Prepare for custom SMTP credentials for #859 #458 #431 #233

This commit is contained in:
the-djmaze 2023-01-17 10:28:19 +01:00
parent 038e093e68
commit 61899ce092
7 changed files with 63 additions and 49 deletions

View file

@ -682,8 +682,6 @@ class Actions
$aResult = \array_merge($aResult, [
'Auth' => true,
'Email' => \MailSo\Base\Utils::IdnToUtf8($oAccount->Email()),
'IncLogin' => $oAccount->IncLogin(),
'OutLogin' => $oAccount->OutLogin(),
'AccountHash' => $oAccount->Hash(),
'AccountSignMe' => isset($_COOKIE[self::AUTH_SIGN_ME_TOKEN_KEY]),
'MainEmail' => \MailSo\Base\Utils::IdnToUtf8($this->getMainAccountFromToken()->Email()),
@ -1103,7 +1101,7 @@ class Actions
if (!$this->MailClient()->IsLoggined()) {
try {
$oAccount->ImapConnectAndLoginHelper($this->oPlugins, $this->MailClient()->ImapClient(), $this->oConfig);
$oAccount->ImapConnectAndLogin($this->oPlugins, $this->MailClient()->ImapClient(), $this->oConfig);
} catch (\MailSo\Net\Exceptions\ConnectionException $oException) {
throw new Exceptions\ClientException(Notifications::ConnectionError, $oException);
} catch (\Throwable $oException) {

View file

@ -202,8 +202,6 @@ trait Accounts
if ($this->switchAccount(\trim($this->GetActionParam('Email', '')))) {
$oAccount = $this->getAccountFromToken();
$aResult['Email'] = $oAccount->Email();
$aResult['IncLogin'] = $oAccount->IncLogin();
$aResult['OutLogin'] = $oAccount->OutLogin();
$aResult['AccountHash'] = $oAccount->Hash();
$aResult['MainEmail'] = ($oAccount instanceof AdditionalAccount)
? $oAccount->ParentEmail() : '';

View file

@ -780,7 +780,7 @@ trait Messages
$oSmtpClient->SetLogger($this->Logger());
$bUsePhpMail = false;
$oAccount->SmtpConnectAndLoginHelper($this->Plugins(), $oSmtpClient, $this->Config(), $bUsePhpMail);
$oAccount->SmtpConnectAndLogin($this->Plugins(), $oSmtpClient, $this->Config(), $bUsePhpMail);
if ($bUsePhpMail) {
if (\MailSo\Base\Utils::FunctionCallable('mail')) {

View file

@ -450,7 +450,7 @@ trait UserAuth
if (!$oImapClient) {
$oImapClient = $this->MailClient()->ImapClient();
}
$oAccount->ImapConnectAndLoginHelper($this->Plugins(), $oImapClient, $this->Config());
$oAccount->ImapConnectAndLogin($this->Plugins(), $oImapClient, $this->Config());
} catch (ClientException $oException) {
throw $oException;
} catch (\MailSo\Net\Exceptions\ConnectionException $oException) {

View file

@ -16,6 +16,10 @@ abstract class Account implements \JsonSerializable
private string $sPassword = '';
private string $sSmtpLogin = '';
private string $sSmtpPassword = '';
private string $sProxyAuthUser = '';
private string $sProxyAuthPassword = '';
@ -32,16 +36,6 @@ abstract class Account implements \JsonSerializable
return $this->sName;
}
public function ProxyAuthUser() : string
{
return $this->sProxyAuthUser;
}
public function ProxyAuthPassword() : string
{
return $this->sProxyAuthPassword;
}
public function IncLogin() : string
{
return $this->oDomain->IncShortLogin()
@ -56,23 +50,8 @@ abstract class Account implements \JsonSerializable
public function OutLogin() : string
{
return $this->oDomain->OutShortLogin()
? \MailSo\Base\Utils::GetAccountNameFromEmail($this->sLogin)
: $this->sLogin;
}
// Deprecated
public function Login() : string
{
\trigger_error('Use \RainLoop\Model\Account->IncLogin()', \E_USER_DEPRECATED);
return $this->IncLogin();
}
// Deprecated
public function Password() : string
{
\trigger_error('Use \RainLoop\Model\Account->IncPassword()', \E_USER_DEPRECATED);
return $this->IncPassword();
$sSmtpLogin = $this->sSmtpLogin ?: $this->sLogin;
return $this->oDomain->OutShortLogin() ? \MailSo\Base\Utils::GetAccountNameFromEmail($sSmtpLogin) : $sSmtpLogin;
}
public function Domain() : Domain
@ -95,6 +74,11 @@ abstract class Account implements \JsonSerializable
$this->sPassword = $sPassword;
}
public function SetSmtpPassword(string $sPassword) : void
{
$this->sSmtpLogin = $sPassword;
}
public function SetProxyAuthUser(string $sProxyAuthUser) : void
{
$this->sProxyAuthUser = $sProxyAuthUser;
@ -116,6 +100,12 @@ abstract class Account implements \JsonSerializable
// '', // 4 sClientCert
'name' => $this->sName
];
if ($this->sSmtpLogin && $this->sSmtpPassword) {
$result['smtp'] = [
'user' => $this->sSmtpLogin,
'pass' => $this->sSmtpPassword
];
}
if ($this->sProxyAuthUser && $this->sProxyAuthPassword) {
$result['proxy'] = [
'user' => $this->sProxyAuthUser, // 5
@ -200,19 +190,25 @@ abstract class Account implements \JsonSerializable
if (isset($aAccountHash['name'])) {
$oAccount->sName = $aAccountHash['name'];
}
$oActions->Logger()->AddSecret($oAccount->sPassword);
// init smtp user/password
if (isset($aAccountHash['smtp'])) {
$oAccount->sSmtpLogin = $aAccountHash['smtp']['user'];
$oAccount->sSmtpPassword = $aAccountHash['smtp']['pass'];
$oActions->Logger()->AddSecret($oAccount->sSmtpPassword);
}
// init proxy user/password
if (isset($aAccountHash['proxy'])) {
$oAccount->sProxyAuthUser = $aAccountHash['proxy']['user'];
$oAccount->sProxyAuthPassword = $aAccountHash['proxy']['pass'];
$oActions->Logger()->AddSecret($oAccount->sProxyAuthPassword);
}
$oActions->Logger()->AddSecret($oAccount->IncPassword());
$oActions->Logger()->AddSecret($oAccount->ProxyAuthPassword());
}
}
return $oAccount;
}
public function ImapConnectAndLoginHelper(\RainLoop\Plugins\Manager $oPlugins, \MailSo\Imap\ImapClient $oImapClient, \RainLoop\Config\Application $oConfig) : bool
public function ImapConnectAndLogin(\RainLoop\Plugins\Manager $oPlugins, \MailSo\Imap\ImapClient $oImapClient, \RainLoop\Config\Application $oConfig) : bool
{
$oSettings = $this->Domain()->ImapSettings();
$oSettings->timeout = \max($oSettings->timeout, (int) $oConfig->Get('imap', 'timeout', $oSettings->timeout));
@ -231,10 +227,11 @@ abstract class Account implements \JsonSerializable
$oImapClient->Connect($oSettings);
$oPlugins->RunHook('imap.after-connect', array($this, $oImapClient, $oSettings));
$oSettings->Password = $this->IncPassword();
return $this->netClientLogin($oImapClient, $oPlugins, $oSettings);
}
public function SmtpConnectAndLoginHelper(\RainLoop\Plugins\Manager $oPlugins, \MailSo\Smtp\SmtpClient $oSmtpClient, \RainLoop\Config\Application $oConfig, bool &$bUsePhpMail = false) : bool
public function SmtpConnectAndLogin(\RainLoop\Plugins\Manager $oPlugins, \MailSo\Smtp\SmtpClient $oSmtpClient, \RainLoop\Config\Application $oConfig, bool &$bUsePhpMail = false) : bool
{
$oSettings = $this->Domain()->SmtpSettings();
$oSettings->Login = $this->OutLogin();
@ -249,11 +246,16 @@ abstract class Account implements \JsonSerializable
$oSmtpClient->Connect($oSettings, $oSettings->Ehlo);
}
$oPlugins->RunHook('smtp.after-connect', array($this, $oSmtpClient, $oSettings));
/*
if ($this->oDomain->OutAskCredentials() && !($this->sSmtpPassword && $this->sSmtpLogin)) {
throw new RequireCredentialsException
}
*/
$oSettings->Password = $this->sSmtpPassword ?: $this->sPassword;
return $this->netClientLogin($oSmtpClient, $oPlugins, $oSettings);
}
public function SieveConnectAndLoginHelper(\RainLoop\Plugins\Manager $oPlugins, \MailSo\Sieve\SieveClient $oSieveClient, \RainLoop\Config\Application $oConfig)
public function SieveConnectAndLogin(\RainLoop\Plugins\Manager $oPlugins, \MailSo\Sieve\SieveClient $oSieveClient, \RainLoop\Config\Application $oConfig)
{
$oSettings = $this->Domain()->SieveSettings();
$oSettings->Login = $this->IncLogin();
@ -262,6 +264,7 @@ abstract class Account implements \JsonSerializable
$oSieveClient->Connect($oSettings);
$oPlugins->RunHook('sieve.after-connect', array($this, $oSieveClient, $oSettings));
$oSettings->Password = $this->IncPassword();
return $this->netClientLogin($oSieveClient, $oPlugins, $oSettings);
}
@ -276,9 +279,8 @@ abstract class Account implements \JsonSerializable
[cipher_version] => TLSv1.3
)
*/
$oSettings->Password = $this->IncPassword();
$oSettings->ProxyAuthUser = $this->ProxyAuthUser();
$oSettings->ProxyAuthPassword = $this->ProxyAuthPassword();
$oSettings->ProxyAuthUser = $this->sProxyAuthUser;
$oSettings->ProxyAuthPassword = $this->sProxyAuthPassword;
$client_name = \strtolower($oClient->getLogName());

