From f77c40a179bb89b463318c6dafe4823a5844a43f Mon Sep 17 00:00:00 2001 From: andryyy Date: Mon, 8 May 2017 15:41:05 +0200 Subject: [PATCH] Better log table, some MySQL to Redis migrations, API changes, other minor changes... --- data/web/inc/functions.inc.php | 169 +++++++++--------- .../owasp/csrf-protector-php/libs/config.php | 4 +- data/web/inc/prerequisites.inc.php | 18 +- data/web/inc/spf.inc.php | 23 ++- data/web/js/admin.js | 8 +- data/web/json_api.php | 4 +- data/web/user.php | 6 +- 7 files changed, 122 insertions(+), 110 deletions(-) diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php index ba970063..7d916a1e 100644 --- a/data/web/inc/functions.inc.php +++ b/data/web/inc/functions.inc.php @@ -1327,7 +1327,7 @@ function edit_delimiter_action($postarray) { // Array items // 'username' can be set, defaults to mailcow_cc_username global $lang; - global $pdo; + global $redis; if (isset($postarray['username']) && filter_var($postarray['username'], FILTER_VALIDATE_EMAIL)) { if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $postarray['username'])) { $_SESSION['return'] = array( @@ -1343,7 +1343,6 @@ function edit_delimiter_action($postarray) { else { $username = $_SESSION['mailcow_cc_username']; } - ($postarray['tagged_mail_handler'] == "subject") ? $wants_tagged_subject = '1' : $wants_tagged_subject = '0'; if (!filter_var($username, FILTER_VALIDATE_EMAIL)) { $_SESSION['return'] = array( 'type' => 'danger', @@ -1351,17 +1350,29 @@ function edit_delimiter_action($postarray) { ); return false; } - try { - $stmt = $pdo->prepare("UPDATE `mailbox` SET `wants_tagged_subject` = :wants_tagged_subject WHERE `username` = :username"); - $stmt->execute(array(':username' => $username, ':wants_tagged_subject' => $wants_tagged_subject)); - $SelectData = $stmt->fetch(PDO::FETCH_ASSOC); + if (isset($postarray['tagged_mail_handler']) && $postarray['tagged_mail_handler'] == "subject") { + try { + $redis->hSet('RCPT_WANTS_SUBJECT_TAG', $username, 1); + } + catch (RedisException $e) { + $_SESSION['return'] = array( + 'type' => 'danger', + 'msg' => 'Redis: '.$e + ); + return false; + } } - catch(PDOException $e) { - $_SESSION['return'] = array( - 'type' => 'danger', - 'msg' => 'MySQL: '.$e - ); - return false; + else { + try { + $redis->hDel('RCPT_WANTS_SUBJECT_TAG', $username); + } + catch (RedisException $e) { + $_SESSION['return'] = array( + 'type' => 'danger', + 'msg' => 'Redis: '.$e + ); + return false; + } } $_SESSION['return'] = array( 'type' => 'success', @@ -1372,7 +1383,7 @@ function edit_delimiter_action($postarray) { function get_delimiter_action($username = null) { // 'username' can be set, defaults to mailcow_cc_username global $lang; - global $pdo; + global $redis; $data = array(); if (isset($username) && filter_var($username, FILTER_VALIDATE_EMAIL)) { if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) { @@ -1383,18 +1394,20 @@ function get_delimiter_action($username = null) { $username = $_SESSION['mailcow_cc_username']; } try { - $stmt = $pdo->prepare("SELECT `wants_tagged_subject` FROM `mailbox` WHERE `username` = :username"); - $stmt->execute(array(':username' => $username)); - $data = $stmt->fetch(PDO::FETCH_ASSOC); + if ($redis->hGet('RCPT_WANTS_SUBJECT_TAG', $username)) { + return "subject"; + } + else { + return "subfolder"; + } } - catch(PDOException $e) { + catch (RedisException $e) { $_SESSION['return'] = array( 'type' => 'danger', - 'msg' => 'MySQL: '.$e + 'msg' => 'Redis: '.$e ); return false; } - return $data; } function user_get_alias_details($username) { global $lang; @@ -2413,12 +2426,30 @@ function dkim_add_key($postarray) { ), 1, -1) ); // Save public key and selector to redis - $redis->hSet('DKIM_PUB_KEYS', $domain, $pubKey); - $redis->hSet('DKIM_SELECTORS', $domain, $dkim_selector); + try { + $redis->hSet('DKIM_PUB_KEYS', $domain, $pubKey); + $redis->hSet('DKIM_SELECTORS', $domain, $dkim_selector); + } + catch (RedisException $e) { + $_SESSION['return'] = array( + 'type' => 'danger', + 'msg' => 'Redis: '.