diff --git a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php index cd2937b22..4ee4fb635 100644 --- a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php +++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php @@ -323,18 +323,20 @@ trait UserAuth { $sSignMeToken = Utils::GetCookie(self::AUTH_SIGN_ME_TOKEN_KEY); if ($sSignMeToken) { + \SnappyMail\Log::notice(self::AUTH_SIGN_ME_TOKEN_KEY, 'decrypt'); $aResult = \SnappyMail\Crypt::DecryptUrlSafe($sSignMeToken); if (isset($aResult['e'], $aResult['u']) && \SnappyMail\UUID::isValid($aResult['u'])) { return $aResult; } \SnappyMail\Log::notice(self::AUTH_SIGN_ME_TOKEN_KEY, 'invalid'); + Utils::ClearCookie(self::AUTH_SIGN_ME_TOKEN_KEY); } return null; } private function SetSignMeToken(MainAccount $oAccount): void { -// $this->ClearSignMeData(); + $this->ClearSignMeData(); $uuid = \SnappyMail\UUID::generate(); $data = \SnappyMail\Crypt::Encrypt($oAccount); Utils::SetCookie( diff --git a/snappymail/v/0.0.0/app/libraries/RainLoop/Utils.php b/snappymail/v/0.0.0/app/libraries/RainLoop/Utils.php index 3492cfb0e..2279082c8 100644 --- a/snappymail/v/0.0.0/app/libraries/RainLoop/Utils.php +++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Utils.php @@ -144,6 +144,12 @@ class Utils */ if (\strlen($sValue)) { $_COOKIE[$sName] = $sValue; + } else { + if (!isset($_COOKIE[$sName])) { + return; + } + unset($_COOKIE[$sName]); + $iExpire = \time() - 3600 * 24 * 30; } // Cookie "$sName" has been rejected because it is already expired. @@ -203,23 +209,14 @@ class Utils $aSplit = \explode('~', $sCookieName); if (isset($aSplit[1]) && $aSplit[0] == $sName && $aSplit[1] > $i) { \SnappyMail\Log::debug('COOKIE', "unset {$sCookieName}"); - unset($_COOKIE[$sCookieName]); - static::_SetCookie($sCookieName, '', \time() - 3600 * 24 * 30); + static::_SetCookie($sCookieName, '', 0); } } } public static function ClearCookie(string $sName) { - if (isset($_COOKIE[$sName])) { - $sPath = static::$CookieDefaultPath; - foreach (\array_keys($_COOKIE) as $sCookieName) { - if (\strtok($sCookieName, '~') === $sName) { - unset($_COOKIE[$sCookieName]); - static::_SetCookie($sCookieName, '', \time() - 3600 * 24 * 30); - } - } - } + static::_SetCookie($sName, '', 0); } public static function UrlEncode(string $sV, bool $bEncode = false) : string diff --git a/snappymail/v/0.0.0/app/libraries/snappymail/crypt.php b/snappymail/v/0.0.0/app/libraries/snappymail/crypt.php index 12f221d6a..03028acb1 100644 --- a/snappymail/v/0.0.0/app/libraries/snappymail/crypt.php +++ b/snappymail/v/0.0.0/app/libraries/snappymail/crypt.php @@ -119,7 +119,7 @@ abstract class Crypt return ['xxtea', $salt, static::XxteaEncrypt($data, $salt, $key)]; /* if (static::{"{$result[0]}Decrypt"}($result[2], $result[1], $key) !== $data) { - throw new \Exception('Encrypt/Decrypt mismatch'); + throw new \RuntimeException('Encrypt/Decrypt mismatch'); } */ } @@ -159,7 +159,7 @@ abstract class Crypt \str_pad('', \SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES, static::Passphrase($key)) ); if (!$result) { - throw new \Exception('Sodium encryption failed'); + throw new \RuntimeException('Sodium encryption failed'); } return $result; } @@ -173,7 +173,7 @@ abstract class Crypt throw new \Exception('openssl_decrypt not callable'); } if (!static::$cipher) { - throw new \Exception('openssl $cipher not set'); + throw new \RuntimeException('openssl $cipher not set'); } Log::debug('Crypt', 'openssl_decrypt() with cipher ' . static::$cipher); return \openssl_decrypt( @@ -194,7 +194,7 @@ abstract class Crypt throw new \Exception('openssl_encrypt not callable'); } if (!static::$cipher) { - throw new \Exception('openssl $cipher not set'); + throw new \RuntimeException('openssl $cipher not set'); } Log::debug('Crypt', 'openssl_encrypt() with cipher ' . static::$cipher); $result = \openssl_encrypt( @@ -205,7 +205,7 @@ abstract class Crypt $iv ); if (!$result) { - throw new \Exception('OpenSSL encryption with ' . static::$cipher . ' failed'); + throw new \RuntimeException('OpenSSL encryption with ' . static::$cipher . ' failed'); } return $result; } @@ -231,7 +231,7 @@ abstract class Crypt ? \xxtea_encrypt($data, $key) : \MailSo\Base\Xxtea::encrypt($data, $key); if (!$result) { - throw new \Exception('Xxtea encryption failed'); + throw new \RuntimeException('Xxtea encryption failed'); } return $result; }