From ced34cb15e095836767971aa4d27b141fb1d7ec9 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sat, 18 Oct 2014 08:47:54 -0400
Subject: [PATCH] Merge pull request #230 from bytesatwork-xx/master
---
program/lib/Roundcube/rcube.php | 120 +++++++++++++++++++++++++++++++++++++++++++++---------------
1 files changed, 90 insertions(+), 30 deletions(-)
diff --git a/program/lib/Roundcube/rcube.php b/program/lib/Roundcube/rcube.php
index 7d28dce..03f4963 100644
--- a/program/lib/Roundcube/rcube.php
+++ b/program/lib/Roundcube/rcube.php
@@ -172,9 +172,13 @@
public function get_dbh()
{
if (!$this->db) {
- $config_all = $this->config->all();
- $this->db = rcube_db::factory($config_all['db_dsnw'], $config_all['db_dsnr'], $config_all['db_persistent']);
- $this->db->set_debug((bool)$config_all['sql_debug']);
+ $this->db = rcube_db::factory(
+ $this->config->get('db_dsnw'),
+ $this->config->get('db_dsnr'),
+ $this->config->get('db_persistent')
+ );
+
+ $this->db->set_debug((bool)$this->config->get('sql_debug'));
}
return $this->db;
@@ -357,15 +361,16 @@
// set class options
$options = array(
- 'auth_type' => $this->config->get("{$driver}_auth_type", 'check'),
- 'auth_cid' => $this->config->get("{$driver}_auth_cid"),
- 'auth_pw' => $this->config->get("{$driver}_auth_pw"),
- 'debug' => (bool) $this->config->get("{$driver}_debug"),
- 'force_caps' => (bool) $this->config->get("{$driver}_force_caps"),
- 'disabled_caps' => $this->config->get("{$driver}_disabled_caps"),
- 'timeout' => (int) $this->config->get("{$driver}_timeout"),
- 'skip_deleted' => (bool) $this->config->get('skip_deleted'),
- 'driver' => $driver,
+ 'auth_type' => $this->config->get("{$driver}_auth_type", 'check'),
+ 'auth_cid' => $this->config->get("{$driver}_auth_cid"),
+ 'auth_pw' => $this->config->get("{$driver}_auth_pw"),
+ 'debug' => (bool) $this->config->get("{$driver}_debug"),
+ 'force_caps' => (bool) $this->config->get("{$driver}_force_caps"),
+ 'disabled_caps' => $this->config->get("{$driver}_disabled_caps"),
+ 'socket_options' => $this->config->get("{$driver}_conn_options"),
+ 'timeout' => (int) $this->config->get("{$driver}_timeout"),
+ 'skip_deleted' => (bool) $this->config->get('skip_deleted'),
+ 'driver' => $driver,
);
if (!empty($_SESSION['storage_host'])) {
@@ -384,8 +389,12 @@
$this->storage->set_options($options);
$this->set_storage_prop();
- }
+ // subscribe to 'storage_connected' hook for session logging
+ if ($this->config->get('imap_log_session', false)) {
+ $this->plugins->register_hook('storage_connected', array($this, 'storage_log_session'));
+ }
+ }
/**
* Set storage parameters.
@@ -451,6 +460,16 @@
}
}
+
+ /**
+ * Callback for IMAP connection events to log session identifiers
+ */
+ public function storage_log_session($args)
+ {
+ if (!empty($args['session']) && session_id()) {
+ $this->write_log('imap_session', $args['session']);
+ }
+ }
/**
* Create session object and start the session.
