mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-13 03:27:39 +03:00
Resolve #1746
This commit is contained in:
parent
c14bbab945
commit
6b03820338
2 changed files with 11 additions and 4 deletions
|
|
@ -235,6 +235,7 @@ Warning: only enable when server does not do this, else double compression error
|
||||||
'admin_login' => array('admin', 'Login and password for web admin panel'),
|
'admin_login' => array('admin', 'Login and password for web admin panel'),
|
||||||
'admin_password' => array(''),
|
'admin_password' => array(''),
|
||||||
'admin_totp' => array(''),
|
'admin_totp' => array(''),
|
||||||
|
'insecure_cryptkey' => array(false, 'Use email address instead of login password for encrypting sensitive data (like account passwords)'),
|
||||||
|
|
||||||
'force_https' => array(false),
|
'force_https' => array(false),
|
||||||
'hide_x_mailer_header' => array(true),
|
'hide_x_mailer_header' => array(true),
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,10 @@ class MainAccount extends Account
|
||||||
if (!$sKey) {
|
if (!$sKey) {
|
||||||
throw new ClientException(Notifications::CryptKeyError);
|
throw new ClientException(Notifications::CryptKeyError);
|
||||||
}
|
}
|
||||||
$sKey = \SnappyMail\Crypt::EncryptToJSON($sKey, $this->IncPassword());
|
$sPass = \RainLoop\Api::Config()->Get('security', 'insecure_cryptkey', false)
|
||||||
|
? $this->Email()
|
||||||
|
: $this->ImapPass();
|
||||||
|
$sKey = \SnappyMail\Crypt::EncryptToJSON($sKey, $sPass);
|
||||||
if ($sKey) {
|
if ($sKey) {
|
||||||
$this->sCryptKey = null;
|
$this->sCryptKey = null;
|
||||||
if (\RainLoop\Api::Actions()->StorageProvider()->Put($this, StorageType::ROOT, '.cryptkey', $sKey)) {
|
if (\RainLoop\Api::Actions()->StorageProvider()->Put($this, StorageType::ROOT, '.cryptkey', $sKey)) {
|
||||||
|
|
@ -39,14 +42,17 @@ class MainAccount extends Account
|
||||||
// can use the old password to re-seal the cryptkey
|
// can use the old password to re-seal the cryptkey
|
||||||
$oStorage = \RainLoop\Api::Actions()->StorageProvider();
|
$oStorage = \RainLoop\Api::Actions()->StorageProvider();
|
||||||
$sKey = $oStorage->Get($this, StorageType::ROOT, '.cryptkey');
|
$sKey = $oStorage->Get($this, StorageType::ROOT, '.cryptkey');
|
||||||
|
$sPass = \RainLoop\Api::Config()->Get('security', 'insecure_cryptkey', false)
|
||||||
|
? $this->Email()
|
||||||
|
: $this->ImapPass();
|
||||||
if (!$sKey) {
|
if (!$sKey) {
|
||||||
$sKey = \SnappyMail\Crypt::EncryptToJSON(
|
$sKey = \SnappyMail\Crypt::EncryptToJSON(
|
||||||
\sha1($this->IncPassword() . APP_SALT),
|
\sha1($this->ImapPass() . APP_SALT),
|
||||||
$this->IncPassword()
|
$sPass
|
||||||
);
|
);
|
||||||
$oStorage->Put($this, StorageType::ROOT, '.cryptkey', $sKey);
|
$oStorage->Put($this, StorageType::ROOT, '.cryptkey', $sKey);
|
||||||
}
|
}
|
||||||
$sKey = \SnappyMail\Crypt::DecryptFromJSON($sKey, $this->IncPassword());
|
$sKey = \SnappyMail\Crypt::DecryptFromJSON($sKey, $sPass);
|
||||||
if (!$sKey) {
|
if (!$sKey) {
|
||||||
throw new ClientException(Notifications::CryptKeyError);
|
throw new ClientException(Notifications::CryptKeyError);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue