";
- print "\n*** YOUR SMTP SERVER MUST SUPPORT THE MECHANISM YOU CHOOSE HERE ***\n";
+ print $WHT . "\n*** YOUR SMTP SERVER MUST SUPPORT THE MECHANISM YOU CHOOSE HERE ***\n" . $NRM;
print "If you don't understand or are unsure, you probably want \"none\"\n\n";
- print "none, plain, cram-md5, or digest-md5 [$WHT$smtp_auth_mech$NRM]: $WHT";
+ print "none, login, cram-md5, or digest-md5 [$WHT$smtp_auth_mech$NRM]: $WHT";
$inval=<STDIN>;
chomp($inval);
if ($inval =~ /^none\b/i) {
return "none";
}
if ( ($inval =~ /^cram-md5\b/i) || ($inval =~ /^digest-md5\b/i) ||
- ($inval =~ /^plain\b/i)) {
+ ($inval =~ /^login\b/i)) {
return lc($inval);
} else {
# user entered garbage, or default value so nothing needs to be set
# Data directory
sub command33a {
- print "It is a possible security hole to have a writable directory\n";
- print "under the web server's root directory (ex: /home/httpd/html).\n";
- print "For this reason, it is possible to put the data directory\n";
- print "anywhere you would like. The path name can be absolute or\n";
- print "relative (to the config directory). It doesn't matter. Here\n";
- print "are two examples:\n";
- print " Absolute: /usr/local/squirrelmail/data/\n";
- print " Relative: ../data/\n";
+ print "Specify the location for your data directory.\n";
+ print "The path name can be absolute or relative (to the config directory).\n";
+ print "It doesn't matter. Here are two examples:\n";
+ print " Absolute: /var/spool/data/\n";
+ print " Relative: ../data/\n";
print "Relative paths to directories outside of the SquirrelMail distribution\n";
- print "will be converted to their absolute path equivalents in config.php.\n";
+ print "will be converted to their absolute path equivalents in config.php.\n\n";
+ print "Note: There are potential security risks with having a writable directory\n";
+ print "under the web server's root directory (ex: /home/httpd/html).\n";
+ print "For this reason, it is recommended to put the data directory\n";
+ print "in an alternate location of your choice. \n";
print "\n";
print "[$WHT$data_dir$NRM]: $WHT";
# Attachment directory
sub command33b {
print "Path to directory used for storing attachments while a mail is\n";
- print "being sent. There are a few security considerations regarding this\n";
+ print "being sent. The path name can be absolute or relative (to the config directory).\n";
+ print "It doesn't matter. Here are two examples:\n";
+ print " Absolute: /var/spool/attach/\n";
+ print " Relative: ../attach/\n";
+ print "Relative paths to directories outside of the SquirrelMail distribution\n";
+ print "will be converted to their absolute path equivalents in config.php.\n\n";
+ print "Note: There are a few security considerations regarding this\n";
print "directory:\n";
print " 1. It should have the permission 733 (rwx-wx-wx) to make it\n";
print " impossible for a random person with access to the webserver\n";
print " to list files in this directory. Confidential data might\n";
print " be laying around in there.\n";
+ print " Depending on your user:group assignments, 730 (rwx-wx---)\n";
+ print " may be possible, and more secure (e.g. root:apache)\n";
print " 2. Since the webserver is not able to list the files in the\n";
print " content is also impossible for the webserver to delete files\n";
print " lying around there for too long.\n";
print " 3. It should probably be another directory than the data\n";
print " directory specified in option 3.\n";
- print "Relative paths to directories outside of the SquirrelMail distribution\n";
- print "will be converted to their absolute path equivalents in config.php.\n";
print "\n";
print "[$WHT$attachment_dir$NRM]: $WHT";
$tmp = <STDIN>;
}
-############################################################
# This subroutine corrects relative paths to ensure they
# will work within the SM space. If the path falls within
# the SM directory tree, the SM_PATH variable will be
# prepended to the path, if not, then the path will be
-# converted to an absolute path.
-############################################################
+# converted to an absolute path, e.g.
+# '../images/logo.gif' --> SM_PATH . 'images/logo.gif'
+# 'images/logo.gif' --> SM_PATH . 'config/images/logo.gif'
+# '/absolute/path/logo.gif' --> '/absolute/path/logo.gif'
+# 'http://whatever/' --> 'http://whatever'
sub change_to_SM_path() {
my ($old_path) = @_;
my $new_path = '';
# If the path is absolute, don't bother.
return "\'" . $old_path . "\'" if ( $old_path eq '');
- return "\'" . $old_path . "\'" if ( $old_path =~ /^\// );
- return "\'" . $old_path . "\'" if ( $old_path =~ /^http/ );
- return $old_path if ( $old_path =~ /^\$/);
- return $old_path if ( $old_path =~ /^SM_PATH/ );
+ return "\'" . $old_path . "\'" if ( $old_path =~ /^(\/|http)/ );
+ return $old_path if ( $old_path =~ /^(\$|SM_PATH)/);
# For relative paths, split on '../'
@rel_path = split(/\.\.\//, $old_path);
$new_path .= '\'';
} else {
# Last, it's a relative path without any leading '.'
- # Prepend SM_PATH (no substitution required)
- $new_path = "SM_PATH . \'" . $old_path . "\'";
+ # Prepend SM_PATH and config, since the paths are
+ # relative to the config directory
+ $new_path = "SM_PATH . \'config/" . $old_path . "\'";
}
return $new_path;
}
+
+# Change SM_PATH to admin-friendly version, e.g.:
+# SM_PATH . 'images/logo.gif' --> '../images/logo.gif'
+# SM_PATH . 'config/some.php' --> 'some.php'
+# '/absolute/path/logo.gif' --> '/absolute/path/logo.gif'
+# 'http://whatever/' --> 'http://whatever'
sub change_to_rel_path() {
my ($old_path) = @_;
- my $new_path = '';
-
- return $old_path if ( $old_path eq '');
- return $old_path if ( $old_path =~ /^\$/ );
- return $old_path if ( $old_path =~ /^\// );
- return $old_path if ( $old_path =~ /^http/ );
- return $old_path if ( $old_path =~ /^\.\./ );
+ my $new_path = $old_path;
if ( $old_path =~ /^SM_PATH/ ) {
- $new_path = $old_path;
$new_path =~ s/^SM_PATH . \'/\.\.\//;
+ $new_path =~ s/\.\.\/config\///;
}
return $new_path;
return undef;
}
my $discard = <$sock>; # Server greeting/banner - who cares..
+
+ if ($service eq 'SMTP') {
+ # Say hello first..
+ print $sock "helo $domain\n";
+ $discard = <$sock>; # Yeah yeah, you're happy to see me..
+ }
print $sock $cmd;
my $response = <$sock>;
+ chomp($response);
if (!defined($response)) {
return undef;
}
# Not supported
close $sock;
return 'NO';
+ } elsif ($response =~ /^503/) {
+ #Something went wrong
+ return undef;
}
} elsif ($service eq 'IMAP') {
if ($response =~ /^A01/) {