Commit Graph

237 Commits (dbbc40b327979e38f8c128e11231ec0c94ad3b50)

Author SHA1 Message Date
Sylvain Tissot ffb84283c2
Harden password reset process
The improvements are:

- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
7 years ago
David Goodwin 4b999b3f6b improve mysqli connection settings - see https://github.com/postfixadmin/postfixadmin/issues/73 7 years ago
Sylvain Tissot 9c9ba64a7f Allows a user or admin to reset his/her forgotten password with a code sent by email/SMS #18 7 years ago
Christian Boltz be5fafa9fb
changelog update etc. for 3.1 release 8 years ago
Christian Boltz 64f1593818
revert "support unicode domain names - see #47"
Unicode support is a much bigger can of worms (see the discussion in #47),
and having just a little part of unicode support in is a bad idea.

You can of course use the xn--whatever notation for unicode domains ;-)
8 years ago
David Goodwin a09a3fa3b0 support unicode domain names - see #47 8 years ago
Christian Boltz 88bd9bfd19
drop $db_conn parameter from escape_string()
Connection caching is now done in db_connect() which is a much better
place.

This reverts most of c253ef7dbd
8 years ago
Christian Schrötter 846dcb756c
Remove unnecessary code 8 years ago
Christian Schrötter e28f3f5959
Fix for mysqli_connect() 8 years ago
Christian Schrötter 2dea9fadd4
Remove whitespace 8 years ago
David Goodwin c253ef7dbd allow escape_string() to take a db connection as a parameter; should improve performance when there are a large number of things to escape 8 years ago
Christian Boltz 28703935b3 3.0.2 release
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1894 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Christian Boltz 16e1407621 db_where_clause(): allow NULL and NOTNULL searchmodes
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1878 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Christian Boltz bbec3e9f0e pacrypt(): allow switching between dovecot:* password schemes
Dovecot password hashes include a {SCHEME} prefix, so it's possible to
switch the scheme while still accepting passwords hashed using the
previous dovecot:* scheme.

This patch adds the code needed to find out the used hashing scheme
from the hash and ensures it gets used to validate the password.

Patch by Aaron Lindsay <aaron AT aclindsay com> (sent to the ML)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1875 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Christian Boltz 6eda18fcde prepare PostfixAdmin 3.0 release
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1861 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Christian Boltz 2a6247a6d9 db_connect(): drop unused variable $succes(s)
One of the variable names had a typo [1], and since those variables are
unused, the best way is to drop them.

[1] reported by tfarina, https://github.com/postfixadmin/postfixadmin/issues/15


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1858 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Christian Boltz 13cdd50d0a Add checks to login.php and cli to ensure database layout is up to date
- add check_db_version() to functions.inc.php
- add $min_db_version (needs to be updated at least before the release)
- call check_db_version in login.php, users/login.php and CLI - they'll
  error out if the database layout is outdated
- change setup.php to use check_db_version()



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1853 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz a00e8a811d functions.inc.php:
- check_domain(): someone had the great idea to allow punicode
  even in TLDs, so we better allow it.
  https://sourceforge.net/p/postfixadmin/feature-requests/93/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1839 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz a0151bd5a1 functions.inc.php:
- pacrypt(): don't stripslashes($pw) because this breaks passwords with
  backslashes. This stripslashes() existed since forever, but probably
  became harmful with all the rewrites in the last years.
  https://sourceforge.net/p/postfixadmin/bugs/349/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1838 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 9335232024 functions.inc.php:
- fix db_quota_text() for postgresql (concat() vs. ||)
  https://sourceforge.net/p/postfixadmin/bugs/370/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1834 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin d3ca74af0d merge github pull request into svn manually - 3e62d3975a - adding configurable smtp helo (CONF["smtp_client"])
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1832 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz b261db86c7 Merge pull request #9 from phyrog/master
Add sqlite backend option (thank you @phyrog for doing this)

(imported from github)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1824 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 129a65b8c5 functions.inc.php:
- gen_show_status(): escape mail addresses in query.
  Fixes https://sourceforge.net/p/postfixadmin/bugs/356/
  (mostly - the edit/delete/... links in list-virtual are double-escaped)
  In theory this could allow SQL injection, in practise the mail address
  regex limits this issue to a DOS (creating a mail address with ' caused
  an invalid query that broke list-virtual)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1809 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 9636fe9de3 3.0 beta3 (= 2.93) release - update $version and changelog
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1799 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 5307cfe48a functions.inc.php check_domain():
Measure time needed for the nameserver queries, and error_log a warning
if the queries need more than 2 seconds in total.

Inspired by a question from t-ask on IRC, who suffered from a slow
nameserver and had some "fun" to debug it ;-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1790 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 3a72203de4 AliasHandler:
- initStruct(): replace (wrong) 'editable' with '_can_edit' and '_can_delete'
- read_from_db_postprocess(): disable _can_edit and _can_delete for
  default aliases if special_alias_control is off and not superadmin

list.tpl:
- use $item._can_edit instead of $check_alias_owner

list-virtual.php:
- drop $check_alias_owner variable and check_alias_owner() call
  (replaced by the code added in AliasHandler)
- drop unused $sql_domain

functions.inc.php:
- delete no longer used check_alias_owner() function



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1774 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz cc598d0f3f PFAHandler:
- build_select_query(): add support for $search['_'] (searching if one
  of the $this->searchfields contains the search text)
- getList(): make sure '_' is kept in the search parameters

functions.inc.php:
- db_where_clause(): slightly relax checks - if $condition is empty,
  only error out if $additional_raw_where is also empty


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1772 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 5605561ca8 functions.inc.php:
- better formatting in db_quota_text() and db_quota_percent() results
  (for example, infinity sign instead of / 0 for unlimited)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1744 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 13f1a28b6e PFAHandler:
- read_from_db(), getList(): 
  - add $searchmode parameter (_before_ $limit and $offset!) to be able to 
    use query different query modes, not only "="
  - add a warning that $condition will be changed to array only in the future
- getList(): filter $condition for fields that are available to the user
  to avoid information leaks by using search parameters
  (filter is only applied if $condition is an array!)

functions.inc.php: 
- db_where_clause():
  - add $additional_raw_where parameter for additional query parameters
  - add $searchmode parameter to be able to use query different
    query modes, not only "=" (see $allowed_operators)
  - check for allowed operators in $searchmode
  - split query into WHERE and HAVING (if a parameter has
    $struct[select] set, HAVING is used)

list-virtual.php:
- adopt getList() call to the new syntax

AliasHandler:
- adopt getList() definition and call to the new syntax

 


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1731 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 786a7d665e functions.inc.php:
- pacol():
  - add $linkto parameter (if list mode should link to something)
  - replace $not_in_db with $multiopt - the remaining parameters can
    now be specified as associated array (backwards-compatible)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1719 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 9093a946b4 functions.inc.php:
- add functions db_quota_text() and db_quota_percent() to generate
  queries for used quota ("x/y" and percentage)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1712 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz e8b0198512 2.92 (aka 3.0 beta2) release
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1706 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz d3964f600e functions.inc.php
- db_get_boolean: error_log invalid values


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1672 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 0b116c1605 version 2.91 aka 3.0 beta1
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1670 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 8e04104b20 functions.inc.php:
- db_log():
  - replace $action_list with $LANG["pViewlog_action_$action"]
  - drop unused $table_log variable


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1658 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
David Goodwin b3074644ff alias can contain a ' - as in email.o'connor - need to therefore escape this...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1639 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz e7fe6e16ef functions.inc.php:
- check_domains(): raise TLD limit to 13 chars - even if I seriously
  doubt someone wants to use such a long TLD ;-)
  ( https://sourceforge.net/p/postfixadmin/bugs/310/ again)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1637 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 9bcc57cd88 functions.inc.php
- check_domain(): update regex for new, longer TLDs like .photography
  https://sourceforge.net/p/postfixadmin/bugs/310/
 


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1635 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 252ae047d5 various files:
- get rid of global $table_* variables, use table_by_key() instead



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1601 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 57f4ad0b75 functions.inc.php pacrypt():
- for 'system' encryption, use full hashed password as salt 
  https://sourceforge.net/p/postfixadmin/bugs/2/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1595 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 1a35cccf5e list-virtual.php:
- remember domain and page browser offset in $_SESSION
  (fixes 50% of http://sourceforge.net/p/postfixadmin/bugs/298/ )
- various cleanups

functions.inc.php:
- add safesession() (like safeget(), but for $_SESSION)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1593 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz c349420210 functions.inc.php
- db_query(): do not print out the failed query, error_log() it instead
  to avoid information leaks.
- update SF forum URL


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1592 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 20d1ffcafc functions.inc.php:
- new function db_pgsql() to replace lots of
  "if ($CONF[database_type] == 'pgsql')) checks
- delete unused function boolconf()

several files:
- use db_pgsql() instead of checking $CONF[database_type]



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1582 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 2bf5df92ea functions.inc.php, DomainHandler, MailboxHandler:
- move mailbox_postdeletion() to MailboxHandler
- move domain_postcreation() and domain_postdeletion() to
  DomainHandler
- adopt those functions for usage inside the *Handler (replace
  print with $this->errormsg etc.)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1579 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 6e2e132bac remove "postfixadmin.com" in comments in lots of files
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1558 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz d900835997 functions.inc.php:
- pacrypt(): fix dovecot:* to work with "old" passwords that don't have 
  the {method} prefix


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1554 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz b137e774f6 functions.inc.php:
- check_language(): remove things like ";q=0.8" before checking if 
  a language exists


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1547 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 4d9a338eb2 After hunting an "undefined index transport" error in list-domain, I
found out that the 'Config' class is too static - it shares its static
data with the 'Lang' child class. 

This caused a conflict because we have $CONF[transport] and 
$PALANG[transport], and Config::read('transport') returned the $PALANG 
text.

To fix this, all texts are now stored as $CONF[__LANG].
I also dropped the 'Lang' class.


model/Config.php:
- mark the 'Config' class as final to ensure we don't trap into the 
  "too static" problem again.
- bool(): display and log an error message if a $CONF option does not
  contain YES or NO (that would have uncovered this bug much earlier)
- add lang() and lang_f() wrapper functions to get $PALANG texts
- remove unused $__cache and $__objects

model/Lang.php:
- deleted

common.php:
- store $PALANG as $CONF[__LANG]

lots of files:
- replace Lang::read() and Lang::read_f() calls with Config::lang()
  and Config::lang_f()




git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1536 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz f2c2b554ac model/PFAHandler.php:
- getList: change return value to be always true (even if the database 
  result is an empty array), and die() if the database result is not an 
  array.
  This avoids some if blocks in various files to implement a fallback
  to array() on empty results.

functions.inc.php:
- list_admins(): simplify after the *Handler->getList() change
- get_domain_properties(): change a forgotten $handler->return to 
  $handler->result() (follow-up for r1534)

list-domain, list-virtual.php:
- simplify after the *Handler->getList() change



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1535 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 43f2591d93 functions.inc.php:
- smtp_get_admin_email(), domain_postcreation(), domain_postdeletion(): 
  use Config::read instead of $CONF
- smtp_get_response(): whitespace fixes



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1532 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago