From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
plugins/enigma/enigma.php | 128 ++++++++++++++++++++++++++++++++++++++----
1 files changed, 115 insertions(+), 13 deletions(-)
diff --git a/plugins/enigma/enigma.php b/plugins/enigma/enigma.php
index 10b8048..8e8ded2 100644
--- a/plugins/enigma/enigma.php
+++ b/plugins/enigma/enigma.php
@@ -1,5 +1,6 @@
<?php
-/*
+
+/**
+-------------------------------------------------------------------------+
| Enigma Plugin for Roundcube |
| |
@@ -14,11 +15,10 @@
+-------------------------------------------------------------------------+
*/
-/*
- This class contains only hooks and action handlers.
- Most plugin logic is placed in enigma_engine and enigma_ui classes.
-*/
-
+/**
+ * This class contains only hooks and action handlers.
+ * Most plugin logic is placed in enigma_engine and enigma_ui classes.
+ */
class enigma extends rcube_plugin
{
public $task = 'mail|settings';
@@ -26,7 +26,7 @@
public $engine;
public $ui;
- private $env_loaded = false;
+ private $env_loaded = false;
/**
@@ -44,18 +44,25 @@
$this->register_action('plugin.enigmaimport', array($this, 'import_file'));
+ // load the Enigma plugin configuration
+ $this->load_config();
+
+ $enabled = $this->rc->config->get('enigma_encryption', true);
+
// message displaying
- if ($this->rc->action == 'show' || $this->rc->action == 'preview') {
+ if ($this->rc->action == 'show' || $this->rc->action == 'preview' || $this->rc->action == 'print') {
$this->add_hook('message_load', array($this, 'message_load'));
$this->add_hook('template_object_messagebody', array($this, 'message_output'));
}
// message composing
- else if ($this->rc->action == 'compose') {
+ else if ($enabled && $this->rc->action == 'compose') {
+ $this->add_hook('message_compose_body', array($this, 'message_compose'));
+
$this->load_ui();
$this->ui->init();
}
// message sending (and draft storing)
- else if ($this->rc->action == 'send') {
+ else if ($enabled && $this->rc->action == 'send') {
$this->add_hook('message_ready', array($this, 'message_ready'));
}
@@ -73,7 +80,10 @@
// $this->register_action('plugin.enigmacerts', array($this, 'preferences_ui'));
$this->load_ui();
- $this->ui->add_css();
+
+ if (empty($_REQUEST['_framed']) || strpos($this->rc->action, 'plugin.enigma') === 0) {
+ $this->ui->add_css();
+ }
}
$this->add_hook('refresh', array($this, 'refresh'));
@@ -234,6 +244,63 @@
$p['blocks']['main']['name'] = $this->gettext('mainoptions');
+ if (!isset($no_override['enigma_encryption'])) {
+ if (!$p['current']) {
+ $p['blocks']['main']['content'] = true;
+ return $p;
+ }
+
+ $field_id = 'rcmfd_enigma_encryption';
+ $input = new html_checkbox(array(
+ 'name' => '_enigma_encryption',
+ 'id' => $field_id,
+ 'value' => 1,
+ ));
+
+ $p['blocks']['main']['options']['enigma_encryption'] = array(
+ 'title' => html::label($field_id, $this->gettext('supportencryption')),
+ 'content' => $input->show(intval($this->rc->config->get('enigma_encryption'))),
+ );
+ }
+
+ if (!isset($no_override['enigma_signatures'])) {
+ if (!$p['current']) {
+ $p['blocks']['main']['content'] = true;
+ return $p;
+ }
+
+ $field_id = 'rcmfd_enigma_signatures';
+ $input = new html_checkbox(array(
+ 'name' => '_enigma_signatures',
+ 'id' => $field_id,
+ 'value' => 1,
+ ));
+
+ $p['blocks']['main']['options']['enigma_signatures'] = array(
+ 'title' => html::label($field_id, $this->gettext('supportsignatures')),
+ 'content' => $input->show(intval($this->rc->config->get('enigma_signatures'))),
+ );
+ }
+
+ if (!isset($no_override['enigma_decryption'])) {
+ if (!$p['current']) {
+ $p['blocks']['main']['content'] = true;
+ return $p;
+ }
+
+ $field_id = 'rcmfd_enigma_decryption';
+ $input = new html_checkbox(array(
+ 'name' => '_enigma_decryption',
+ 'id' => $field_id,
+ 'value' => 1,
+ ));
+
+ $p['blocks']['main']['options']['enigma_decryption'] = array(
+ 'title' => html::label($field_id, $this->gettext('supportdecryption')),
+ 'content' => $input->show(intval($this->rc->config->get('enigma_decryption'))),
+ );
+ }
+
if (!isset($no_override['enigma_sign_all'])) {
if (!$p['current']) {
$p['blocks']['main']['content'] = true;
@@ -272,6 +339,27 @@
);
}
+ if (!isset($no_override['enigma_password_time'])) {
+ if (!$p['current']) {
+ $p['blocks']['main']['content'] = true;
+ return $p;
+ }
+
+ $field_id = 'rcmfd_enigma_password_time';
+ $select = new html_select(array('name' => '_enigma_password_time', 'id' => $field_id));
+
+ foreach (array(1, 5, 10, 15, 30) as $m) {
+ $label = $this->gettext(array('name' => 'nminutes', 'vars' => array('m' => $m)));
+ $select->add($label, $m);
+ }
+ $select->add($this->gettext('wholesession'), 0);
+
+ $p['blocks']['main']['options']['enigma_password_time'] = array(
+ 'title' => html::label($field_id, $this->gettext('passwordtime')),
+ 'content' => $select->show(intval($this->rc->config->get('enigma_password_time'))),
+ );
+ }
+
return $p;
}
@@ -287,8 +375,12 @@
{
if ($p['section'] == 'enigma') {
$p['prefs'] = array(
- 'enigma_sign_all' => intval(rcube_utils::get_input_value('_enigma_sign_all', rcube_utils::INPUT_POST)),
- 'enigma_encrypt_all' => intval(rcube_utils::get_input_value('_enigma_encrypt_all', rcube_utils::INPUT_POST)),
+ 'enigma_signatures' => (bool) rcube_utils::get_input_value('_enigma_signatures', rcube_utils::INPUT_POST),
+ 'enigma_decryption' => (bool) rcube_utils::get_input_value('_enigma_decryption', rcube_utils::INPUT_POST),
+ 'enigma_encryption' => (bool) rcube_utils::get_input_value('_enigma_encryption', rcube_utils::INPUT_POST),
+ 'enigma_sign_all' => (bool) rcube_utils::get_input_value('_enigma_sign_all', rcube_utils::INPUT_POST),
+ 'enigma_encrypt_all' => (bool) rcube_utils::get_input_value('_enigma_encrypt_all', rcube_utils::INPUT_POST),
+ 'enigma_password_time' => intval(rcube_utils::get_input_value('_enigma_password_time', rcube_utils::INPUT_POST)),
);
}
@@ -376,6 +468,16 @@
}
/**
+ * Handle message_compose_body hook
+ */
+ function message_compose($p)
+ {
+ $this->load_ui();
+
+ return $this->ui->message_compose($p);
+ }
+
+ /**
* Handler for refresh hook.
*/
function refresh($p)
--
Gitblit v1.9.1