[Web] Cleanup Rspamd, other fixes
This commit is contained in:
parent
0a593bfe7b
commit
8d05d4a51d
@ -1059,12 +1059,12 @@ function fido2($_data) {
|
|||||||
$_SESSION['mailcow_cc_role'] != "admin") {
|
$_SESSION['mailcow_cc_role'] != "admin") {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$stmt = $pdo->prepare("SELECT SHA2(`credentialId`, 256) AS `cid`, `certificateSubject`, `friendlyName` FROM `fido2` WHERE `username` = :username");
|
$stmt = $pdo->prepare("SELECT SHA2(`credentialId`, 256) AS `cid`, `created`, `certificateSubject`, `friendlyName` FROM `fido2` WHERE `username` = :username");
|
||||||
$stmt->execute(array(':username' => $username));
|
$stmt->execute(array(':username' => $username));
|
||||||
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||||
while($row = array_shift($rows)) {
|
while($row = array_shift($rows)) {
|
||||||
$fns[] = array(
|
$fns[] = array(
|
||||||
"subject" => $row['certificateSubject'],
|
"subject" => (empty($row['certificateSubject']) ? 'Unknown (' . $row['created'] . ')' : $row['certificateSubject']),
|
||||||
"fn" => $row['friendlyName'],
|
"fn" => $row['friendlyName'],
|
||||||
"cid" => $row['cid']
|
"cid" => $row['cid']
|
||||||
);
|
);
|
||||||
|
@ -24,7 +24,6 @@ function rsettings($_action, $_data = null) {
|
|||||||
);
|
);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
try {
|
|
||||||
$stmt = $pdo->prepare("INSERT INTO `settingsmap` (`content`, `desc`, `active`)
|
$stmt = $pdo->prepare("INSERT INTO `settingsmap` (`content`, `desc`, `active`)
|
||||||
VALUES (:content, :desc, :active)");
|
VALUES (:content, :desc, :active)");
|
||||||
$stmt->execute(array(
|
$stmt->execute(array(
|
||||||
@ -32,15 +31,6 @@ function rsettings($_action, $_data = null) {
|
|||||||
':desc' => $desc,
|
':desc' => $desc,
|
||||||
':active' => $active
|
':active' => $active
|
||||||
));
|
));
|
||||||
}
|
|
||||||
catch (PDOException $e) {
|
|
||||||
$_SESSION['return'][] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
|
||||||
'msg' => array('mysql_error', $e)
|
|
||||||
);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$_SESSION['return'][] = array(
|
$_SESSION['return'][] = array(
|
||||||
'type' => 'success',
|
'type' => 'success',
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
'log' => array(__FUNCTION__, $_action, $_data_log),
|
||||||
@ -73,7 +63,6 @@ function rsettings($_action, $_data = null) {
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
$content = trim($content);
|
$content = trim($content);
|
||||||
try {
|
|
||||||
$stmt = $pdo->prepare("UPDATE `settingsmap` SET
|
$stmt = $pdo->prepare("UPDATE `settingsmap` SET
|
||||||
`content` = :content,
|
`content` = :content,
|
||||||
`desc` = :desc,
|
`desc` = :desc,
|
||||||
@ -85,15 +74,6 @@ function rsettings($_action, $_data = null) {
|
|||||||
':active' => $active,
|
':active' => $active,
|
||||||
':id' => $id
|
':id' => $id
|
||||||
));
|
));
|
||||||
}
|
|
||||||
catch (PDOException $e) {
|
|
||||||
$_SESSION['return'][] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
|
||||||
'msg' => array('mysql_error', $e)
|
|
||||||
);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
$_SESSION['return'][] = array(
|
$_SESSION['return'][] = array(
|
||||||
'type' => 'success',
|
'type' => 'success',
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
'log' => array(__FUNCTION__, $_action, $_data_log),
|
||||||
@ -112,18 +92,8 @@ function rsettings($_action, $_data = null) {
|
|||||||
}
|
}
|
||||||
$ids = (array)$_data['id'];
|
$ids = (array)$_data['id'];
|
||||||
foreach ($ids as $id) {
|
foreach ($ids as $id) {
|
||||||
try {
|
|
||||||
$stmt = $pdo->prepare("DELETE FROM `settingsmap` WHERE `id`= :id");
|
$stmt = $pdo->prepare("DELETE FROM `settingsmap` WHERE `id`= :id");
|
||||||
$stmt->execute(array(':id' => $id));
|
$stmt->execute(array(':id' => $id));
|
||||||
}
|
|
||||||
catch (PDOException $e) {
|
|
||||||
$_SESSION['return'][] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
|
||||||
'msg' => array('mysql_error', $e)
|
|
||||||
);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$_SESSION['return'][] = array(
|
$_SESSION['return'][] = array(
|
||||||
'type' => 'success',
|
'type' => 'success',
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
'log' => array(__FUNCTION__, $_action, $_data_log),
|
||||||
@ -157,55 +127,12 @@ function rsettings($_action, $_data = null) {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
function rspamd($_action, $_data = null) {
|
function rspamd_maps($_action, $_data = null) {
|
||||||
global $pdo;
|
global $pdo;
|
||||||
global $lang;
|
global $lang;
|
||||||
global $RSPAMD_MAPS;
|
global $RSPAMD_MAPS;
|
||||||
$_data_log = $_data;
|
$_data_log = $_data;
|
||||||
switch ($_action) {
|
switch ($_action) {
|
||||||
case 'add':
|
|
||||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
|
||||||
$_SESSION['return'][] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
|
||||||
'msg' => 'access_denied'
|
|
||||||
);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$content = $_data['content'];
|
|
||||||
$desc = $_data['desc'];
|
|
||||||
$active = intval($_data['active']);
|
|
||||||
if (empty($content)) {
|
|
||||||
$_SESSION['return'][] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
|
||||||
'msg' => 'map_content_empty'
|
|
||||||
);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
try {
|
|
||||||
$stmt = $pdo->prepare("INSERT INTO `settingsmap` (`content`, `desc`, `active`)
|
|
||||||
VALUES (:content, :desc, :active)");
|
|
||||||
$stmt->execute(array(
|
|
||||||
':content' => $content,
|
|
||||||
':desc' => $desc,
|
|
||||||
':active' => $active
|
|
||||||
));
|
|
||||||
}
|
|
||||||
catch (PDOException $e) {
|
|
||||||
$_SESSION['return'][] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
|
||||||
'msg' => array('mysql_error', $e)
|
|
||||||
);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$_SESSION['return'][] = array(
|
|
||||||
'type' => 'success',
|
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
|
||||||
'msg' => 'settings_map_added'
|
|
||||||
);
|
|
||||||
break;
|
|
||||||
case 'edit':
|
case 'edit':
|
||||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
||||||
$_SESSION['return'][] = array(
|
$_SESSION['return'][] = array(
|
||||||
@ -255,59 +182,30 @@ function rspamd($_action, $_data = null) {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'delete':
|
}
|
||||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
}
|
||||||
$_SESSION['return'][] = array(
|
function rspamd_actions() {
|
||||||
'type' => 'danger',
|
if (isset($_SESSION["mailcow_cc_role"]) && $_SESSION["mailcow_cc_role"] == "admin") {
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
$curl = curl_init();
|
||||||
'msg' => 'access_denied'
|
curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/var/lib/rspamd/rspamd.sock');
|
||||||
);
|
curl_setopt($curl, CURLOPT_URL,"http://rspamd/stat");
|
||||||
return false;
|
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
|
||||||
}
|
$data = curl_exec($curl);
|
||||||
$ids = (array)$_data['id'];
|
if ($data) {
|
||||||
foreach ($ids as $id) {
|
$return = array();
|
||||||
try {
|
$stats_array = json_decode($data, true)['actions'];
|
||||||
$stmt = $pdo->prepare("DELETE FROM `settingsmap` WHERE `id`= :id");
|
$stats_array['soft reject'] = $stats_array['soft reject'] + $stats_array['greylist'];
|
||||||
$stmt->execute(array(':id' => $id));
|
unset($stats_array['greylist']);
|
||||||
}
|
foreach ($stats_array as $action => $count) {
|
||||||
catch (PDOException $e) {
|
$return[] = array($action, $count);
|
||||||
$_SESSION['return'][] = array(
|
}
|
||||||
'type' => 'danger',
|
return $return;
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
}
|
||||||
'msg' => array('mysql_error', $e)
|
else {
|
||||||
);
|
return false;
|
||||||
return false;
|
}
|
||||||
}
|
}
|
||||||
$_SESSION['return'][] = array(
|
else {
|
||||||
'type' => 'success',
|
return false;
|
||||||
'log' => array(__FUNCTION__, $_action, $_data_log),
|
|
||||||
'msg' => array('settings_map_removed', htmlspecialchars($id))
|
|
||||||
);
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
case 'get':
|
|
||||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$settingsmaps = array();
|
|
||||||
$stmt = $pdo->query("SELECT `id`, `desc`, `active` FROM `settingsmap`");
|
|
||||||
$settingsmaps = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
||||||
return $settingsmaps;
|
|
||||||
break;
|
|
||||||
case 'details':
|
|
||||||
if ($_SESSION['mailcow_cc_role'] != "admin" || !isset($_data)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$settingsmapdata = array();
|
|
||||||
$stmt = $pdo->prepare("SELECT `id`,
|
|
||||||
`desc`,
|
|
||||||
`content`,
|
|
||||||
`active`
|
|
||||||
FROM `settingsmap`
|
|
||||||
WHERE `id` = :id");
|
|
||||||
$stmt->execute(array(':id' => $_data));
|
|
||||||
$settingsmapdata = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
||||||
return $settingsmapdata;
|
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
11
data/web/inc/lib/WebAuthn/rootCertificates/nitro.pem
Normal file
11
data/web/inc/lib/WebAuthn/rootCertificates/nitro.pem
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIBmjCCAT8CFBZiBJbp2fT/LaRJ8Xwl9qhX62boMAoGCCqGSM49BAMCME4xCzAJ
|
||||||
|
BgNVBAYTAkRFMRYwFAYDVQQKDA1OaXRyb2tleSBHbWJIMRAwDgYDVQQLDAdSb290
|
||||||
|
IENBMRUwEwYDVQQDDAxuaXRyb2tleS5jb20wIBcNMTkxMjA0MDczNTM1WhgPMjA2
|
||||||
|
OTExMjEwNzM1MzVaME4xCzAJBgNVBAYTAkRFMRYwFAYDVQQKDA1OaXRyb2tleSBH
|
||||||
|
bWJIMRAwDgYDVQQLDAdSb290IENBMRUwEwYDVQQDDAxuaXRyb2tleS5jb20wWTAT
|
||||||
|
BgcqhkjOPQIBBggqhkjOPQMBBwNCAAQy6KIN2gXqaSMWdWir/Hnx58NBzjthYdNv
|
||||||
|
k95hdt7jCpyW2cHqLdQ5Sqcvo0CuordgDOach0ZGB60w9GZY8SHJMAoGCCqGSM49
|
||||||
|
BAMCA0kAMEYCIQDLmdy2G2mM4rZKjl6CVfjV7khilIS5D3xRQzubeqzQNAIhAKIG
|
||||||
|
X29SfiB6K9k6Hb3q+q7bRn1o1dhV1cj592YYnu1/
|
||||||
|
-----END CERTIFICATE-----
|
@ -60,6 +60,7 @@ $formats = $GLOBALS['FIDO2_FORMATS'];
|
|||||||
$WebAuthn = new \WebAuthn\WebAuthn('WebAuthn Library', $_SERVER['HTTP_HOST'], $formats);
|
$WebAuthn = new \WebAuthn\WebAuthn('WebAuthn Library', $_SERVER['HTTP_HOST'], $formats);
|
||||||
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/solo.pem');
|
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/solo.pem');
|
||||||
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/apple.pem');
|
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/apple.pem');
|
||||||
|
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/nitro.pem');
|
||||||
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/yubico.pem');
|
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/yubico.pem');
|
||||||
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/hypersecu.pem');
|
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/hypersecu.pem');
|
||||||
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/globalSign.pem');
|
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/globalSign.pem');
|
||||||
|
@ -401,27 +401,16 @@ if (isset($_GET['query'])) {
|
|||||||
return;
|
return;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (!isset($_SESSION['pending_mailcow_cc_username'])) {
|
if (isset($_SESSION['mailcow_cc_role'])) {
|
||||||
switch ($category) {
|
switch ($category) {
|
||||||
case "rspamd":
|
case "rspamd":
|
||||||
switch ($object) {
|
switch ($object) {
|
||||||
case "actions":
|
case "actions":
|
||||||
$curl = curl_init();
|
$data = rspamd_actions();
|
||||||
curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/var/lib/rspamd/rspamd.sock');
|
|
||||||
curl_setopt($curl, CURLOPT_URL,"http://rspamd/stat");
|
|
||||||
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
