moved smtp sitewide configuration to main configuration utility

added quote_single subroutine, that is used to sanitize single quoted php strings
removed obsolete command18() subroutine

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@11469 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/ChangeLog b/ChangeLog
index d0c7e52d7c5d3dc69cc32a0850d2d86784dd6b68..02395b8451e9d55e1f134fc989aba6bfcfc1241f 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -124,6 +124,8 @@ Version 1.5.2 - CVS
     display warning, if Courier IMAP XMAGICTRASH extension is detected.
   - Show purge link for Trash folder without any messages, if folder has
     subfolders (#1413569).
     display warning, if Courier IMAP XMAGICTRASH extension is detected.
   - Show purge link for Trash folder without any messages, if folder has
     subfolders (#1413569).

+  - Custom SMTP AUTH configuration variables are moved from config_local.php
+    to main configuration file.

 
 Version 1.5.1 (branched on 2006-02-12)
 --------------------------------------
 
 Version 1.5.1 (branched on 2006-02-12)
 --------------------------------------

diff --git a/config/conf.pl b/config/conf.pl
index 398603968c5770cc07a8ea4abb847cec06a98077..0d116118e71950d0f3de3dc5a48e4530b1a88c01 100755 (executable)
--- a/config/conf.pl
+++ b/config/conf.pl
@@ -424,6 +424,8 @@ $disable_server_sort = 'false'         if ( !$disable_server_sort );
 # since 1.5.2
 $abook_file_line_length = 2048         if ( !$abook_file_line_length );
 $config_location_base = ''             if ( !$config_location_base );
 # since 1.5.2
 $abook_file_line_length = 2048         if ( !$abook_file_line_length );
 $config_location_base = ''             if ( !$config_location_base );

+$smtp_sitewide_user = ''               if ( !$smtp_sitewide_user );
+$smtp_sitewide_pass = ''               if ( !$smtp_sitewide_pass );

 
 if ( $ARGV[0] eq '--install-plugin' ) {
     print "Activating plugin " . $ARGV[1] . "\n";
 
 if ( $ARGV[0] eq '--install-plugin' ) {
     print "Activating plugin " . $ARGV[1] . "\n";


@@ -525,7 +527,7 @@ while ( ( $command ne "q" ) && ( $command ne "Q" ) && ( $command ne ":q" ) ) {
             print "4.   SMTP Server           : $WHT$smtpServerAddress$NRM\n";
             print "5.   SMTP Port             : $WHT$smtpPort$NRM\n";
             print "6.   POP before SMTP       : $WHT$pop_before_smtp$NRM\n";
             print "4.   SMTP Server           : $WHT$smtpServerAddress$NRM\n";
             print "5.   SMTP Port             : $WHT$smtpPort$NRM\n";
             print "6.   POP before SMTP       : $WHT$pop_before_smtp$NRM\n";

-            print "7.   SMTP Authentication   : $WHT$smtp_auth_mech$NRM\n";
+            print "7.   SMTP Authentication   : $WHT$smtp_auth_mech" . display_smtp_sitewide_userpass() ."$NRM\n";

             print "8.   Secure SMTP (TLS)     : $WHT" . display_use_tls($use_smtp_tls) . "$NRM\n";
             print "9.   Header encryption key : $WHT$encode_header_key$NRM\n";
             print "\n";
             print "8.   Secure SMTP (TLS)     : $WHT" . display_use_tls($use_smtp_tls) . "$NRM\n";
             print "9.   Header encryption key : $WHT$encode_header_key$NRM\n";
             print "\n";