View file

@ -32,7 +32,10 @@ class AdditionalAccount extends Account
$sHash = $oMainAccount->CryptKey();
$aData = $this->jsonSerialize();
$aData['pass'] = \SnappyMail\Crypt::EncryptUrlSafe($aData['pass'], $sHash); // sPassword
if (isset($aAccountHash['proxy'])) {
if (!empty($aData['smtp']['pass'])) {
$aData['smtp']['pass'] = \SnappyMail\Crypt::EncryptUrlSafe($aData['smtp']['pass'], $sHash);
}
if (!empty($aData['proxy']['pass'])) {
$aData['proxy']['pass'] = \SnappyMail\Crypt::EncryptUrlSafe($aData['proxy']['pass'], $sHash); // sProxyAuthPassword
}
$aData['hmac'] = \hash_hmac('sha1', $aData['pass'], $sHash);
@ -49,10 +52,23 @@ class AdditionalAccount extends Account
$sHash = $oActions->getMainAccountFromToken()->CryptKey();
// hmac only set when asTokenArray() was used
$sPasswordHMAC = $aAccountHash['hmac'] ?? null;
if ($sPasswordHMAC && $sPasswordHMAC === \hash_hmac('sha1', $aAccountHash['pass'], $sHash)) {
$aAccountHash['pass'] = \SnappyMail\Crypt::DecryptUrlSafe($aAccountHash['pass'], $sHash);
if (isset($aAccountHash['proxy'])) {
$aAccountHash['proxy']['pass'] = \SnappyMail\Crypt::DecryptUrlSafe($aAccountHash['proxy']['pass'], $sHash);
if ($sPasswordHMAC) {
if ($sPasswordHMAC === \hash_hmac('sha1', $aAccountHash['pass'], $sHash)) {
$aAccountHash['pass'] = \SnappyMail\Crypt::DecryptUrlSafe($aAccountHash['pass'], $sHash);
if (!empty($aData['smtp']['pass'])) {
$aAccountHash['smtp']['pass'] = \SnappyMail\Crypt::DecryptUrlSafe($aAccountHash['smtp']['pass'], $sHash);
}
if (!empty($aData['proxy']['pass'])) {
$aAccountHash['proxy']['pass'] = \SnappyMail\Crypt::DecryptUrlSafe($aAccountHash['proxy']['pass'], $sHash);
}
} else {
$aAccountHash['pass'] = '';
if (!empty($aData['smtp']['pass'])) {
$aAccountHash['smtp']['pass'] = '';
}
if (!empty($aData['proxy']['pass'])) {
$aAccountHash['proxy']['pass'] = '';
}
}
}
return parent::NewInstanceFromTokenArray($oActions, $aAccountHash, $bThrowExceptionOnFalse);

View file

@ -33,7 +33,7 @@ class SieveStorage implements FiltersInterface
{
$oSieveClient = new \MailSo\Sieve\SieveClient();
$oSieveClient->SetLogger($this->oLogger);
return $oAccount->SieveConnectAndLoginHelper($this->oPlugins, $oSieveClient, $this->oConfig)
return $oAccount->SieveConnectAndLogin($this->oPlugins, $oSieveClient, $this->oConfig)
? $oSieveClient
: null;
}