Commit Graph

894 Commits

Author SHA1 Message Date
FreddleSpl0it
37b4ff811d [BS5] add theme selector 2022-06-14 16:31:21 +02:00
FreddleSpl0it
7384aab2f4 [BS5] fix minor issues 2022-06-14 15:52:59 +02:00
FreddleSpl0it
71db83efce hotfix imapsync 2022-06-13 12:46:39 +02:00
andryyy
7ae7f25580 [Web] Re-use DKIM key if available 2022-06-11 11:42:36 +02:00
DerLinkman
c27ad97287 [DB] Remove pipemes from custom_params 2022-05-20 09:44:11 +02:00
DerLinkman
b1658c0f83 [IMAPSYNC] Hardened pipemess exploit prevention (pipemes) 2022-05-20 09:30:42 +02:00
DerLinkman
97df5c3b9c [DB] Update DB Version to remove pipemess parameters 2022-05-19 15:42:13 +02:00
DerLinkman
33e5ad2b5c [Imapsync] Case sensitive PIPEMESS removal 2022-05-19 14:41:21 +02:00
milkmaker
07ac195fea
Translations update from Weblate (#4591)
* [Web] Updated lang.ru.json [CI SKIP]

Co-authored-by: DRago_Angel <alekseev.dmitriy.92@gmail.com>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

* [Web] Updated lang.uk.json [CI SKIP]

[Web] Updated lang.uk.json [CI SKIP]

[Web] Added lang.uk.json [CI SKIP]

Co-authored-by: OGudzik <olegrpg@gmail.com>
Co-authored-by: Oleksii Kruhlenko <a.kruglenko@gmail.com>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

* [Web] Updated lang.it.json [CI SKIP]

Co-authored-by: Stefano <stefano.vassena@gmail.com>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

* Add Ukrainian language code in vars.inc.php

Co-authored-by: DRago_Angel <alekseev.dmitriy.92@gmail.com>
Co-authored-by: OGudzik <olegrpg@gmail.com>
Co-authored-by: Oleksii Kruhlenko <a.kruglenko@gmail.com>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: Stefano <stefano.vassena@gmail.com>
2022-05-18 18:20:03 +02:00
Niklas Meyer
3029a2d33d
Change DB Date to newer Date than staging 2022-05-17 15:26:01 +02:00
Niklas Meyer
fa0d2a959d
Merge branch 'feature/tfa-flow' into selection-tfa 2022-05-17 15:23:10 +02:00
FreddleSpl0it
f40e682800
[Web] domain/mailbox tagging check for empty tags 2022-05-06 07:42:45 +02:00
FreddleSpl0it
549ff7d100
Add Domain and Mailbox tagging (#4569)
* [Web] define tag tables

* [Web] add mailbox tag functions

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* Include new tags lang in language.en.json

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

* [Web] add domain/mailbox tagging

Co-authored-by: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com>
2022-05-05 08:25:01 +02:00
FreddleSpl0it
051d08b499
[BS5] bug fixes 2022-03-31 20:16:44 +02:00
FreddleSpl0it
1d8da117d6
[BS5] change bootstrap navbar 2022-03-30 08:39:38 +02:00
FreddleSpl0it
635fa795d2
[BS5] move init frontend block 2022-03-30 07:55:52 +02:00
FreddleSpl0it
c1792df819
[BS5] include dependencies 2022-03-30 07:54:07 +02:00
Niklas Meyer
06f380a17a [DB] Removed empty space behind c_value 2022-03-22 19:47:53 +01:00
Niklas Meyer
67882414e1 [DB] Update DB Version to 22032022_1330
For SOGo 5.5.1 and newer
2022-03-22 19:47:53 +01:00
Niklas Meyer
2b149fb8ea [DB] Update schema for longer passwords in sogo 2022-03-22 19:47:53 +01:00
FreddleSpl0it
6d3798ad08
[Web] fix yubi otp 2022-03-19 20:18:31 +01:00
FreddleSpl0it
70921b8d15
[Web] tfa extra debugging 2022-03-18 08:45:02 +01:00
FreddleSpl0it
b185f83fc3
[Web] tfa extra debugging 2022-03-18 08:37:22 +01:00
FreddleSpl0it
e7fe52a625
[Web] increase mysql publicKey field length 2022-03-14 10:31:59 +01:00
FreddleSpl0it
49c506eed9
[Web] multiple tfa - user support 2022-03-14 10:31:59 +01:00
FreddleSpl0it
21fadf6df2
[Web] multiple tfa - domainadmin support 2022-03-14 10:31:58 +01:00
FreddleSpl0it
5fcccbc97d
[Web] add verify selected tfa 2022-03-14 10:31:56 +01:00
FreddleSpl0it
3ef2b6cfa2
[Web] add verify selected tfa 2022-03-14 10:31:51 +01:00
andryyy
b820096656 [Web] Delete related spam aliases when deleting alias domain 2022-03-14 08:35:21 +01:00
andryyy
98bc947d00 [Web] Update composer libs
- Removing symfony/deprecation-contracts (v2.4.0)
  - Upgrading ddeboer/imap (1.12.1 => 1.13.1)
  - Upgrading directorytree/ldaprecord (v2.6.3 => v2.10.1)
  - Upgrading illuminate/contracts (v8.53.1 => v9.3.0)
  - Upgrading nesbot/carbon (2.51.1 => 2.57.0)
  - Upgrading phpmailer/phpmailer (v6.5.0 => v6.6.0)
  - Upgrading psr/container (1.1.1 => 2.0.2)
  - Upgrading psr/log (1.1.4 => 3.0.0)
  - Upgrading psr/simple-cache (1.0.1 => 2.0.0)
  - Upgrading robthree/twofactorauth (1.8.0 => 1.8.1)
  - Upgrading symfony/polyfill-ctype (v1.23.0 => v1.24.0)
  - Upgrading symfony/polyfill-mbstring (v1.23.1 => v1.24.0)
  - Upgrading symfony/polyfill-php80 (v1.23.1 => v1.24.0)
  - Upgrading symfony/translation (v5.3.4 => v6.0.5)
  - Upgrading symfony/translation-contracts (v2.4.0 => v3.0.0)
  - Upgrading symfony/var-dumper (v5.3.6 => v6.0.5)
  - Upgrading tightenco/collect (v8.34.0 => v8.83.2)
  - Upgrading twig/twig (v3.3.2 => v3.3.8)
2022-03-02 20:08:44 +01:00
Niklas Meyer
89fdd1986d
Jan(moo)uary Update 2022 - Revision A (2022-01a) (#4445)
* [API] Fix minor issue in api docs

* [GH-Actions][stale] Add neverstale label to exempt list

* [Web] add github version tag

* [Web] add github version tag error handling

* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions

Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.

* [Web] add github version tag - adjust css

* [Compose] Update SOGo Autoreply Schedule to 5m

Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber

Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436

* [Web] add github version tag - move twig globals

* [Web] add github version tag - missing </div>

* Passwordless SOGo auth: improvements for when accessing other users

* [WebAuthn] fido2 passwordless auth - fix (#4440)

* [WebAuthn] fido2 revert

* [WebAuthn] set UV flags to 'discouraged'

* [WebAuthn] revert - set UV flags to 'discouraged'

Co-authored-by: ntimo <git@nowitzki.me>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: FreddleSpl0it <patschul@posteo.de>
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com>
2022-02-01 15:26:48 +01:00
El-Virus
ea1a412749
Fix missing "lbuchs", after resolving last conflict
It seems that when solving the conflict in my pr when the latest staging branch was merged to master, I accidentally deleted "lbuchs", I added it back
2022-01-21 15:46:44 +01:00
El-Virus
db82327d9a
Merge branch 'staging' into master 2022-01-21 15:40:37 +01:00
Niklas Meyer
355ea71877
Merge pull request #4428 from FreddleSpl0it/master
Migrating from U2F to WebAuthn for 2FA
2022-01-21 12:19:25 +01:00
FreddleSpl0it
af1b90fa18
[WebAuthn] rename env var 2022-01-20 14:37:20 +01:00
FreddleSpl0it
7df2bb28f8
[WebAuthn] disable rootCA default 2022-01-19 21:35:21 +01:00
FreddleSpl0it
0f464658cc
[WebAuthn] disable webauthn rootca by mailcow.conf 2022-01-19 19:10:43 +01:00
FreddleSpl0it
5712192bcb
[WebAuthn] fix error on android 2022-01-18 11:40:06 +01:00
FreddleSpl0it
0e4ddacf92
[WebAuthn] cleanup 2022-01-18 10:23:32 +01:00
FreddleSpl0it
8316e763fa
[WebAuthn] remove old u2f functions 2022-01-18 10:14:18 +01:00
FreddleSpl0it
a849d03a00
[WebAuthn] show user deprecated warning 2022-01-18 10:14:18 +01:00
FreddlePat
68abd6a535 migrating from u2f-api.js to webauthn 2022-01-12 21:57:21 +01:00
FreddlePat
be4af41e64 migrating from u2f-api.js to webauthn 2022-01-12 21:26:42 +01:00
FreddlePat
d1d134038f migrating from u2f-api.js to webauthn 2022-01-12 21:09:18 +01:00
El-Virus
ea1a02bd7d
Fix "The operation is insecure." when trying to register fido2 device.
navigator.credentials.create(); Doesn't accept a port in the "id" parameter. So, when trying to register a fido2 device via WebAuthn throws: "The operation is insecure." on firefox and "The relying party ID is not a registrable domain suffix of, nor equal to the current domain." on Chrome or Edge.
This commit replaces `$_SERVER['HTTP_HOST']` with `$_SERVER['SERVER_NAME']` when initializing `$WebAuthn` which excludes the port to formulate correct requests.
Now Mailcow allows the registration of fido2 devices when running in a non-standard port(eg. 443).
2021-12-26 17:11:06 +01:00
andryyy
e4d23b7887
[Web] Add default sieve accessq 2021-12-07 13:56:56 +01:00
Kristian Feldsam
08f8eeb2e6 [web] fixed html in alerts
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-11-28 22:49:18 +01:00
André Peters
f4319a0e20
Revert "Add app-passwd list (#4281) (#4311)" (#4318)
This reverts commit 8dad04e0e6.
2021-11-11 13:48:47 +01:00
Felix
8dad04e0e6
Add app-passwd list (#4281) (#4311)
* Add list option for app passwords

* Add app-passwd option to OpenAPI documentation
2021-11-11 13:45:04 +01:00
andryyy
116c7919e3
[Web] Add missing sieve permission 2021-10-31 08:46:54 +01:00
jkellerer
9946bb3427
[Web] Display app password name in last login (#4304) 2021-10-30 16:51:26 +02:00
andryyy
f0aae22f77
[Dovecot, Web] Fix remaining issues of app password enhancements from #4296 2021-10-30 14:34:33 +02:00
andryyy
644b1f85d1
[Dovecot, Web] Allow SOGo access with app password when imap is disabled; Add sieve to mailbox protocol access restrictions 2021-10-30 08:03:41 +02:00
andryyy
51c8d43223
[Web] Fix array 2021-10-29 07:33:44 +02:00
andryyy
15ce95e78d
[Web, Dovecot] Add sieve and pop3 to protocol access for app passwords 2021-10-29 06:15:10 +02:00
andryyy
514340b2a7
[Web] Minor fix 2021-10-28 22:05:28 +02:00
andryyy
e13bc242a4
[Web, Dovecot] Allow to define scope of services for app passwords 2021-10-28 21:57:19 +02:00
andryyy
f01de1a5c0
[Web] Disable SSO button when admin login is disabled, fixes #4297 2021-10-27 13:42:45 +02:00
Jürgen Kellerer
d38c371253
Removed toggle ALLOW_APP_PASSWORDS_IN_EAS 2021-10-27 09:39:34 +02:00
Jürgen Kellerer
2ac5294d55
Supporting app-passwds in cal/carddav & ActiveSync 2021-10-24 17:29:35 +02:00
andryyy
8769a91388
[Web] Allow multiple TOTP 2021-10-23 17:14:43 +02:00
Kristian Feldsam
974100400b [Web] fixed totp var in twig
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-10-21 09:06:13 +02:00
Kristian Feldsam
a7612e6c39 [web] alerts - fixed double quotes and escaped html
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-10-16 15:24:27 +02:00
Kristian Feldsam
40b5ed4d72 [web] fix annoucements and notifications close #4292
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-10-15 17:21:47 +02:00
andryyy
3c9b84ff6f [Compose] Update PHP and netfilter images 2021-10-15 13:06:48 +02:00
Kristian Feldsam
0b64967ec5
[web] implemented twig templating system (#4264)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-09-22 20:47:10 +02:00
andryyy
4d5ebafc1a
[Web] Fix password issue on first login when adding new admin 2021-09-06 11:46:09 +02:00
Kristian Feldsam
0d53df3a4d
[Web] PHP8 fix, fixes #4259 (#4261)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-09-02 19:30:14 +02:00
andryyy
e616755072
[Web] Fix app password editing, fixes #4239 2021-09-01 18:11:00 +02:00
Kristian Feldsam
c1dcb529f3
[Web] Add DKIM key when adding a domain or alias domain (#4254)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-09-01 16:51:10 +02:00
Kristian Feldsam
54c4d7e49c
[Dovecot: Imapsync] Parse, save and show last run status (#4253)
* [imapsync] - check for errors in returned_text

