mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-11 00:14:50 +03:00
Add new function to overwrite the cryptkey
This is needed to prevent SnappyMail to ask the user for the old (maybe forgotten) ldap password
This commit is contained in:
parent
f8af48cf47
commit
23fe3a946b
3 changed files with 29 additions and 1 deletions
|
|
@ -5,6 +5,7 @@ use MailSo\Log\Logger;
|
|||
use RainLoop\Actions;
|
||||
use RainLoop\Model\AdditionalAccount;
|
||||
use RainLoop\Model\MainAccount;
|
||||
use RainLoop\Providers\Storage\Enumerations\StorageType;
|
||||
|
||||
class LdapMailAccounts
|
||||
{
|
||||
|
|
@ -176,6 +177,18 @@ class LdapMailAccounts
|
|||
return $oActions->FalseResponse(__FUNCTION__);
|
||||
}
|
||||
|
||||
//SnappyMail saves the passwords of the additional accounts by encrypting them using a cryptkey that is saved in the file .cryptkey
|
||||
//When the password of the main account changes, SnappyMail asks the user for the old password to reencrypt the keys with the new userpassword.
|
||||
//On a password change using ldap (or when the password has been forgotten by the user) this makes us some problems. Therefore overwrite
|
||||
//the .cryptkey file in order to always accept the actual ldap password of the user. This has side effects on pgp keys!
|
||||
//See https://github.com/the-djmaze/snappymail/issues/1570#issuecomment-2085528061
|
||||
if ($this->config->bool_overwrite_cryptkey) {
|
||||
if (!$oActions->StorageProvider()->Put($oAccount, StorageType::ROOT, '.cryptkey', "")) {
|
||||
$this->logger->Write("Could not overwrite the .cryptkey file!", \LOG_WARNING, self::LOG_KEY);
|
||||
return $oActions->FalseResponse(__FUNCTION__);
|
||||
}
|
||||
}
|
||||
|
||||
$aAccounts = $oActions->GetAccounts($oAccount);
|
||||
|
||||
//Search for accounts with suffix " (LDAP)" at the end of the name that were created by this plugin and initially remove them from the
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@ class LdapMailAccountsConfig
|
|||
public const CONFIG_FIELD_MAIL_ADDRESS_ADDITIONAL_ACCOUNT = "field_mail_address_additional_account";
|
||||
public const CONFIG_BOOL_OVERWRITE_MAIL_ADDRESS_MAIN_ACCOUNT = "bool_overwrite_mail_address_main_account";
|
||||
public const CONFIG_FIELD_MAIL_ADDRESS_MAIN_ACCOUNT = "field_mail_address_main_account";
|
||||
public const CONFIG_BOOL_OVERWRITE_CRYPTKEY = "bool_overwrite_cryptkey";
|
||||
|
||||
public $server;
|
||||
public $protocol;
|
||||
|
|
@ -36,6 +37,7 @@ class LdapMailAccountsConfig
|
|||
public $field_mail_address_main_account;
|
||||
public $field_mail_address_additional_account;
|
||||
public $bool_overwrite_mail_address_main_account;
|
||||
public $bool_overwrite_cryptkey;
|
||||
|
||||
public static function MakeConfig(Plugin $config): LdapMailAccountsConfig
|
||||
{
|
||||
|
|
@ -54,6 +56,7 @@ class LdapMailAccountsConfig
|
|||
$ldap->field_mail_address_additional_account = trim($config->Get("plugin", self::CONFIG_FIELD_MAIL_ADDRESS_ADDITIONAL_ACCOUNT));
|
||||
$ldap->bool_overwrite_mail_address_main_account = $config->Get("plugin", self::CONFIG_BOOL_OVERWRITE_MAIL_ADDRESS_MAIN_ACCOUNT);
|
||||
$ldap->field_mail_address_main_account = trim($config->Get("plugin", self::CONFIG_FIELD_MAIL_ADDRESS_MAIN_ACCOUNT));
|
||||
$ldap->bool_overwrite_cryptkey = $config->Get("plugin", self::CONFIG_BOOL_OVERWRITE_CRYPTKEY);
|
||||
|
||||
return $ldap;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -94,6 +94,17 @@ class LdapMailAccountsPlugin extends AbstractPlugin
|
|||
->SetDefaultValue("mail"),
|
||||
]);
|
||||
|
||||
$groupAdditionalSettings = new \RainLoop\Plugins\PropertyCollection('Additional settings');
|
||||
$groupAdditionalSettings->exchangeArray([
|
||||
\RainLoop\Plugins\Property::NewInstance(LdapMailAccountsConfig::CONFIG_BOOL_OVERWRITE_CRYPTKEY)->SetLabel('Overwrite user cryptkey')
|
||||
->SetType(\RainLoop\Enumerations\PluginPropertyType::BOOL)
|
||||
->SetDescription("SnappyMail saves the passwords of the additional accounts by encrypting them using a cryptkey that is saved in the file \".cryptkey\". When the password of the main account changes, SnappyMail asks the user for the old password to reencrypt the keys with the new userpassword.
|
||||
\nOn a password change using ldap (or when the password has been forgotten by the user) this makes problems and asks the user to insert the old password. Therefore activating this option overwrites the .cryptkey file on login in order to always accept the actual ldap password of the user.
|
||||
\nATTENTION: This has side effects on pgp keys because these are also secured by the cryptkey and could therefore not be accessible anymore!
|
||||
\nSee https://github.com/the-djmaze/snappymail/issues/1570#issuecomment-2085528061")
|
||||
->SetDefaultValue(false),
|
||||
]);
|
||||
|
||||
return [
|
||||
\RainLoop\Plugins\Property::NewInstance(LdapMailAccountsConfig::CONFIG_SERVER)
|
||||
->SetLabel("LDAP Server URL")
|
||||
|
|
@ -173,8 +184,9 @@ class LdapMailAccountsPlugin extends AbstractPlugin
|
|||
->SetDescription("The field containing the default sender name of the found additional mail account.")
|
||||
->SetDefaultValue("displayName"),
|
||||
|
||||
$groupOverwriteMainAccount
|
||||
$groupOverwriteMainAccount,
|
||||
|
||||
$groupAdditionalSettings
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue