summaryrefslogtreecommitdiff
path: root/program
diff options
context:
space:
mode:
authoralecpl <alec@alec.pl>2009-05-16 13:01:49 +0000
committeralecpl <alec@alec.pl>2009-05-16 13:01:49 +0000
commit2471d3a979d00e0cecca64e0d5889ca40c02c5fe (patch)
tree80a707b81bfba636d004107f5c04a59a3a0eebf7 /program
parent34ee9e7498f84394bfc7d5a4a845720aed8e0b2f (diff)
- Added possibility to encrypt received header, option 'http_received_header_encrypt',
added some more logic in encrypt/decrypt functions for security
Diffstat (limited to 'program')
-rw-r--r--program/include/rcmail.php107
-rw-r--r--program/include/rcube_config.php44
-rw-r--r--program/include/rcube_ldap.php2
-rw-r--r--program/include/rcube_smtp.inc2
-rw-r--r--program/localization/en_GB/messages.inc1
-rw-r--r--program/localization/en_US/messages.inc1
-rw-r--r--program/localization/hu_HU/messages.inc1
-rw-r--r--program/localization/pl_PL/messages.inc1
-rw-r--r--program/steps/mail/sendmail.inc47
9 files changed, 142 insertions, 64 deletions
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index 06f50a13f..ec0a6f445 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -392,7 +392,7 @@ class rcmail
$conn = false;
if ($_SESSION['imap_host'] && !$this->imap->conn) {
- if (!($conn = $this->imap->connect($_SESSION['imap_host'], $_SESSION['username'], $this->decrypt_passwd($_SESSION['password']), $_SESSION['imap_port'], $_SESSION['imap_ssl']))) {
+ if (!($conn = $this->imap->connect($_SESSION['imap_host'], $_SESSION['username'], $this->decrypt($_SESSION['password']), $_SESSION['imap_port'], $_SESSION['imap_ssl']))) {
if ($this->output)
$this->output->show_message($this->imap->error_code == -1 ? 'imaperror' : 'sessionerror', 'error');
}
@@ -518,7 +518,7 @@ class rcmail
$_SESSION['imap_host'] = $host;
$_SESSION['imap_port'] = $imap_port;
$_SESSION['imap_ssl'] = $imap_ssl;
- $_SESSION['password'] = $this->encrypt_passwd($pass);
+ $_SESSION['password'] = $this->encrypt($pass);
$_SESSION['login_time'] = mktime();
if ($_REQUEST['_timezone'] != '_default_')
@@ -873,65 +873,104 @@ class rcmail
return md5($auth_string);
}
+
/**
- * Encrypt IMAP password using DES encryption
+ * Encrypt using 3DES
+ *
+ * @param string $clear clear text input
+ * @param string $key encryption key to retrieve from the configuration, defaults to 'des_key'
+ * @param boolean $base64 whether or not to base64_encode() the result before returning
*
- * @param string Password to encrypt
- * @return string Encryprted string
+ * @return string encrypted text
*/
- public function encrypt_passwd($pass)
+ public function encrypt($clear, $key = 'des_key', $base64 = true)
{
- if (function_exists('mcrypt_module_open') && ($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, ""))) {
+ /*-
+ * Add a single canary byte to the end of the clear text, which
+ * will help find out how much of padding will need to be removed
+ * upon decryption; see http://php.net/mcrypt_generic#68082
+ */
+ $clear = pack("a*H2", $clear, "80");
+
+ if (function_exists('mcrypt_module_open') &&
+ ($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, "")))
+ {
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
- mcrypt_generic_init($td, $this->config->get_des_key(), $iv);
- $cypher = mcrypt_generic($td, $pass);
+ mcrypt_generic_init($td, $this->config->get_crypto_key($key), $iv);
+ $cipher = $iv . mcrypt_generic($td, $clear);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
}
- else if (function_exists('des')) {
- $cypher = des($this->config->get_des_key(), $pass, 1, 0, NULL);
+ else if (function_exists('des'))
+ {
+ define('DES_IV_SIZE', 8);
+ $iv = '';
+ for ($i = 0; $i < constant('DES_IV_SIZE'); $i++)
+ $iv .= sprintf("%c", mt_rand(0, 255));
+ $cipher = $iv . des($this->config->get_crypto_key($key), $clear, 1, 1, $iv);
}
- else {
- $cypher = $pass;
-
+ else
+ {
raise_error(array(
'code' => 500,
'type' => 'php',
'file' => __FILE__,
- 'message' => "Could not convert encrypt password. Make sure Mcrypt is installed or lib/des.inc is available"
- ), true, false);
+ 'message' => "Could not perform encryption; make sure Mcrypt is installed or lib/des.inc is available"
+ ), true, true);
}
-
- return base64_encode($cypher);
+
+ return $base64 ? base64_encode($cipher) : $cipher;