@@ -823,12 +842,19 @@
* upon decryption; see http://php.net/mcrypt_generic#68082
*/
$clear = pack("a*H2", $clear, "80");
+ $ckey = $this->config->get_crypto_key($key);
- if (function_exists('mcrypt_module_open') &&
+ if (function_exists('openssl_encrypt')) {
+ $method = 'DES-EDE3-CBC';
+ $opts = defined('OPENSSL_RAW_DATA') ? OPENSSL_RAW_DATA : true;
+ $iv = $this->create_iv(openssl_cipher_iv_length($method));
+ $cipher = $iv . openssl_encrypt($clear, $method, $ckey, $opts, $iv);
+ }
+ else if (function_exists('mcrypt_module_open') &&
($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, ""))
) {
$iv = $this->create_iv(mcrypt_enc_get_iv_size($td));
- mcrypt_generic_init($td, $this->config->get_crypto_key($key), $iv);
+ mcrypt_generic_init($td, $ckey, $iv);
$cipher = $iv . mcrypt_generic($td, $clear);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
@@ -839,13 +865,13 @@
if (function_exists('des')) {
$des_iv_size = 8;
$iv = $this->create_iv($des_iv_size);
- $cipher = $iv . des($this->config->get_crypto_key($key), $clear, 1, 1, $iv);
+ $cipher = $iv . des($ckey, $clear, 1, 1, $iv);
}
else {
self::raise_error(array(
'code' => 500, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
- 'message' => "Could not perform encryption; make sure Mcrypt is installed or lib/des.inc is available"
+ 'message' => "Could not perform encryption; make sure OpenSSL or Mcrypt or lib/des.inc is available"
), true, true);
}
}
@@ -870,12 +896,13 @@
}
$cipher = $base64 ? base64_decode($cipher) : $cipher;
+ $ckey = $this->config->get_crypto_key($key);
- if (function_exists('mcrypt_module_open') &&
- ($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, ""))
- ) {
- $iv_size = mcrypt_enc_get_iv_size($td);
- $iv = substr($cipher, 0, $iv_size);
+ if (function_exists('openssl_decrypt')) {
+ $method = 'DES-EDE3-CBC';
+ $opts = defined('OPENSSL_RAW_DATA') ? OPENSSL_RAW_DATA : true;
+ $iv_size = openssl_cipher_iv_length($method);
+ $iv = substr($cipher, 0, $iv_size);
// session corruption? (#1485970)
if (strlen($iv) < $iv_size) {
@@ -883,7 +910,21 @@
}
$cipher = substr($cipher, $iv_size);
- mcrypt_generic_init($td, $this->config->get_crypto_key($key), $iv);
+ $clear = openssl_decrypt($cipher, $method, $ckey, $opts, $iv);
+ }
+ else if (function_exists('mcrypt_module_open') &&
+ ($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, ""))
+ ) {
+ $iv_size = mcrypt_enc_get_iv_size($td);
+ $iv = substr($cipher, 0, $iv_size);
+
+ // session corruption? (#1485970)
+ if (strlen($iv) < $iv_size) {
+ return '';
+ }
+
+ $cipher = substr($cipher, $iv_size);
+ mcrypt_generic_init($td, $ckey, $iv);
$clear = mdecrypt_generic($td, $cipher);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
@@ -893,15 +934,15 @@
if (function_exists('des')) {
$des_iv_size = 8;
- $iv = substr($cipher, 0, $des_iv_size);
+ $iv = substr($cipher, 0, $des_iv_size);
$cipher = substr($cipher, $des_iv_size);
- $clear = des($this->config->get_crypto_key($key), $cipher, 0, 1, $iv);
+ $clear = des($ckey, $cipher, 0, 1, $iv);
}
else {
self::raise_error(array(
'code' => 500, 'type' => 'php',
'file' => __FILE__, 'line' => __LINE__,
- 'message' => "Could not perform decryption; make sure Mcrypt is installed or lib/des.inc is available"
+ 'message' => "Could not perform decryption; make sure OpenSSL or Mcrypt or lib/des.inc is available"
), true, true);
}
}
@@ -1113,8 +1154,12 @@
$line = var_export($line, true);
}
- $date_format = self::$instance ? self::$instance->config->get('log_date_format') : null;
- $log_driver = self::$instance ? self::$instance->config->get('log_driver') : null;
+ $date_format = $log_driver = $session_key = null;
+ if (self::$instance) {
+ $date_format = self::$instance->config->get('log_date_format');
+ $log_driver = self::$instance->config->get('log_driver');
+ $session_key = intval(self::$instance->config->get('log_session_id', 8));
+ }
if (empty($date_format)) {
$date_format = 'd-M-Y H:i:s O';
@@ -1130,6 +1175,11 @@
$date = $log['date'];
if ($log['abort'])
return true;
+ }
+
+ // add session ID to the log
+ if ($session_key > 0 && ($sess = session_id())) {
+ $line = '<' . substr($sess, 0, $session_key) . '> ' . $line;
}
if ($log_driver == 'syslog') {
@@ -1207,8 +1257,8 @@
}
// installer
- if (class_exists('rcube_install', false)) {
- $rci = rcube_install::get_instance();
+ if (class_exists('rcmail_install', false)) {
+ $rci = rcmail_install::get_instance();
$rci->raise_error($arg);
return;
}
@@ -1231,6 +1281,9 @@
}
exit(1);
+ }
+ else if ($cli) {
+ fwrite(STDERR, 'ERROR: ' . $arg['message']);
}
}
@@ -1479,6 +1532,13 @@
));
if ($plugin['abort']) {
+ if (!empty($plugin['error'])) {
+ $error = $plugin['error'];
+ }
+ if (!empty($plugin['body_file'])) {
+ $body_file = $plugin['body_file'];
+ }
+
return isset($plugin['result']) ? $plugin['result'] : false;
}
--
Gitblit v1.9.1