From d76d103c76f5c4f97e004b740ec8c6c99d44638a Mon Sep 17 00:00:00 2001
From: "andre.peters" <andre.peters@servercow.de>
Date: Tue, 2 Jan 2018 10:24:48 +0100
Subject: [PATCH] [Web] Move DNS diagnostic to modal, some minor fixes

---
 data/web/css/mailbox.css                      | 10 +-
 .../ajax/dns_diagnostics.php}                 | 93 +++++++++++--------
 data/web/inc/functions.inc.php                |  8 +-
 data/web/js/mailbox.js                        | 30 ++++--
 data/web/modals/mailbox.php                   | 12 +++
 5 files changed, 101 insertions(+), 52 deletions(-)
 rename data/web/{diagnostics.php => inc/ajax/dns_diagnostics.php} (81%)

diff --git a/data/web/css/mailbox.css b/data/web/css/mailbox.css
index 5004cda1..44babe6a 100644
--- a/data/web/css/mailbox.css
+++ b/data/web/css/mailbox.css
@@ -34,4 +34,12 @@ table.footable>tbody>tr.footable-empty>td {
 }
 .inputMissingAttr {
   border-color: #FF4136;
-}
\ No newline at end of file
+}
+.dns-found {
+  max-width: 300px;
+  word-break: break-all;
+}
+.dns-recommended {
+  max-width: 150px;
+  word-break: break-all;
+}
diff --git a/data/web/diagnostics.php b/data/web/inc/ajax/dns_diagnostics.php
similarity index 81%
rename from data/web/diagnostics.php
rename to data/web/inc/ajax/dns_diagnostics.php
index b988747d..bd432726 100644
--- a/data/web/diagnostics.php
+++ b/data/web/inc/ajax/dns_diagnostics.php
@@ -1,14 +1,13 @@
 <?php
-require_once 'inc/prerequisites.inc.php';
-require_once 'inc/spf.inc.php';
+require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
+require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/spf.inc.php';
 
-define('state_good',  "&#10003;");
-define('state_missing',   "&#x2717;");
+define('state_good', '<span class="text-success">OK</span>');
+define('state_missing', "&#x2717;");
 define('state_nomatch', "?");
-define('state_optional', "(optional)");
+define('state_optional', " <sup>2</sup>");
 
 if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin") {
-require_once("inc/header.inc.php");
 
 $ch = curl_init('http://ip4.mailcow.email');
 curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
@@ -80,7 +79,7 @@ foreach ($domains as $domain) {
   $records[] = array('autoconfig.' . $domain, 'CNAME', $mailcow_hostname);
   $records[] = array($domain, 'TXT', '<a href="http://www.openspf.org/SPF_Record_Syntax" target="_blank">SPF Record Syntax</a>', state_optional);
   $records[] = array('_dmarc.' . $domain, 'TXT', '<a href="http://www.kitterman.com/dmarc/assistant.html" target="_blank">DMARC Assistant</a>', state_optional);
-  
+
   if (!empty($dkim = dkim('details', $domain))) {
     $records[] = array($dkim['dkim_selector'] . '._domainkey.' . $domain, 'TXT', $dkim['dkim_txt']);
   }
@@ -138,15 +137,11 @@ $data_field = array(
   'TXT' => 'txt',
 );
 ?>
-<div class="container">
-  <h3><?=$lang['diagnostics']['dns_records'];?></h3>
-  <p><?=$lang['diagnostics']['dns_records_24hours'];?></p>
   <div class="table-responsive" id="dnstable">
     <table class="table table-striped">
       <tr> <th><?=$lang['diagnostics']['dns_records_name'];?></th> <th><?=$lang['diagnostics']['dns_records_type'];?></th> <th><?=$lang['diagnostics']['dns_records_data'];?></th ><th><?=$lang['diagnostics']['dns_records_status'];?></th> </tr>
 <?php
-foreach ($records as $record)
-{
+foreach ($records as $record) {
   $record[1] = strtoupper($record[1]);
   $state = state_missing;
   if ($record[1] == 'TLSA') {
@@ -173,8 +168,15 @@ foreach ($records as $record)
       }
       unset($current);
     }
+    elseif ($record[1] == 'TXT') {
+      foreach ($currents as &$current) {
+        if ($current['host'] != $record[0]) {
+          $current['type'] = false;
+        }
+      }
+    }
   }
-  
+
   if ($record[1] == 'CNAME' && count($currents) == 0) {
     // A and AAAA are also valid instead of CNAME
     $a = dns_get_record($record[0], DNS_A);
@@ -182,44 +184,51 @@ foreach ($records as $record)
     if (count($a) > 0 && count($cname) > 0) {
       if ($a[0]['ip'] == $cname[0]['ip']) {
         $currents = array(array('host' => $record[0], 'class' => 'IN', 'type' => 'CNAME', 'target' => $record[2]));
-      
         $aaaa = dns_get_record($record[0], DNS_AAAA);
         $cname = dns_get_record($record[2], DNS_AAAA);
         if (count($aaaa) == 0 || count($cname) == 0 || $aaaa[0]['ipv6'] != $cname[0]['ipv6']) {
-          $currents[0]['target'] = $aaaa[0]['ipv6'];
+          $currents[0]['target'] = $aaaa[0]['ipv6'] . ' <sup>1</sup>';
         }
-      } else {
-        $currents = array(array('host' => $record[0], 'class' => 'IN', 'type' => 'CNAME', 'target' => $a[0]['ip']));
+      }
+      else {
+        $currents = array(array('host' => $record[0], 'class' => 'IN', 'type' => 'CNAME', 'target' => $a[0]['ip'] . ' <sup>1</sup>'));
       }
     }
   }
-  
+
   foreach ($currents as &$current) {
-    if ($current['type'] != $record[1])
-    {
+    if ($current['type'] != $record[1]) {
+      unset($current);
       continue;
     }
-    
-    elseif ($current['type'] == 'TXT' && strpos($current['txt'], 'v=DMARC1') === 0) {
-      $current['txt'] = str_replace(' ', '', $current['txt']);
-      $state = state_optional . '<br />' . $current[$data_field[$current['type']]];
+    elseif ($current['type'] == 'TXT' &&
+      stripos($current['txt'], 'v=dmarc') === 0 &&
+      stripos($current['host'], '_dmarc') === 0) {
+        $current['txt'] = str_replace(' ', '', $current['txt']);
+        $state = state_optional . '<br />' . $current[$data_field[$current['type']]];
     }
-    else if ($current['type'] == 'TXT' && strpos($current['txt'], 'v=spf1') === 0) {
-      $state = state_optional . '<br />' . $current[$data_field[$current['type']]];
+    elseif ($current['type'] == 'TXT' &&
+      stripos($current['host'], '_dmarc') !== 0 &&
+      stripos($current['txt'], 'v=spf') === 0) {
+        $state = state_optional . '<br />' . $current[$data_field[$current['type']]];
     }
-    else if ($current['type'] == 'TXT' && strpos($current['txt'], 'v=DKIM1') === 0) {
-      $current['txt'] = str_replace(' ', '', $current['txt']);
-      if ($current[$data_field[$current['type']]] == $record[2])
-        $state = state_good;
+    elseif ($current['type'] == 'TXT' &&
+      stripos($current['txt'], 'v=dkim') === 0) {
+        $current['txt'] = str_replace(' ', '', $current['txt']);
+        if ($current[$data_field[$current['type']]] == $record[2]) {
+          $state = state_good;
+        }
     }
-    else if ($current['type'] != 'TXT' && isset($data_field[$current['type']]) && $state != state_good) {
-      $state = state_nomatch;
-      if ($current[$data_field[$current['type']]] == $record[2])
-        $state = state_good;
+    elseif ($current['type'] != 'TXT' &&
+      isset($data_field[$current['type']]) && $state != state_good) {
+        $state = state_nomatch;
+        if ($current[$data_field[$current['type']]] == $record[2]) {
+          $state = state_good;
+        }
     }
   }
   unset($current);
-  
+
   if (isset($record[3]) && $record[3] == state_optional && ($state == state_missing || $state == state_nomatch)) {
     $state = state_optional;
   }
@@ -231,15 +240,21 @@ foreach ($records as $record)
     }
     $state = implode('<br />', $state);
   }
-
-  echo sprintf('<tr><td>%s</td><td>%s</td><td style="max-width: 300px; word-break: break-all">%s</td><td style="max-width: 150px; word-break: break-all">%s</td></tr>', $record[0], $record[1], $record[2], $state);
+  echo sprintf('<tr>
+    <td>%s</td>
+    <td>%s</td>
+    <td class="dns-found">%s</td>
+    <td class="dns-recommended">%s</td>
+  </tr>', $record[0], $record[1], $record[2], $state);
 }
 ?>
     </table>
 	</div>
-</div>
+  <p class="help-block">
+  <sup>1</sup> Found A/AAAA record instead of a CNAME. This is supported as long as the A records destination points to the correct resource.<br />
+  <sup>2</sup> This record is optional.
+  </p>
 <?php
-require_once("inc/footer.inc.php");
 } else {
   header('Location: index.php');
   exit();
diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php
index 16d524a6..20d82a92 100644
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -75,15 +75,15 @@ function generate_tlsa_digest($hostname, $port, $starttls = null) {
   }
   if (empty($starttls)) {
     $context = stream_context_create(array("ssl" => array("capture_peer_cert" => true, 'verify_peer' => false, 'allow_self_signed' => true)));
-    $stream = stream_socket_client('tls://' . $hostname . ':' . $port, $error_nr, $error_msg, 5, STREAM_CLIENT_CONNECT, $context);
-    // error_nr can be 0, so checking against error_msg
-    if ($error_msg) {
+    $stream = stream_socket_client('ssl://' . $hostname . ':' . $port, $error_nr, $error_msg, 5, STREAM_CLIENT_CONNECT, $context);
+    if (!$stream) {
+      $error_msg = isset($error_msg) ? $error_msg : '-';
       return $error_nr . ': ' . $error_msg;
     }
   }
   else {
     $stream = stream_socket_client('tcp://' . $hostname . ':' . $port, $error_nr, $error_msg, 5);
-    if ($error_msg) {
+    if (!$stream) {
       return $error_nr . ': ' . $error_msg;
     }
     $banner = fread($stream, 512 );
diff --git a/data/web/js/mailbox.js b/data/web/js/mailbox.js
index 39afe717..b8ee5548 100644
--- a/data/web/js/mailbox.js
+++ b/data/web/js/mailbox.js
@@ -55,6 +55,22 @@ $(document).ready(function() {
     });
   });
 
+  // Log modal
+  $('#dnsInfoModal').on('show.bs.modal', function(e) {
+    var domain = $(e.relatedTarget).data('domain');
+    $.ajax({
+      url: '/inc/ajax/dns_diagnostics.php',
+      data: { domain: domain },
+      dataType: 'text',
+      success: function(data){
+        $('.dns-modal-body').html(data);
+      },
+      error: function(xhr, status, error) {
+        $('.dns-modal-body').html(xhr.responseText);
+      }
+    });
+  });
+
   // Sieve data modal
   $('#sieveDataModal').on('show.bs.modal', function(e) {
     var sieveScript = $(e.relatedTarget).data('sieve-script');
@@ -154,7 +170,7 @@ jQuery(function($){
         {"name":"max_quota_for_mbox","title":lang.mailbox_quota,"breakpoints":"xs sm"},
         {"name":"backupmx","filterable": false,"style":{"maxWidth":"120px","width":"120px"},"title":lang.backup_mx,"breakpoints":"xs sm"},
         {"name":"active","filterable": false,"style":{"maxWidth":"80px","width":"80px"},"title":lang.active},
-        {"name":"action","filterable": false,"sortable": false,"style":{"text-align":"right","maxWidth":"180px","width":"180px"},"type":"html","title":lang.action,"breakpoints":"xs sm"}
+        {"name":"action","filterable": false,"sortable": false,"style":{"text-align":"right","maxWidth":"240px","width":"240px"},"type":"html","title":lang.action,"breakpoints":"xs sm"}
       ],
       "rows": $.ajax({
         dataType: 'json',
@@ -170,17 +186,15 @@ jQuery(function($){
             item.quota = item.quota_used_in_domain + "/" + item.max_quota_for_domain;
             item.max_quota_for_mbox = humanFileSize(item.max_quota_for_mbox);
             item.chkbox = '<input type="checkbox" data-id="domain" name="multi_select" value="' + item.domain_name + '" />';
+            item.action = '<div class="btn-group">';
             if (role == "admin") {
-              item.action = '<div class="btn-group">' +
-                '<a href="/edit.php?domain=' + encodeURI(item.domain_name) + '" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> ' + lang.edit + '</a>' +
-                '<a href="#" id="delete_selected" data-id="single-domain" data-api-url="delete/domain" data-item="' + encodeURI(item.domain_name) + '" class="btn btn-xs btn-danger"><span class="glyphicon glyphicon-trash"></span> ' + lang.remove + '</a>' +
-                '</div>';
+              item.action += '<a href="/edit.php?domain=' + encodeURI(item.domain_name) + '" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> ' + lang.edit + '</a>' +
+                '<a href="#" id="delete_selected" data-id="single-domain" data-api-url="delete/domain" data-item="' + encodeURI(item.domain_name) + '" class="btn btn-xs btn-danger"><span class="glyphicon glyphicon-trash"></span> ' + lang.remove + '</a>';
             }
             else {
-              item.action = '<div class="btn-group">' +
-                '<a href="/edit.php?domain=' + encodeURI(item.domain_name) + '" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> ' + lang.edit + '</a>' +
-                '</div>';
+              item.action += '<a href="/edit.php?domain=' + encodeURI(item.domain_name) + '" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> ' + lang.edit + '</a>';
             }
+            item.action += '<a href="#dnsInfoModal" class="btn btn-xs btn-info" data-toggle="modal" data-domain="' + encodeURI(item.domain_name) + '"><span class="glyphicon glyphicon-question-sign"></span> DNS</a></div>';
           });
         }
       }),
diff --git a/data/web/modals/mailbox.php b/data/web/modals/mailbox.php
index c60ddb45..aa1c00f5 100644
--- a/data/web/modals/mailbox.php
+++ b/data/web/modals/mailbox.php
@@ -584,3 +584,15 @@ if (!isset($_SESSION['mailcow_cc_role'])) {
     </div>
   </div>
 </div><!-- log modal -->
+<!-- DNS info modal -->
+<div class="modal fade" id="dnsInfoModal" tabindex="-1" role="dialog" aria-labelledby="dnsInfoModalLabel">
+  <div class="modal-dialog modal-lg" role="document">
+    <div class="modal-content">
+      <div class="modal-header"><h4 class="modal-title"><?=$lang['diagnostics']['dns_records'];?></h4></div>
+      <div class="modal-body">
+        <p><?=$lang['diagnostics']['dns_records_24hours'];?></p>
+        <div class="dns-modal-body"></div>
+      </div>
+    </div>
+  </div>
+</div><!-- DNS info modal -->
\ No newline at end of file