$e + ); + return false; + } // Export private key and save private key to redis openssl_pkey_export($keypair_ressource, $privKey); if (isset($privKey) && !empty($privKey)) { - $redis->hSet('DKIM_PRIV_KEYS', $dkim_selector . '.' . $domain, trim($privKey)); + try { + $redis->hSet('DKIM_PRIV_KEYS', $dkim_selector . '.' . $domain, trim($privKey)); + } + catch (RedisException $e) { + $_SESSION['return'] = array( + 'type' => 'danger', + 'msg' => 'Redis: '.$e + ); + return false; + } } $_SESSION['return'] = array( 'type' => 'success', @@ -2438,18 +2469,7 @@ function dkim_get_key_details($domain) { $data = array(); global $redis; if (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) { - $dkim_pubkey_file = escapeshellarg($GLOBALS["MC_DKIM_TXTS"]. "/" . $domain . "." . "dkim"); - if (file_exists(substr($dkim_pubkey_file, 1, -1))) { - $data['pubkey'] = file_get_contents($GLOBALS["MC_DKIM_TXTS"]. "/" . $domain . "." . "dkim"); - $data['length'] = (strlen($data['pubkey']) < 391) ? 1024 : 2048; - $data['dkim_txt'] = 'v=DKIM1;k=rsa;t=s;s=email;p=' . file_get_contents($GLOBALS["MC_DKIM_TXTS"]. "/" . $domain . "." . "dkim"); - $data['dkim_selector'] = 'dkim'; - // Migrate key to redis - $redis->hSet('DKIM_PRIV_KEYS', $data['dkim_selector'] . '.' . $domain, trim(file_get_contents($GLOBALS["MC_DKIM_KEYS"]. "/" . $domain . "." . "dkim"))); - $redis->hSet('DKIM_PUB_KEYS', $domain, $data['pubkey']); - $redis->hSet('DKIM_SELECTORS', $domain, 'dkim'); - } - elseif ($redis_dkim_key_data = $redis->hGet('DKIM_PUB_KEYS', $domain)) { + if ($redis_dkim_key_data = $redis->hGet('DKIM_PUB_KEYS', $domain)) { $data['pubkey'] = $redis_dkim_key_data; $data['length'] = (strlen($data['pubkey']) < 391) ? 1024 : 2048; $data['dkim_txt'] = 'v=DKIM1;k=rsa;t=s;s=email;p=' . $redis_dkim_key_data; @@ -2469,11 +2489,6 @@ function dkim_get_blind_keys() { return false; } $domains = array(); - $dnstxt_folder = scandir($GLOBALS["MC_DKIM_TXTS"]); - $dnstxt_files = array_diff($dnstxt_folder, array('.', '..')); - foreach($dnstxt_files as $file) { - $domains[] = substr($file, 0, -5); - } foreach ($redis->hKeys('DKIM_PUB_KEYS') as $redis_dkim_domain) { $domains[] = $redis_dkim_domain; } @@ -2491,13 +2506,6 @@ function dkim_delete_key($postarray) { ); return false; } - // if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) { - // $_SESSION['return'] = array( - // 'type' => 'danger', - // 'msg' => sprintf($lang['danger']['access_denied']) - // ); - // return false; - // } if (!is_valid_domain_name($domain)) { $_SESSION['return'] = array( 'type' => 'danger', @@ -2505,43 +2513,22 @@ function dkim_delete_key($postarray) { ); return false; } - foreach (array('DKIM_PUB_KEYS', 'DKIM_SELECTORS',) as $hash) { - if (!$redis->hDel($hash, $domain)) { - $_SESSION['return'] = array( - 'type' => 'danger', - 'msg' => sprintf($lang['danger']['dkim_remove_failed']) - ); - return false; + try { + foreach ($redis->hGetAll('DKIM_PRIV_KEYS') as $key => $value) { + if (preg_match('/\.' . $domain . '$/i', $key)) { + $redis->hDel('DKIM_PUB_KEYS', $key); + } } + $redis->hDel('DKIM_PUB_KEYS', $domain); + $redis->hDel('DKIM_SELECTORS', $domain); + $redis->hDel('DKIM_PRIV_KEYS', $domain); } - if (!empty($key_details = dkim_get_key_details($domain))) { - if (!$redis->hDel($hash . $key_details['dkim_selector'], $domain)) { - $_SESSION['return'] = array( - 'type' => 'danger', - 'msg' => sprintf($lang['danger']['dkim_remove_failed']) - ); - return false; - } - } - - $redis->hDel('DKIM_PUB_KEYS', $domain); - $redis->hDel('DKIM_PRIV_KEYS', $domain); - $redis->hDel('DKIM_SELECTORS', $domain); - exec('rm -f ' . escapeshellarg($GLOBALS['MC_DKIM_TXTS'] . '/' . $domain . '.dkim'), $out, $return); - if ($return != "0") { - $_SESSION['return'] = array( - 'type' => 'danger', - 'msg' => sprintf($lang['danger']['dkim_remove_failed']) - ); - return false; - } - exec('rm -f ' . escapeshellarg($GLOBALS['MC_DKIM_KEYS'] . '/' . $domain . '.dkim'), $out, $return); - if ($return != "0") { - $_SESSION['return'] = array( - 'type' => 'danger', - 'msg' => sprintf($lang['danger']['dkim_remove_failed']) - ); - return false; + catch (RedisException $e) { + $_SESSION['return'] = array( + 'type' => 'danger', + 'msg' => 'Redis: '.$e + ); + return false; } $_SESSION['return'] = array( 'type' => 'success', @@ -2654,6 +2641,16 @@ function mailbox_add_domain($postarray) { ':active' => $active, ':relay_all_recipients' => $relay_all_recipients )); + try { + $redis->hSet('DOMAIN_MAP', $domain, 1); + } + catch (RedisException $e) { + $_SESSION['return'] = array( + 'type' => 'danger', + 'msg' => 'Redis: '.