|
|
||||||
$data = curl_exec($curl);
|
|
||||||
if ($data) {
|
if ($data) {
|
||||||
$return = array();
|
echo json_encode($data, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT);
|
||||||
$stats_array = json_decode($data, true)['actions'];
|
|
||||||
$stats_array['soft reject'] = $stats_array['soft reject'] + $stats_array['greylist'];
|
|
||||||
unset($stats_array['greylist']);
|
|
||||||
foreach ($stats_array as $action => $count) {
|
|
||||||
$return[] = array($action, $count);
|
|
||||||
}
|
}
|
||||||
echo json_encode($return, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT);
|
else {
|
||||||
}
|
|
||||||
elseif (!isset($data) || empty($data)) {
|
|
||||||
echo '{}';
|
echo '{}';
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
@ -1295,6 +1284,7 @@ if (isset($_GET['query'])) {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case "status":
|
case "status":
|
||||||
|
if ($_SESSION['mailcow_cc_role'] == "admin") {
|
||||||
switch ($object) {
|
switch ($object) {
|
||||||
case "containers":
|
case "containers":
|
||||||
$containers = (docker('info'));
|
$containers = (docker('info'));
|
||||||
@ -1343,6 +1333,7 @@ if (isset($_GET['query'])) {
|
|||||||
));
|
));
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
break;
|
break;
|
||||||
// return no route found if no case is matched
|
// return no route found if no case is matched
|
||||||
|
@ -419,6 +419,7 @@
|
|||||||
"targetd_relay_domain": "Ziel-Domain %s ist eine Relay-Domain",
|
"targetd_relay_domain": "Ziel-Domain %s ist eine Relay-Domain",
|
||||||
"temp_error": "Temporärer Fehler",
|
"temp_error": "Temporärer Fehler",
|
||||||
"text_empty": "Text darf nicht leer sein",
|
"text_empty": "Text darf nicht leer sein",
|
||||||
|
"tfa_token_invalid": "TFA Token ungültig",
|
||||||
"tls_policy_map_dest_invalid": "Ziel ist ungültig",
|
"tls_policy_map_dest_invalid": "Ziel ist ungültig",
|
||||||
"tls_policy_map_entry_exists": "Eine TLS-Richtlinie \"%s\" existiert bereits",
|
"tls_policy_map_entry_exists": "Eine TLS-Richtlinie \"%s\" existiert bereits",
|
||||||
"tls_policy_map_parameter_invalid": "Parameter ist ungültig",
|
"tls_policy_map_parameter_invalid": "Parameter ist ungültig",
|
||||||
|
@ -419,6 +419,7 @@
|
|||||||
"targetd_relay_domain": "Target domain %s is a relay domain",
|
"targetd_relay_domain": "Target domain %s is a relay domain",
|
||||||
"temp_error": "Temporary error",
|
"temp_error": "Temporary error",
|
||||||
"text_empty": "Text must not be empty",
|
"text_empty": "Text must not be empty",
|
||||||
|
"tfa_token_invalid": "TFA Token ungültig",
|
||||||
"tls_policy_map_dest_invalid": "Policy destination is invalid",
|
"tls_policy_map_dest_invalid": "Policy destination is invalid",
|
||||||
"tls_policy_map_entry_exists": "A TLS policy map entry \"%s\" exists",
|
"tls_policy_map_entry_exists": "A TLS policy map entry \"%s\" exists",
|
||||||
"tls_policy_map_parameter_invalid": "Policy parameter is invalid",
|
"tls_policy_map_parameter_invalid": "Policy parameter is invalid",
|
||||||
@ -904,6 +905,7 @@
|
|||||||
"set_tfa": "Set two-factor authentication method",
|
"set_tfa": "Set two-factor authentication method",
|
||||||
"start_u2f_validation": "Start validation",
|
"start_u2f_validation": "Start validation",
|
||||||
"tfa": "Two-factor authentication",
|
"tfa": "Two-factor authentication",
|
||||||
|
"tfa_token_invalid": "TFA Token ungültig",
|
||||||
"totp": "Time-based OTP (Google Authenticator, Authy, etc.)",
|
"totp": "Time-based OTP (Google Authenticator, Authy, etc.)",
|
||||||
"u2f": "U2F authentication",
|
"u2f": "U2F authentication",
|
||||||
"waiting_usb_auth": "<i>Waiting for USB device...</i><br><br>Please tap the button on your USB device now.",
|
"waiting_usb_auth": "<i>Waiting for USB device...</i><br><br>Please tap the button on your USB device now.",
|
||||||
|
Loading…
Reference in New Issue
Block a user