@@ -1172,26 +1174,6 @@ sub command17 {
     return $new_smtpPort;
 }
 
     return $new_smtpPort;
 }
 

-# authenticated server
-sub command18 {
-    return;
-    # This sub disabled by tassium - it has been replaced with smtp_auth_mech
-    print "Do you wish to use an authenticated SMTP server?  Your server must\n";
-    print "support this in order for SquirrelMail to work with it.  We implemented\n";
-    print "it according to RFC 2554.\n";
-
-    $YesNo = 'n';
-    $YesNo = 'y' if ( lc($use_authenticated_smtp) eq 'true' );
-
-    print "Use authenticated SMTP server (y/n) [$WHT$YesNo$NRM]: $WHT";
-
-    $new_use_authenticated_smtp = <STDIN>;
-    $new_use_authenticated_smtp =~ tr/yn//cd;
-    return 'true'  if ( $new_use_authenticated_smtp eq "y" );
-    return 'false' if ( $new_use_authenticated_smtp eq "n" );
-    return $use_authenticated_smtp;
-}
-

 # pop before SMTP
 sub command18a {
     print "Do you wish to use POP3 before SMTP?  Your server must\n";
 # pop before SMTP
 sub command18a {
     print "Do you wish to use POP3 before SMTP?  Your server must\n";


@@ -1441,18 +1423,99 @@ sub command112b {
     $inval=<STDIN>;
     chomp($inval);
     if ($inval =~ /^none\b/i) {
     $inval=<STDIN>;
     chomp($inval);
     if ($inval =~ /^none\b/i) {

-      # SMTP doesn't necessarily require logins
-      return "none";
+        # remove sitewide smtp authentication information
+        $smtp_sitewide_user = '';
+        $smtp_sitewide_pass = '';
+        # SMTP doesn't necessarily require logins
+        return "none";
+    } elsif ( ($inval =~ /^cram-md5\b/i) || ($inval =~ /^digest-md5\b/i) ||
+              ($inval =~ /^login\b/i) || ($inval =~/^plain\b/i)) {
+        command_smtp_sitewide_userpass($inval);
+        return lc($inval);
+    } elsif (trim($inval) eq '') {
+        # user selected default value
+        command_smtp_sitewide_userpass($smtp_auth_mech);
+        return $smtp_auth_mech;
+    } else {
+        # user entered garbage 
+        return $smtp_auth_mech;

     }
     }

-    if ( ($inval =~ /^cram-md5\b/i) || ($inval =~ /^digest-md5\b/i) ||
-    ($inval =~ /^login\b/i) || ($inval =~/^plain\b/i)) {
-      return lc($inval);
+}
+
+sub command_smtp_sitewide_userpass($) {
+    # get first function argument
+    my $auth_mech = shift(@_);
+    my $default, $tmp;
+    $auth_mech = lc(trim($auth_mech));
+    if ($auth_mech ne 'cram-md5' &&
+        $auth_mech ne 'digest-md5' &&
+        $auth_mech ne 'login' &&
+        $auth_mech ne 'plain') {
+        return;
+    }
+    print "SMTP authentication uses IMAP username and password by default.\n";
+    print "\n";
+    print "Would you like to use other login and password for all SquirrelMail \n";
+    print "SMTP connections?";
+    if ($smtp_sitewide_user ne '') {
+        $default = 'y';
+        print " [Yn]:";
+    } else {
+        $default = 'n';
+        print " [yN]:";
+    }
+    $tmp=<STDIN>;
+    $tmp = trim($tmp);
+    
+    if ($tmp eq '') {
+        $tmp = $default;

     } else {
     } else {

-      # user entered garbage, or default value so nothing needs to be set
-      return $smtp_auth_mech;
+        $tmp = lc($tmp);
+    }
+
+    if ($tmp eq 'n') {
+        $smtp_sitewide_user = '';
+        $smtp_sitewide_pass = '';
+    } elsif ($tmp eq 'y') {
+        print "Enter username [$smtp_sitewide_user]:";
+        my $new_user = <STDIN>;
+        $new_user = trim($new_user);
+        if ($new_user ne '') {
+            $smtp_sitewide_user = $new_user;
+        }
+        if ($smtp_sitewide_user ne '') {
+            print "If you don't enter any password, current sitewide password will be used.\n";
+            print "If you enter space, password will be set to empty string.\n";
+            print "Enter password:";
+            my $new_pass = <STDIN>;
+            if ($new_pass ne "\n") {
+                $smtp_sitewide_pass = trim($new_pass);
+            }
+        } else {
+            print "Invalid input. You must set username used for SMTP authentication.\n";
+            print "Click any key to continue\n";
+            $tmp = <STDIN>;
+        }
+    } else {
+        print "Invalid input\n";
+        print "Click any key to continue\n";
+        $tmp = <STDIN>;

     }
 }
 
     }
 }
 

+# Sub adds information about SMTP authentication type to menu
+sub display_smtp_sitewide_userpass() {
+    my $ret = '';
+    if ($smtp_auth_mech ne 'none') {
+        if ($smtp_sitewide_user ne '') {
+            $ret = ' (with custom username and password)';
+        } else {
+            $ret = ' (with IMAP username and password)';
+        }
+    }
+    return $ret;
+}
+

 # TLS
 # This sub is reused for IMAP and SMTP
 # Args: service name, default value
 # TLS
 # This sub is reused for IMAP and SMTP
 # Args: service name, default value


@@ -4176,6 +4239,8 @@ sub save_data {
 
         # string
         print CF "\$smtp_auth_mech = '$smtp_auth_mech';\n";
 
         # string
         print CF "\$smtp_auth_mech = '$smtp_auth_mech';\n";

+        print CF "\$smtp_sitewide_user = '". quote_single($smtp_sitewide_user) ."';\n";
+        print CF "\$smtp_sitewide_pass = '". quote_single($smtp_sitewide_pass) ."';\n";

         # string
         print CF "\$imap_auth_mech = '$imap_auth_mech';\n";
         # boolean
         # string
         print CF "\$imap_auth_mech = '$imap_auth_mech';\n";
         # boolean


@@ -4628,3 +4693,10 @@ sub check_imap_folder($) {
         return 1;
     }
 }
         return 1;
     }
 }

+
+# quotes string written in single quotes
+sub quote_single($) {
+    my $string = shift(@_);
+    $string =~ s/\'/\\'/g;
+    return $string;
+}

diff --git a/config/config_default.php b/config/config_default.php
index c6580e357125b809943ac0615028ded2d5ca3ec5..4d73465436d9117b612b3574fbf91bee390335fb 100644 (file)
--- a/config/config_default.php
+++ b/config/config_default.php
@@ -267,6 +267,28 @@ $use_smtp_tls = 0;
  */
 $smtp_auth_mech = 'none';
 
  */
 $smtp_auth_mech = 'none';
 

+/**
+ * Custom SMTP authentication username
+ *
+ * IMAP username is used if variable is set to empty string.
+ * Variable is included in main configuration file only from 1.5.2 version.
+ * Older versions stored it in config_local.php.
+ * @global string $smtp_sitewide_user
+ * @since 1.5.0
+ */
+$smtp_sitewide_user = '';
+
+/**
+ * Custom SMTP authentication password
+ *
+ * IMAP password is used if $smtp_sitewide_user global is set to empty string.
+ * Variable is included in main configuration file only from 1.5.2 version.
+ * Older versions stored it in config_local.php.
+ * @global string $smtp_sitewide_pass
+ * @since 1.5.0
+ */
+$smtp_sitewide_pass = '';
+

 /**
  * IMAP authentication mechanism
  *
 /**
  * IMAP authentication mechanism
  *

diff --git a/doc/authentication.txt b/doc/authentication.txt
index ae78bf42ad9f0b2207cd92f611e2516829af61ca..e127a6293125dda399971593692dee0730395bfe 100644 (file)
--- a/doc/authentication.txt
+++ b/doc/authentication.txt
@@ -94,22 +94,21 @@ To get the challenge with SMTP:
 OPTIONAL SMTP AUTH CONFIGURATION
 --------------------------------
 
 OPTIONAL SMTP AUTH CONFIGURATION
 --------------------------------
 

-If you need all users to send mail via an upstream SMTP provider
-(your ISP, for example), and that ISP requires authentication,
-there are two variables that can be added to config_local.php
-that will specify a sitewide SMTP username and password.
-
-Set up SMTP authentication to the remote server according to the
-instructions above, then add the following to config_local.php,
-replacing <smtp_user> and <smtp_pass> with the username and password
-you'd like to use for the entire site:
-
-   $smtp_sitewide_user = '<smtp_user>';
-   $smtp_sitewide_pass = '<smtp_pass>';
-
-These values will be used to connect to the SMTP server as long
-as the authentication mechanism is something besides 'none', i.e.
-'login','plain','cram-md5', or 'digest-md5'.
+In SMTP authentication SquirrelMail uses user's login name and password. If you 
+need all users to send mail via an upstream SMTP provider (your ISP, for 
+example), and that ISP requires authentication, you can configure custom 
+username and password. $smtp_sitewide_user configuration variable stores custom
+username used during SMTP authentication. $smtp_sitewide_pass stores custom
+password that is used during SMTP authentication, if $smtp_sitewide_user 
+variable is not empty.
+
+SquirrelMail 1.5.0 and 1.5.1 stored these configuration variables in 
+config_local.php. Newer SquirrelMail versions allow to configure them in conf.pl
+configuration utility.
+
+These configuration variables will be used to connect to the SMTP server as long
+as the authentication mechanism is something besides 'none', i.e. 'login', 
+'plain', 'cram-md5', or 'digest-md5'.

 
 DEBUGGING SSL ERROR MESSAGES
 ----------------------------
 
 DEBUGGING SSL ERROR MESSAGES
 ----------------------------


@@ -129,7 +128,7 @@ Possible error messages:
 
 * SSL operation failed with code 1. OpenSSL Error messages: error:14094410:SSL
 routines:func(148):reason(1040) in some script.
 
 * SSL operation failed with code 1. OpenSSL Error messages: error:14094410:SSL
 routines:func(148):reason(1040) in some script.

-  Error generated by SSL libraries. Locate numbers listed 'SSL
+  Error generated by SSL library. Locate numbers listed in 'SSL 

   routines:func(###):reason(####)' string, find ssl.h file in your OpenSSL
   sources and locate same numbers listed in '/* Error codes for the SSL
   functions. */' section. Error define can be self explanatory. If you don't
   routines:func(###):reason(####)' string, find ssl.h file in your OpenSSL
   sources and locate same numbers listed in '/* Error codes for the SSL
   functions. */' section. Error define can be self explanatory. If you don't

diff --git a/plugins/administrator/defines.php b/plugins/administrator/defines.php
index 496dca6506cdd6e8d27b2b92dcdce59fc97a0c6d..1a018187d2c744fc287b11464b2079e41d28bfc8 100644 (file)
--- a/plugins/administrator/defines.php
+++ b/plugins/administrator/defines.php
@@ -168,6 +168,12 @@ $defcfg = array( '$config_version' => array( 'name' => _("Config File Version"),
                                                                 'cram-md5' => 'CRAM-MD5',
                                                                 'digest-md5' => 'DIGEST-MD5'),
                                              'default' => 'none'),
                                                                 'cram-md5' => 'CRAM-MD5',
                                                                 'digest-md5' => 'DIGEST-MD5'),
                                              'default' => 'none'),

+                 '$smtp_sitewide_user' => array( 'name' => _("Custom SMTP AUTH username"),
+                                                 'type' => SMOPT_TYPE_STRING,
+                                                 'size' => 40 ),
+                 '$smtp_sitewide_pass' => array( 'name' => _("Custom SMTP AUTH password"),
+                                                 'type' => SMOPT_TYPE_STRING,
+                                                 'size' => 40 ),

                  '$pop_before_smtp' => array( 'name' => _("POP3 Before SMTP?"),
                                               'type' => SMOPT_TYPE_BOOLEAN,
                                               'default' => false ),
                  '$pop_before_smtp' => array( 'name' => _("POP3 Before SMTP?"),
                                               'type' => SMOPT_TYPE_BOOLEAN,
                                               'default' => false ),