7x31/mailcow-dockerized
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Various fixes, update u2flib

Browse Source
This commit is contained in:
andryyy
2017-05-09 23:25:23 +02:00
parent 4cb8596ff0
commit f582f0f01b
20 changed files with 759 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
data/web/inc/footer.inc.php
View File

@@ -59,9 +59,7 @@ $(document).ready(function() {
$('#mailcow-alert-text').text(message);
}
// PHP error handler
<?php if (isset($_SESSION['return'])): ?>
mailcow_alert_box("<?=$_SESSION['return']['type'];?>", "<?=$_SESSION['return']['msg'];?>");
<?php endif; unset($_SESSION['return']); ?>
// Confirm TFA modal
<?php if (isset($_SESSION['pending_tfa_method'])):?>
@@ -230,10 +228,25 @@ $(document).ready(function() {
});
});
</script>
<div class="mailcow-alert-box alert" role="alert">
<a href="#" class="close" data-dismiss="alert"> &times;</a>
<span id="mailcow-alert-text"></span>
<div class="container">
<div id="mailcow-alert" class="alert" role="alert">
<a href="#" class="close" data-dismiss="alert"> &times;</a>
<span id="mailcow-alert-text"></span>
</div>
</div>
</body>
<?php // Notifications ?>
<script>
function mailcow_alert_box(msg, type) {
document.getElementById('mailcow-alert').style.display = 'visible';
document.getElementById('mailcow-alert-text').innerHTML = msg;
document.getElementById("mailcow-alert").className = "alert alert-" + type;
}
<?php if (isset($_SESSION['return'])): ?>
mailcow_alert_box("<?=$_SESSION['return']['msg'];?>", "<?=$_SESSION['return']['type'];?>");
<?php endif; unset($_SESSION['return']); ?>
</script>
</html>
<?php $stmt = null; $pdo = null; ?>

2
data/web/inc/functions.inc.php
View File

@@ -2552,6 +2552,7 @@ function mailbox_add_domain($postarray) {
// relay_all_recipients int
// backupmx int
global $pdo;
global $redis;
global $lang;
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'] = array(
@@ -5177,6 +5178,7 @@ function add_forwarding_host($postarray) {
else {
$hosts = get_outgoing_hosts_best_guess($host);
}
print_r($hosts);
if (empty($hosts)) {
$_SESSION['return'] = array(
'type' => 'danger',

18
data/web/inc/lib/composer.lock generated
View File

@@ -40,7 +40,7 @@
"owasp",
"security"
],
"time": "2017-04-12 05:47:07"
"time": "2017-04-12T05:47:07+00:00"
},
{
"name": "robthree/twofactorauth",
@@ -95,20 +95,24 @@
},
{
"name": "yubico/u2flib-server",
"version": "1.0.0",
"version": "1.0.1",
"source": {
"type": "git",
"url": "https://github.com/Yubico/php-u2flib-server.git",
"reference": "407eb21da24150aad30bcd8cc0ee72963eac5e9d"
"reference": "dc318c80b59e62921c210f31b014def26ceebbab"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/Yubico/php-u2flib-server/zipball/407eb21da24150aad30bcd8cc0ee72963eac5e9d",
"reference": "407eb21da24150aad30bcd8cc0ee72963eac5e9d",
"url": "https://api.github.com/repos/Yubico/php-u2flib-server/zipball/dc318c80b59e62921c210f31b014def26ceebbab",
"reference": "dc318c80b59e62921c210f31b014def26ceebbab",
"shasum": ""
},
"require": {
"ext-openssl": "*"
"ext-openssl": "*",
"php": ">=5.6"
},
"require-dev": {
"phpunit/phpunit": "~5.7"
},
"type": "library",
"autoload": {
@@ -122,7 +126,7 @@
],
"description": "Library for U2F implementation",
"homepage": "https://developers.yubico.com/php-u2flib-server",
"time": "2016-02-19T09:47:51+00:00"
"time": "2017-05-09T07:33:58+00:00"
}
],
"packages-dev": [],

70
data/web/inc/lib/vendor/composer/installed.json vendored
View File

@@ -52,39 +52,6 @@
"tfa"
]
},
{
"name": "yubico/u2flib-server",
"version": "1.0.0",
"version_normalized": "1.0.0.0",
"source": {
"type": "git",
"url": "https://github.com/Yubico/php-u2flib-server.git",
"reference": "407eb21da24150aad30bcd8cc0ee72963eac5e9d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/Yubico/php-u2flib-server/zipball/407eb21da24150aad30bcd8cc0ee72963eac5e9d",
"reference": "407eb21da24150aad30bcd8cc0ee72963eac5e9d",
"shasum": ""
},
"require": {
"ext-openssl": "*"
},
"time": "2016-02-19T09:47:51+00:00",
"type": "library",
"installation-source": "dist",
"autoload": {
"classmap": [
"src/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-2-Clause"
],
"description": "Library for U2F implementation",
"homepage": "https://developers.yubico.com/php-u2flib-server"
},
{
"name": "owasp/csrf-protector-php",
"version": "dev-master",
@@ -122,5 +89,42 @@
"owasp",
"security"
]
},
{
"name": "yubico/u2flib-server",
"version": "1.0.1",
"version_normalized": "1.0.1.0",
"source": {
"type": "git",
"url": "https://github.com/Yubico/php-u2flib-server.git",
"reference": "dc318c80b59e62921c210f31b014def26ceebbab"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/Yubico/php-u2flib-server/zipball/dc318c80b59e62921c210f31b014def26ceebbab",
"reference": "dc318c80b59e62921c210f31b014def26ceebbab",
"shasum": ""
},
"require": {
"ext-openssl": "*",
"php": ">=5.6"
},
"require-dev": {
"phpunit/phpunit": "~5.7"
},
"time": "2017-05-09T07:33:58+00:00",
"type": "library",
"installation-source": "dist",
"autoload": {
"classmap": [
"src/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-2-Clause"
],
"description": "Library for U2F implementation",
"homepage": "https://developers.yubico.com/php-u2flib-server"
}
]

18
data/web/inc/lib/vendor/yubico/u2flib-server/.travis.yml vendored
View File

@@ -1,19 +1,21 @@
language: php
sudo: false
php:
- 5.3
- 5.4
- 5.5
- 5.6
- 7.0
- 7.1
- hhvm
- hhvm-nightly
after_success:
- test -z $COVERALLS || (composer require satooshi/php-coveralls && vendor/bin/coveralls -v)
matrix:
include:
- php: 5.6
env: COVERALLS=true
allow_failures:
- php: hhvm
- php: hhvm-nightly
before_script:
- composer install
script:
- ./vendor/phpunit/phpunit/phpunit -c phpunit.xml
after_success:
- test -z $COVERALLS || (composer require satooshi/php-coveralls && vendor/bin/coveralls -v)

4
data/web/inc/lib/vendor/yubico/u2flib-server/NEWS vendored
View File

@@ -1,5 +1,9 @@
php-u2flib-server NEWS -- History of user-visible changes.
* Version 1.0.1 (released 2017-05-09)
** Move examples to phps so they don't execute by default
** Use common challenge for multiple registrations
* Version 1.0.0 (released 2016-02-19)
** Give an early error on openssl < 1.0
** Support devices with initial counter 0

3
data/web/inc/lib/vendor/yubico/u2flib-server/apigen.neon vendored
View File

@@ -3,7 +3,8 @@ destination: apidocs
source:
- src/u2flib_server
exclude: "*/tests/*"
exclude:
- "*/tests/*"
groups: none

7
data/web/inc/lib/vendor/yubico/u2flib-server/composer.json vendored
View File

@@ -4,10 +4,13 @@
"homepage":"https://developers.yubico.com/php-u2flib-server",
"license":"BSD-2-Clause",
"require": {
"ext-openssl":"*"
"ext-openssl":"*",
"php": ">=5.6"
},
"autoload": {
"classmap": ["src/"]
},
"require-dev": {
"phpunit/phpunit": "~5.7"
}
}

2
data/web/inc/lib/vendor/yubico/u2flib-server/do-source-release.sh vendored
View File

@@ -32,7 +32,7 @@ mkdir -p $releasedir
git archive $VERSION --format=tar | tar -xC $releasedir
git2cl > $releasedir/ChangeLog
cd $releasedir
apigen
apigen generate
cd -
tar -cz --directory=$tmpdir --file=${releasename}.tar.gz $releasename
gpg --detach-sign --default-key $PGP_KEYID ${releasename}.tar.gz

0
data/web/inc/lib/vendor/yubico/u2flib-server/examples/cli/u2f-server.php → data/web/inc/lib/vendor/yubico/u2flib-server/examples/cli/u2f-server.phps vendored
View File

0
data/web/inc/lib/vendor/yubico/u2flib-server/examples/localstorage/index.php → data/web/inc/lib/vendor/yubico/u2flib-server/examples/localstorage/index.phps vendored
View File

0
data/web/inc/lib/vendor/yubico/u2flib-server/examples/pdo/index.php → data/web/inc/lib/vendor/yubico/u2flib-server/examples/pdo/index.phps vendored
View File

2
data/web/inc/lib/vendor/yubico/u2flib-server/phpunit.xml vendored
View File

@@ -1,7 +1,7 @@
<phpunit
colors="true">
<testsuite name="tests">
<directory suffix="test.php">.</directory>
<directory suffix="test.php">tests</directory>
</testsuite>
<logging>
<log type="coverage-clover" target="build/logs/clover.xml"/>

3
data/web/inc/lib/vendor/yubico/u2flib-server/src/u2flib_server/U2F.php vendored
View File

@@ -222,6 +222,7 @@ class U2F
public function getAuthenticateData(array $registrations)
{
$sigs = array();
$challenge = $this->createChallenge();
foreach ($registrations as $reg) {
if( !is_object( $reg ) ) {
throw new \InvalidArgumentException('$registrations of getAuthenticateData() method only accepts array of object.');
@@ -230,7 +231,7 @@ class U2F
$sig = new SignRequest();
$sig->appId = $this->appId;
$sig->keyHandle = $reg->keyHandle;
$sig->challenge = $this->createChallenge();
$sig->challenge = $challenge;
$sigs[] = $sig;
}
return $sigs;

12
data/web/inc/prerequisites.inc.php
View File

@@ -16,18 +16,6 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/lib/vendor/autoload.php';
$u2f = new u2flib_server\U2F('https://' . $_SERVER['HTTP_HOST']);
$tfa = new RobThree\Auth\TwoFactorAuth('mailcow UI');
// OWASP CSRF Protector
$csrfProtector = new csrfProtector;
class mailcowCsrfProtector extends csrfprotector {
public static function logCSRFattack() {
$_SESSION['return'] = array(
'type' => 'warning',
'msg' => 'CSRF violation, please try again.'
);
}
}
mailcowCsrfProtector::init();
// Redis
$redis = new Redis();
$redis->connect('redis-mailcow', 6379);