}
-
/**
- * Decrypt IMAP password using DES encryption
+ * Decrypt 3DES-encrypted string
+ *
+ * @param string $cipher encrypted text
+ * @param string $key encryption key to retrieve from the configuration, defaults to 'des_key'
+ * @param boolean $base64 whether or not input is base64-encoded
*
- * @param string Encrypted password
- * @return string Plain password
+ * @return string decrypted text
*/
- public function decrypt_passwd($cypher)
+ public function decrypt($cipher, $key = 'des_key', $base64 = true)
{
- if (function_exists('mcrypt_module_open') && ($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, ""))) {
- $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
- mcrypt_generic_init($td, $this->config->get_des_key(), $iv);
- $pass = mdecrypt_generic($td, base64_decode($cypher));
+ $cipher = $base64 ? base64_decode($cipher) : $cipher;
+
+ if (function_exists('mcrypt_module_open') &&
+ ($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, "")))
+ {
+ $iv = substr($cipher, 0, mcrypt_enc_get_iv_size($td));
+ $cipher = substr($cipher, mcrypt_enc_get_iv_size($td));
+ mcrypt_generic_init($td, $this->config->get_crypto_key($key), $iv);
+ $clear = mdecrypt_generic($td, $cipher);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
}
- else if (function_exists('des')) {
- $pass = des($this->config->get_des_key(), base64_decode($cypher), 0, 0, NULL);
+ else if (function_exists('des'))
+ {
+ define('DES_IV_SIZE', 8);
+ $iv = substr($cipher, 0, constant('DES_IV_SIZE'));
+ $cipher = substr($cipher, constant('DES_IV_SIZE'));
+ $clear = des($this->config->get_crypto_key($key), $cipher, 0, 1, $iv);
}
- else {
- $pass = base64_decode($cypher);
+ else
+ {
+ raise_error(array(
+ 'code' => 500,
+ 'type' => 'php',
+ 'file' => __FILE__,
+ 'message' => "Could not perform decryption; make sure Mcrypt is installed or lib/des.inc is available"
+ ), true, true);
}
-
- return preg_replace('/\x00/', '', $pass);
+
+ /*-
+ * Trim PHP's padding and the canary byte; see note in
+ * rcmail::encrypt() and http://php.net/mcrypt_generic#68082
+ */
+ $clear = substr(rtrim($clear, "\0"), 0, -1);
+
+ return $clear;
}
-
/**
* Build a valid URL to this instance of RoundCube
*
diff --git a/program/include/rcube_config.php b/program/include/rcube_config.php
index 1312a73de..60064e7f5 100644
--- a/program/include/rcube_config.php
+++ b/program/include/rcube_config.php
@@ -176,28 +176,42 @@ class rcube_config
{
return $this->prop;
}
-
-
+
/**
- * Return a 24 byte key for the DES encryption
+ * Return requested DES crypto key.
*
- * @return string DES encryption key
+ * @param string Crypto key name
+ * @return string Crypto key
*/
- public function get_des_key()
+ public function get_crypto_key($key)
{
- $key = !empty($this->prop['des_key']) ? $this->prop['des_key'] : 'rcmail?24BitPwDkeyF**ECB';
- $len = strlen($key);
-
- // make sure the key is exactly 24 chars long
- if ($len<24)
- $key .= str_repeat('_', 24-$len);
- else if ($len>24)
- substr($key, 0, 24);
+ // Bomb out if the requested key does not exist
+ if (!array_key_exists($key, $this->prop))
+ {
+ raise_error(array(
+ 'code' => 500,
+ 'type' => 'php',
+ 'file' => __FILE__,
+ 'message' => "Request for unconfigured crypto key \"$key\""
+ ), true, true);
+ }
+
+ $key = $this->prop[$key];
+
+ // Bomb out if the configured key is not exactly 24 bytes long
+ if (strlen($key) != 24)
+ {
+ raise_error(array(
+ 'code' => 500,
+ 'type' => 'php',
+ 'file' => __FILE__,
+ 'message' => "Configured crypto key \"$key\" is not exactly 24 bytes long"
+ ), true, true);
+ }
return $key;
}
-
-
+
/**
* Try to autodetect operating system and find the correct line endings
*
diff --git a/program/include/rcube_ldap.php b/program/include/rcube_ldap.php
index 544c7f744..8e035c5d7 100644
--- a/program/include/rcube_ldap.php
+++ b/program/include/rcube_ldap.php
@@ -105,7 +105,7 @@ class rcube_ldap extends rcube_addressbook
if ($this->prop["user_specific"]) {
// No password set, use the session password
if (empty($this->prop['bind_pass'])) {
- $this->prop['bind_pass'] = $RCMAIL->decrypt_passwd($_SESSION["password"]);
+ $this->prop['bind_pass'] = $RCMAIL->decrypt($_SESSION['password']);
}
// Get the pieces needed for variable replacement.