$e + ); + return false; + } $_SESSION['return'] = array( 'type' => 'success', 'msg' => sprintf($lang['success']['domain_added'], htmlspecialchars($domain)) @@ -4646,6 +4643,16 @@ function mailbox_delete_domain($postarray) { ); return false; } + try { + $redis->hDel('DOMAIN_MAP', $domain); + } + catch (RedisException $e) { + $_SESSION['return'] = array( + 'type' => 'danger', + 'msg' => 'Redis: '.$e + ); + return false; + } $_SESSION['return'] = array( 'type' => 'success', 'msg' => sprintf($lang['success']['domain_removed'], htmlspecialchars($domain)) diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php index cf2512e9..b9833d64 100755 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php +++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php @@ -42,8 +42,6 @@ return array( "jsUrl" => get_trusted_hostname(), "tokenLength" => 10, "secureCookie" => false, - "disabledJavascriptMessage" => "This site attempts to protect users against - Cross-Site Request Forgeries attacks. In order to do so, you must have JavaScript enabled in your web browser otherwise this site will fail to work correctly for you. - See details of your web browser for how to enable JavaScript.", + "disabledJavascriptMessage" => "", "verifyGetFor" => array() ); \ No newline at end of file diff --git a/data/web/inc/prerequisites.inc.php b/data/web/inc/prerequisites.inc.php index 6b9126fe..3961aa00 100644 --- a/data/web/inc/prerequisites.inc.php +++ b/data/web/inc/prerequisites.inc.php @@ -1,16 +1,16 @@ getMessage() !== 'dns_get_record(): A temporary server error occurred.') { + throw $e; + } + $mx_records = false; + } return $hosts; } diff --git a/data/web/js/admin.js b/data/web/js/admin.js index db3b8bae..42cc6e34 100644 --- a/data/web/js/admin.js +++ b/data/web/js/admin.js @@ -4,7 +4,7 @@ $(document).ready(function() { url: '/api/v1/get/domain-admin/all', jsonp: false, error: function () { - alert('Cannot draw domain administrator table'); + console.log('Cannot draw domain admin table'); }, success: function (data) { $.each(data, function (i, item) { @@ -53,7 +53,7 @@ $(document).ready(function() { url: '/api/v1/get/logs/dovecot/1000', jsonp: false, error: function () { - alert('Cannot draw dovecot log table'); + console.log('Cannot draw dovecot log table'); }, success: function (data) { $.each(data, function (i, item) { @@ -109,7 +109,7 @@ $(document).ready(function() { url: '/api/v1/get/logs/postfix/1000', jsonp: false, error: function () { - alert('Cannot draw postfix log table'); + console.log('Cannot draw postfix log table'); }, success: function (data) { $.each(data, function (i, item) { @@ -128,7 +128,7 @@ $(document).ready(function() { }); ft_postfix_logs = FooTable.init("#postfix_log", { "columns": [ - {"name":"time","formatter":function unix_time_format(tm) {var date = new Date(tm ? tm * 1000 : 0); return date.toLocaleString();},"title":lang.time,"style":{"width":"170px"}}, + {"name":"time","formatter":function unix_time_format(tm) { var date = new Date(tm ? tm * 1000 : 0); return date.toLocaleString();},"title":lang.time,"style":{"width":"170px"}}, {"name":"priority","title":lang.priority,"style":{"width":"80px"}}, {"name":"message","title":lang.message}, ], diff --git a/data/web/json_api.php b/data/web/json_api.php index ba6ff70c..7ac78b53 100644 --- a/data/web/json_api.php +++ b/data/web/json_api.php @@ -61,7 +61,7 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u case "logs": switch ($object) { case "dovecot": - if (isset($extra) && !empty($extra) && is_int($extra)) { + if (isset($extra) && !empty($extra)) { $extra = intval($extra); $logs = get_logs('dovecot-mailcow', $extra); } @@ -77,7 +77,7 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u break; case "postfix": - if (isset($extra) && !empty($extra) && is_int($extra)) { + if (isset($extra) && !empty($extra)) { $extra = intval($extra); $logs = get_logs('postfix-mailcow', $extra); } diff --git a/data/web/user.php b/data/web/user.php index eaf35923..ec25dc94 100644 --- a/data/web/user.php +++ b/data/web/user.php @@ -125,14 +125,14 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
- +
: