7x31/mailcow-dockerized
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Web] Auto-generated app passwords for Apple configuration profiles (#4316)

Browse Source 
* Auto-generated app passwords for Apple configuration profiles

* Change password modal: add warning about app passwords
This commit is contained in:
Michael Kuron
2021-11-14 20:09:39 +01:00
committed by GitHub
parent 618e00f302
commit 9bfb74bb1d
6 changed files with 63 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
data/web/mobileconfig.php
View File

@@ -8,6 +8,7 @@ if (!isset($_SESSION['mailcow_cc_role']) || $_SESSION['mailcow_cc_role'] != 'use
session_destroy();
// probably better than appending the whole current http query string
$append_get = (isset($_GET['only_email'])) ? '&only_email' : '';
$append_get .= (isset($_GET['app_password'])) ? '&app_password' : '';
header('Location: index.php?mobileconfig' . $append_get);
die();
}
@@ -38,6 +39,34 @@ if (isset($_GET['only_email'])) {
$onlyEmailAccount = false;
$description = 'IMAP, CalDAV, CardDAV';
}
if (isset($_GET['app_password'])) {
$app_password = true;
$description .= ' with application password';
if (strpos($_SERVER['HTTP_USER_AGENT'], 'iPad') !== FALSE)
$platform = 'iPad';
elseif (strpos($_SERVER['HTTP_USER_AGENT'], 'iPhone') !== FALSE)
$platform = 'iPhone';
elseif (strpos($_SERVER['HTTP_USER_AGENT'], 'Macintosh') !== FALSE)
$platform = 'Mac';
else
$platform = $_SERVER['HTTP_USER_AGENT'];
$password = bin2hex(openssl_random_pseudo_bytes(16));
$attr = array(
'app_name' => $platform,
'app_passwd' => $password,
'app_passwd2' => $password,
'active' => 1,
'protocols' => array('imap_access', 'smtp_access'),
);
if (!$onlyEmailAccount) {
$attr['protocols'][] = 'dav_access';
}
app_passwd("add", $attr);
} else {
$app_password = false;
}
echo '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
?>
@@ -65,6 +94,10 @@ echo '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
<true/>
<key>IncomingMailServerUsername</key>
<string><?=$email?></string>
<?php if($app_password === true): ?>
<key>IncomingPassword</key>
<string><?=$password?></string>
<?php endif; ?>
<key>OutgoingMailServerAuthentication</key>
<string>EmailAuthPassword</string>
<key>OutgoingMailServerHostName</key>