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>

* [imapsync] parse and save exit status

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>

* [dovecot] updated image version

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-09-01 16:29:11 +02:00
Kristian Feldsam
e3b58c6b80
[Web] Fido2 support for M1 Macs with Touch ID (#4255)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-09-01 16:28:37 +02:00
andryyy
50c90badb0
[Web] Cast all DNS check results to arrays 2021-08-21 15:47:17 +02:00
andryyy
913e9cbb11
[Web] Fix transport validation 2021-08-17 22:07:06 +02:00
andryyy
d6eb21f7a6
[Web] Fix some empty responses in alert box 2021-08-15 20:19:28 +02:00
andryyy
2dfcfd16d0
[Web] Fix DKIM import 2021-08-14 07:31:52 +02:00
andryyy
c925951bca
[Web] Fix wrong autoconfig port 2021-08-10 09:06:42 +02:00
André Peters
639e751678
Revert "[Web] Fix broken autoconfig ports, fixes #4221 (#4223)" (#4226)
This reverts commit 9afea99189.
2021-08-10 09:05:01 +02:00
Kristian Feldsam
9afea99189
[Web] Fix broken autoconfig ports, fixes #4221 (#4223)
Refactored to use function, moved another function

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-08-10 02:08:04 +02:00
andryyy
c13c521699
[Web] Fix broken autoconfig ports, fixes #4221 2021-08-09 21:35:19 +02:00
andryyy
2cd0b56b14
[Web] Various PHP 8 fixes, partly fixes #4219 2021-08-09 08:28:22 +02:00
andryyy
cf8fdae277
[Web] Some minor fixes and improvements for PHP 8 2021-08-08 16:06:55 +02:00
Kristian Feldsam
96e055e226
[Web] Customized apps name in header (#4201)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-08-01 18:00:14 +02:00
Ashus
b1e89fae37
[Web] Added vnd.dovecot.execute/filter/pipe sieve validator support (fixes #2026) (#4204)
Signed-off-by: Ashus <github.com@ashus.net>
2021-08-01 17:59:20 +02:00
andryyy
fcbd4e762d
[Web] Set default relayhost to 0 when adding a mailbox; add missing lang strings 2021-07-29 14:37:33 +02:00
andryyy
773383cacd
[Web] Fix BCC toggling active when changing the type, thanks for @feldsam 2021-07-24 19:05:06 +02:00
Kristian Feldsam
f6ca438cf4
[Web] Various i18n strings updated or added (#4196)
Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-07-24 18:51:19 +02:00
Shea Ramage
08dfc0220e
[Web] Remove redundant password hash checks (#4180)
Co-authored-by: Thomas Ramage <tramage@eucmail.com>
2021-07-09 09:54:35 +02:00
Kristian Feldsam
f73ac284e5
[Web] Improve responsive design (#4171)
Complete styling for mobile devices

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-07-09 08:21:09 +02:00
Kristian Feldsam
9c6995c82d
[web] dns diag spf record syntax link updated (#4175)
Added old one on new domain name

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
2021-07-07 06:40:37 +02:00
andryyy
fa9327a279
[Rspamd, Web] Update Rspamd settings preset to include BCC as enabled module 2021-07-05 16:25:43 +02:00
andryyy
78084c5e7b
[Web] Log only latest datetime of a unique datetime, service and ip combination 2021-07-01 06:44:37 +02:00
andryyy
7178db8ae1 Merge branch 'master' of github.com:mailcow/mailcow-dockerized 2021-06-30 10:24:13 +02:00
andryyy
8b08d09ca2
[Web] Remove XMPP options
[Web] Add Rspamd preset #4
[Web] Do not show failed SASL logins (and also remove them from db)
2021-06-30 10:13:29 +02:00
prey87
f767a27859
added ip address to $f2b_options['perm_bans'] and $f2b_options['active_bans'] to fail2ban.inc (#4152)
added link to bgp.he.net/ip/ in admin fail2ban overview
2021-06-28 07:07:29 +02:00
andryyy
5035e5bb42
[Web] Update composer deps 2021-06-23 08:05:09 +02:00
andryyy
d156a93a84
[Web] Various fixes; Allow users to login with FIDO2, SOGo SSO is a wip 2021-06-22 07:17:55 +02:00
andryyy
9773d3549e
[Web] Fix password policy for mailbox user; minor Solr status fix 2021-06-17 07:07:48 +02:00
andryyy
05c85b4140
[Web] Fix alias verification 2021-06-09 11:03:48 +02:00
andryyy
47b57df3a2
[Web] Show users last PW change, allow to select n days for last logins 2021-06-09 07:19:57 +02:00