}
close FILE;
+# RPC template sets aren't included in user interface skin list,
+# so add the one from the config file here
+#
+if ($rpc_templateset =~ /_rpc$/) {
+ $templateset_name[$#templateset_name + 1] = $rpc_templateset;
+ $templateset_id[$#templateset_id + 1] = $rpc_templateset;
+}
+
# FIXME: unknown introduction date
$useSendmail = 'false' if ( lc($useSendmail) ne 'true' );
$sendmail_path = "/usr/sbin/sendmail" if ( !$sendmail_path );
$pop_before_smtp = 'false' if ( !$pop_before_smtp );
+$pop_before_smtp_host = '' if ( !$pop_before_smtp_host );
$default_unseen_notify = 2 if ( !$default_unseen_notify );
$default_unseen_type = 1 if ( !$default_unseen_type );
$config_use_color = 0 if ( !$config_use_color );
# $advanced_tree = 'false' if ( !$advanced_tree );
$use_php_recode = 'false' if ( !$use_php_recode );
$use_php_iconv = 'false' if ( !$use_php_iconv );
+$buffer_output = 'false' if ( !$buffer_output );
# since 1.5.1
$use_icons = 'false' if ( !$use_icons );
$lossy_encoding = 'false' if ( !$lossy_encoding );
$allow_remote_configtest = 'false' if ( !$allow_remote_configtest );
$secured_config = 'true' if ( !$secured_config );
+$sq_https_port = 443 if ( !$sq_https_port );
+$sq_ignore_http_x_forwarded_headers = 'true' if ( !$sq_ignore_http_x_forwarded_headers );
$sm_debug_mode = 'SM_DEBUG_MODE_MODERATE' if ( !$sm_debug_mode );
#FIXME: When this is STABLE software, remove the line above and uncomment the one below:
#####################################################################################
if ( $config_use_color == 1 ) {
- $WHT = "\x1B[37;1m";
+ $WHT = "\x1B[1m";
$NRM = "\x1B[0m";
} else {
$WHT = "";
print $WHT. "PHP tweaks\n" . $NRM;
print "4. Use php recode functions : $WHT$use_php_recode$NRM\n";
print "5. Use php iconv functions : $WHT$use_php_iconv$NRM\n";
+ print "6. Buffer all output : $WHT$buffer_output$NRM\n";
print "\n";
print $WHT. "Configuration tweaks\n" . $NRM;
- print "6. Allow remote configtest : $WHT$allow_remote_configtest$NRM\n";
- print "7. Debug mode : $WHT$sm_debug_mode$NRM\n";
- print "8. Secured configuration mode : $WHT$secured_config$NRM\n";
+ print "7. Allow remote configtest : $WHT$allow_remote_configtest$NRM\n";
+ print "8. Debug mode : $WHT$sm_debug_mode$NRM\n";
+ print "9. Secured configuration mode : $WHT$secured_config$NRM\n";
+ print "10. HTTPS port : $WHT$sq_https_port$NRM\n";
+ print "11. Ignore HTTP_X_FORWARDED headers: $WHT$sq_ignore_http_x_forwarded_headers$NRM\n";
print "\n";
print "R Return to Main Menu\n";
}
$NRM = "";
} else {
$config_use_color = 1;
- $WHT = "\x1B[37;1m";
+ $WHT = "\x1B[1m";
$NRM = "\x1B[0m";
}
} elsif ( $command =~ /^w([0-9]+)/ ) {
elsif ( $command == 17 ) { $only_secure_cookies = command319(); }
} elsif ( $menu == 5 ) {
if ( $command == 1 ) { $use_icons = commandB3(); }
-# elsif ( $command == 3 ) { $icon_theme_def = commandB7(); }
+# elsif ( $command == 3 ) { $icon_theme_def = command53(); }
elsif ( $command == 2 ) { $default_fontsize = command_default_fontsize(); }
elsif ( $command == 3 ) { $templateset_default = command_templates(); }
elsif ( $command == 4 ) { command_userThemes(); }
elsif ( $command == 2 ) { $ask_user_info = command_ask_user_info(); }
elsif ( $command == 4 ) { $use_php_recode = commandB4(); }
elsif ( $command == 5 ) { $use_php_iconv = commandB5(); }
- elsif ( $command == 6 ) { $allow_remote_configtest = commandB6(); }
- elsif ( $command == 7 ) { $sm_debug_mode = commandB8(); }
- elsif ( $command == 8 ) { $secured_config = commandB9(); }
+ elsif ( $command == 6 ) { $buffer_output = commandB6(); }
+ elsif ( $command == 7 ) { $allow_remote_configtest = commandB7(); }
+ elsif ( $command == 8 ) { $sm_debug_mode = commandB8(); }
+ elsif ( $command == 9 ) { $secured_config = commandB9(); }
+ elsif ( $command == 10 ) { $sq_https_port = commandB10(); }
+ elsif ( $command == 11 ) { $sq_ignore_http_x_forwarded_headers = commandB11(); }
}
}
}
$YesNo = 'n';
$YesNo = 'y' if ( lc($pop_before_smtp) eq 'true' );
- print "Use pop before SMTP (y/n) [$WHT$YesNo$NRM]: $WHT";
+ print "Use POP before SMTP (y/n) [$WHT$YesNo$NRM]: $WHT";
$new_pop_before_smtp = <STDIN>;
$new_pop_before_smtp =~ tr/yn//cd;
- return 'true' if ( $new_pop_before_smtp eq "y" );
- return 'false' if ( $new_pop_before_smtp eq "n" );
- return $pop_before_smtp;
+ if ( $new_pop_before_smtp eq "y" ) {
+ $new_pop_before_smtp = "true";
+ } elsif ( $new_pop_before_smtp eq "n" ) {
+ $new_pop_before_smtp = "false";
+ } else {
+ $new_pop_before_smtp = $pop_before_smtp;
+ }
+
+ # if using POP before SMTP, allow setting of custom POP server address
+ if ($new_pop_before_smtp eq "true") {
+ print "$NRM\nIf the address of the POP server is not the same as\n";
+ print "your SMTP server, you may specify it here. Leave blank (to\n";
+ print "clear this, enter only spaces) to use the same address as\n";
+ print "your SMTP server.\n";
+ print "POP before SMTP server address [$WHT$pop_before_smtp_host$NRM]: $WHT";
+
+ $new_pop_before_smtp_host = <STDIN>;
+ if ( $new_pop_before_smtp_host eq "\n" ) {
+ $new_pop_before_smtp_host = $pop_before_smtp_host;
+ } elsif ($new_pop_before_smtp_host =~ /^\s+$/) {
+ $new_pop_before_smtp_host = '';
+ } else {
+ $new_pop_before_smtp_host =~ s/[\r|\n]//g;
+ }
+ $pop_before_smtp_host = $new_pop_before_smtp_host;
+ }
+
+ return $new_pop_before_smtp;
}
# imap_server_type
# $encode_header_key
sub command114 {
- print "Encryption key allows to hide SquirrelMail Received: headers\n";
- print "in outbound messages. Interface uses encryption key to encode\n";
- print "username, remote address and proxied address, then stores encoded\n";
- print "information in X-Squirrel-* headers.\n";
+ print "This encryption key allows the hiding of SquirrelMail Received:\n";
+ print "headers in outbound messages. SquirrelMail uses the encryption\n";
+ print "key to encode the username, remote address, and proxied address\n";
+ print "and then stores that encoded information in X-Squirrel-* headers.\n";
print "\n";
- print "Warning: used encryption function is not bulletproof. When used\n";
- print "with static encryption keys, it provides only minimal security\n";
- print "measures and information can be decoded quickly.\n";
+ print "Warning: the encryption function used to accomplish this is not\n";
+ print "bulletproof. When used with a static encryption key as it is here,\n";
+ print "it provides only minimal security and the encoded user information\n";
+ print "in the X-Squirrel-* headers can be decoded quickly by a skilled\n";
+ print "attacker.\n";
print "\n";
- print "Encoded information can be decoded with decrypt_headers.php script\n";
- print "from SquirrelMail contrib/ directory.\n";
+ print "When you need to inspect an email sent from your system with the\n";
+ print "X-Squirrel-* headers, you can decode the user information therein\n";
+ print "by using the decrypt_headers.php script found in the SquirrelMail\n";
+ print "contrib/ directory. You'll need the encryption key that you\n";
+ print "defined here when doing so.\n";
print "\n";
print "Enter encryption key: ";
$new_encode_header_key = <STDIN>;
}
sub command311 {
- print " Given that users are not allowed to modify their
+ print "$NRM";
+ print "\n Given that users are not allowed to modify their
email address, can they edit their full name?
";
}
sub command311b {
- print " SquirrelMail adds username information to every sent email
- in order to prevent possible sender forging when users are allowed
- to change their email and/or full name.
+ print "$NRM";
+ print "\n SquirrelMail adds username information to every outgoing
+ email in order to prevent possible sender forging when users are
+ allowed to change their email and/or full name.
- You can remove user information from this header (y), if you think that
+ You can remove user information from this header (y) if you think that
it violates privacy or security.
Note: If users are allowed to change their email addresses,
this setting will make it difficult to determine who sent what where.
Use at your own risk.
+ Note: If you have defined a header encryption key in your SMTP or
+ Sendmail settings (see the \"Server Settings\" option page), this
+ setting is ignored because all user information in outgoing messages
+ is encoded.
+
";
if ( lc($hide_auth_header) eq "true" ) {
print " ";
}
if ( $templateset_id[$count] eq $templateset_fallback ) {
- print "f ";
+ print "f";
+ } else {
+ print " ";
+ }
+ if ( $templateset_id[$count] eq $rpc_templateset ) {
+ print "r ";
} else {
print " ";
}
if ( $count < 10 ) {
print " ";
}
+ if ( $count < 100 ) {
+ print " ";
+ }
$name = $templateset_name[$count];
- $num_spaces = 35 - length($name);
- for ( $i = 0 ; $i < $num_spaces ; $i++ ) {
- $name = $name . " ";
+
+ # present RPC template sets differently
+ #
+ if ( $templateset_id[$count] =~ /_rpc$/ ) {
+ $name = $name . " (not shown in user interface; used for RPC interface only)";
+ } else {
+
+ $num_spaces = 35 - length($name);
+ for ( $i = 0 ; $i < $num_spaces ; $i++ ) {
+ $name = $name . " ";
+ }
+ $name = $name . "($templateset_id[$count])";
+
}
- print " $count. $name";
- print "($templateset_id[$count])\n";
+ print " $count. $name\n";
$count++;
- }
- print "\n d = default template set\n"
- . " f = fallback template set\n\n";
+ }
+ print "\n d = default template set\n"
+ . " f = fallback template set\n"
+ . " r = RPC template set\n\n";
$menu_text = ".-------------------------------------.\n"
. "| t (detect template set) |\n"
. "| - N (remove template set) |\n"
. "| m N (mark default template set) |\n"
. "| f N (set fallback template set) |\n"
+ . "| r N (set RPC template set) |\n"
. "| l (list template sets/skins) |\n"
. "| d (done) |\n"
. "|-------------------------------------|\n"
print " ";
}
if ( $templateset_id[$count] eq $templateset_fallback ) {
- print "f ";
+ print "f";
+ } else {
+ print " ";
+ }
+ if ( $templateset_id[$count] eq $rpc_templateset ) {
+ print "r ";
} else {
print " ";
}
if ( $count < 10 ) {
print " ";
}
+ if ( $count < 100 ) {
+ print " ";
+ }
$name = $templateset_name[$count];
- $num_spaces = 35 - length($name);
- for ( $i = 0 ; $i < $num_spaces ; $i++ ) {
- $name = $name . " ";
+
+ # present RPC template sets differently
+ #
+ if ( $templateset_id[$count] =~ /_rpc$/ ) {
+ $name = $name . " (not shown in user interface; used for RPC interface only)";
+ } else {
+
+ $num_spaces = 35 - length($name);
+ for ( $i = 0 ; $i < $num_spaces ; $i++ ) {
+ $name = $name . " ";
+ }
+ $name = $name . "($templateset_id[$count])";
+
}
- print " $count. $name";
- print "($templateset_id[$count])\n";
+ print " $count. $name\n";
$count++;
}
print "\n d = default template set\n"
- . " f = fallback template set\n\n";
+ . " f = fallback template set\n"
+ . " r = RPC template set\n\n";
# mark default template set
#
print "Cannot set default template set to $input. That template set does not exist.\n";
$templateset_default = $old_def;
}
+ if ( $templateset_default =~ /_rpc$/ ) {
+ print "Cannot set default template set to $input. That template set is intended for the RPC interface only.\n";
+ $templateset_default = $old_def;
+ }
# set fallback template set
#
print "Cannot set fallback template set to $input. That template set does not exist.\n";
$templateset_fallback = $old_def;
}
+ if ( $templateset_fallback =~ /_rpc$/ ) {
+ print "Cannot set fallback template set to $input. That template set is intended for the RPC interface only.\n";
+ $templateset_fallback = $old_def;
+ }
+
+ # set RPC template set
+ #
+ } elsif ( $input =~ /^\s*r\s*[0-9]+/i ) {
+ $old_def = $rpc_templateset;
+ $input =~ s/^\s*r\s*//;
+ $rpc_templateset = $templateset_id[$input];
+ if ( $rpc_templateset =~ /^\s*$/ ) {
+ print "Cannot set RPC template set to $input. That template set does not exist.\n";
+ $rpc_templateset = $old_def;
+ }
+ if ( $rpc_templateset !~ /_rpc$/ ) {
+ print "Cannot set fallback template set to $input. That template set is not intended for the RPC interface.\n";
+ $rpc_templateset = $old_def;
+ }
# add template set
#
if ( $found != 1) {
print "** Found template set: $filename\n";
$def = $files[$cnt];
- $def =~ s/_/ /g;
- $def = lc($def);
- #$def =~ s/(^\w+)/ucfirst $1/eg;
- #$def =~ s/(\s+)(\w+)/$1 . ucfirst $2/eg;
- $def =~ s/(^\w+)|(\s+)(\w+)/ucfirst $1 . $2 . ucfirst $3/eg;
- print " What is it's name (as shown to your users)? [$def]: ";
- $nm = <STDIN>;
- $nm =~ s/^\s+|\s+$|[\n\r]//g;
- if ( $nm eq '' ) { $nm = $def; }
+
+ # no user-friendly names needed for RPC template sets
+ #
+ if ( $def =~ /_rpc$/ ) {
+ $nm = $def;
+ } else {
+ $def = lc($def);
+ $def =~ s/_/ /g;
+ #$def =~ s/(^\w+)/ucfirst $1/eg;
+ #$def =~ s/(\s+)(\w+)/$1 . ucfirst $2/eg;
+ $def =~ s/(^\w+)|(\s+)(\w+)/ucfirst $1 . $2 . ucfirst $3/eg;
+ print " What is it's name (as shown to your users)? [$def]: ";
+ $nm = <STDIN>;
+ $nm =~ s/^\s+|\s+$|[\n\r]//g;
+ if ( $nm eq '' ) { $nm = $def; }
+ }
$templateset_id[ $#templateset_id + 1 ] = $filename;
$templateset_name[ $#templateset_name + 1 ] = $nm;
}
print " Removing \"$filename\" (template set directory not found)\n";
if ( $templateset_default eq $filename ) { $templateset_default = 'default'; }
if ( $templateset_fallback eq $filename ) { $templateset_fallback = 'default'; }
+ if ( $rpc_templateset eq $filename ) { $rpc_templateset = 'default_rpc'; }
$offset = 0;
@new_templateset_name = ();
@new_templateset_id = ();
print "You cannot remove the default template set!\n";
} elsif ( $templateset_id[$rem_num] eq $templateset_fallback ) {
print "You cannot remove the fallback template set!\n";
+ } elsif ( $templateset_id[$rem_num] eq $rpc_templateset ) {
+ print "You cannot remove the RPC template set!\n";
} else {
$count = 0;
@new_templateset_name = ();
return $use_php_iconv;
}
-# configtest block
+# buffer output
sub commandB6 {
+ print "In some cases, buffering all output (holding it on the server until\n";
+ print "the full page is ready to send to the browser) allows more complex\n";
+ print "functionality, especially for plugins that want to add headers on hooks\n";
+ print "that are beyond the point of output having been sent to the browser\n";
+ print "otherwise. Most plugins that need this functionality will enable it\n";
+ print "automatically on their own, but you can turn it on manually here. You'd\n";
+ print "usually want to do this if you want to specify a custom output handler\n";
+ print "for parsing the output - you can do that by specifying a value for\n";
+ print "\$buffered_output_handler in config_local.php. Don't forget to define\n";
+ print "a function of the same name as what \$buffered_output_handler is set to.\n";
+ print "\n";
+
+ if ( lc($buffer_output) eq 'true' ) {
+ $default_value = "y";
+ } else {
+ $default_value = "n";
+ }
+ print "Buffer all output? (y/n) [$WHT$default_value$NRM]: $WHT";
+ $buffer_output = <STDIN>;
+ if ( ( $buffer_output =~ /^y\n/i ) || ( ( $buffer_output =~ /^\n/ ) && ( $default_value eq "y" ) ) ) {
+ $buffer_output = 'true';
+ } else {
+ $buffer_output = 'false';
+ }
+ return $buffer_output;
+}
+
+# configtest block
+sub commandB7 {
print "Enable this option if you want to check SquirrelMail configuration\n";
print "remotely with configtest.php script.\n";
print "\n";
}
# Default Icon theme
-sub commandB7 {
+sub command53 {
print "You may change the path to the default icon theme to be used, if icons\n";
print "have been enabled. This theme will be used when an icon cannot be\n";
print "found in the current theme, or when no icon theme is specified. If\n";
return $secured_config;
}
+# Set a (non-standard) HTTPS port
+sub commandB10 {
+ print "If you run HTTPS (SSL-secured HTTP) on a non-standard port, you should\n";
+ print "indicate that port here. Even if you do not, SquirrelMail may still\n";
+ print "auto-detect secure connections, but it is safer and also very useful\n";
+ print "for third party plugins if you specify the port number here.\n";
+ print "\n";
+ print "Most SquirrelMail administrators will not need to use this setting\n";
+ print "because most all web servers use port 443 for HTTPS connections, and\n";
+ print "SquirrelMail assumes 443 unless something else is given here.\n";
+ print "\n";
+
+ print "Enter your HTTPS port [$sq_https_port]: ";
+ my $tmp = <STDIN>;
+ $tmp = trim($tmp);
+ # value is not modified, if user hits Enter or enters space
+ if ($tmp ne '') {
+ # make sure that input is numeric
+ if ($tmp =~ /^\d+$/) {
+ $sq_https_port = $tmp;
+ } else {
+ print "\n";
+ print "--- INPUT ERROR ---\n";
+ print "\n";
+ print "If you want to change this setting, you must enter a number.\n";
+ print "If you want to keep the original value, just press Enter.\n\n";
+ print "Press Enter to continue...";
+ $tmp = <STDIN>;
+ }
+ }
+ return $sq_https_port;
+}
+
+# Ignore HTTP_X_FORWARDED_* headers?
+sub commandB11 {
+
+ if ( lc($sq_ignore_http_x_forwarded_headers) eq 'true' ) {
+ $default_value = "y";
+ } else {
+ $default_value = "n";
+ }
+
+ print "Because HTTP_X_FORWARDED_* headers can be sent by the client and\n";
+ print "therefore possibly exploited by an outsider, SquirrelMail ignores\n";
+ print "them by default. If a proxy server or other machine sits between\n";
+ print "clients and your SquirrelMail server, you can turn this off to\n";
+ print "tell SquirrelMail to use such headers.\n";
+ print "\n";
+
+ print "Ignore HTTP_X_FORWARDED headers? (y/n) [$WHT$default_value$NRM]: $WHT";
+ $sq_ignore_http_x_forwarded_headers = <STDIN>;
+ if ( ( $sq_ignore_http_x_forwarded_headers =~ /^y\n/i ) || ( ( $sq_ignore_http_x_forwarded_headers =~ /^\n/ ) && ( $default_value eq "y" ) ) ) {
+ $sq_ignore_http_x_forwarded_headers = 'true';
+ } else {
+ $sq_ignore_http_x_forwarded_headers = 'false';
+ }
+ return $sq_ignore_http_x_forwarded_headers;
+}
+
sub save_data {
$tab = " ";
if ( open( CF, ">config.php" ) ) {
# boolean
print CF "\$pop_before_smtp = $pop_before_smtp;\n";
# string
+ print CF "\$pop_before_smtp_host = '$pop_before_smtp_host';\n";
+ # string
print CF "\$imap_server_type = '$imap_server_type';\n";
# boolean
print CF "\$invert_time = $invert_time;\n";
if ( $templateset_fallback eq '' ) { $templateset_fallback = 'default'; }
print CF "\$templateset_fallback = '$templateset_fallback';\n";
+ if ( $rpc_templateset eq '' ) { $rpc_templateset = 'default_rpc'; }
+ print CF "\$rpc_templateset = '$rpc_templateset';\n";
+
for ( $count = 0 ; $count <= $#templateset_name ; $count++ ) {
+
+ # don't include RPC template sets
+ #
+ if ( $templateset_id[$count] =~ /_rpc$/ ) { next; }
+
print CF "\$aTemplateSet[$count]['ID'] = '" . $templateset_id[$count] . "';\n";
# escape theme name so it can contain single quotes.
$esc_name = $templateset_name[$count];
print CF "\$use_php_iconv = $use_php_iconv;\n";
print CF "\n";
# boolean
+ print CF "\$buffer_output = $buffer_output;\n";
+ print CF "\n";
+ # boolean
print CF "\$allow_remote_configtest = $allow_remote_configtest;\n";
print CF "\$secured_config = $secured_config;\n";
+ # integer
+ print CF "\$sq_https_port = $sq_https_port;\n";
+ # boolean
+ print CF "\$sq_ignore_http_x_forwarded_headers = $sq_ignore_http_x_forwarded_headers;\n";
# (binary) integer or constant - convert integer
# values to constants before output
$sm_debug_mode = convert_debug_binary_integer_to_constants($sm_debug_mode);