diff --git a/program/include/rcube_smtp.inc b/program/include/rcube_smtp.inc
index ad6a6e0af..77195e96f 100644
--- a/program/include/rcube_smtp.inc
+++ b/program/include/rcube_smtp.inc
@@ -103,7 +103,7 @@ function smtp_mail($from, $recipients, &$headers, &$body, &$response)
$smtp_user = $CONFIG['smtp_user'];
if (strstr($CONFIG['smtp_pass'], '%p'))
- $smtp_pass = str_replace('%p', $RCMAIL->decrypt_passwd($_SESSION['password']), $CONFIG['smtp_pass']);
+ $smtp_pass = str_replace('%p', $RCMAIL->decrypt($_SESSION['password']), $CONFIG['smtp_pass']);
else
$smtp_pass = $CONFIG['smtp_pass'];
diff --git a/program/localization/en_GB/messages.inc b/program/localization/en_GB/messages.inc
index ddb6a2990..9f7d66240 100644
--- a/program/localization/en_GB/messages.inc
+++ b/program/localization/en_GB/messages.inc
@@ -94,5 +94,6 @@ $messages['importconfirm'] = '<b>Successfully imported $inserted contacts, $skip
$messages['opnotpermitted'] = 'Operation not permitted!';
$messages['nofromaddress'] = 'Missing e-mail address in selected identity';
$messages['editorwarning'] = 'Switching to the plain text editor will cause all text formatting to be lost. Do you wish to continue?';
+$messages['httpreceivedencrypterror'] = 'A fatal configuration error occurred. Contact your administrator immediately. <b>Your message can not be sent.</b>';
?>
diff --git a/program/localization/en_US/messages.inc b/program/localization/en_US/messages.inc
index ed63c7c47..af7443eaa 100644
--- a/program/localization/en_US/messages.inc
+++ b/program/localization/en_US/messages.inc
@@ -94,5 +94,6 @@ $messages['importconfirm'] = '<b>Successfully imported $inserted contacts, $skip
$messages['opnotpermitted'] = 'Operation not permitted!';
$messages['nofromaddress'] = 'Missing e-mail address in selected identity';
$messages['editorwarning'] = 'Switching to the plain text editor will cause all text formatting to be lost. Do you wish to continue?';
+$messages['httpreceivedencrypterror'] = 'A fatal configuration error occurred. Contact your administrator immediately. <b>Your message can not be sent.</b>';
?>
diff --git a/program/localization/hu_HU/messages.inc b/program/localization/hu_HU/messages.inc
index 5acea06a1..092001cb0 100644
--- a/program/localization/hu_HU/messages.inc
+++ b/program/localization/hu_HU/messages.inc
@@ -95,5 +95,6 @@ $messages['importconfirm'] = '<b>Sikeresen importálásra került $inserted kapc
$messages['opnotpermitted'] = 'A művelet nem megengedett!';
$messages['nofromaddress'] = 'Hiányzó email cím a kiválasztott feladónál';
$messages['editorwarning'] = 'Az egyszerű szöveges formátumra való váltás az összes formázás elvesztésével jár. Biztosan folytatja?';
+$messages['httpreceivedencrypterror'] = 'Végzetes konfigurációs hiba történt, azonnal lépjen kapcsolatba az üzemeltetővel. <b>Az üzenet nem küldhető el.</b>';
?>
diff --git a/program/localization/pl_PL/messages.inc b/program/localization/pl_PL/messages.inc
index 897c16b01..ac76383ac 100644
--- a/program/localization/pl_PL/messages.inc
+++ b/program/localization/pl_PL/messages.inc
@@ -99,5 +99,6 @@ $messages['importconfirm'] = '<b>PomyÅ›lnie dodano $inserted kontaktów, pominiÄ
$messages['opnotpermitted'] = 'Niedozwolona operacja!';
$messages['nofromaddress'] = 'Brak adresu e-mail w wybranej tożsamości';
$messages['editorwarning'] = 'Zmiana edytora spowoduje utratę formatowania tekstu. Czy jesteś pewien, że chcesz to zrobić?';
+$messages['httpreceivedencrypterror'] = 'Wystąpił błąd systemu. Skontaktuj się z administratorem. <b>Nie można wysłać wiadomości.</b>';
?>
diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index 4ebf4893c..f1745acfe 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -55,6 +55,17 @@ if (!$savedraft) {
/****** message sending functions ********/
+// encrypt parts of the header
+function rcmail_encrypt_header($what)
+{
+ global $CONFIG, $RCMAIL;
+ if (!$CONFIG['http_received_header_encrypt'])
+ {
+ return $what;
+ }
+ return $RCMAIL->encrypt($what);
+}
+
// get identity record
function rcmail_get_identity($id)
{
@@ -211,9 +222,29 @@ if (empty($identity_arr['string']))
$identity_arr['string'] = $from;
// compose headers array
-$headers = array('Date' => date('r'),
- 'From' => rcube_charset_convert($identity_arr['string'], RCMAIL_CHARSET, $message_charset),
- 'To' => $mailto);
+$headers = array();
+
+// if configured, the Received headers goes to top, for good measure
+if ($CONFIG['http_received_header'])
+{
+ $nldlm = $RCMAIL->config->header_delimiter() . "\t";
+ $http_header = 'from ';
+ if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $http_header .= rcmail_encrypt_header(gethostbyaddr($_SERVER['HTTP_X_FORWARDED_FOR'])) .
+ ' [' . rcmail_encrypt_header($_SERVER['HTTP_X_FORWARDED_FOR']) . ']';
+ $http_header .= $nldlm . ' via ';
+ }
+ $http_header .= rcmail_encrypt_header(gethostbyaddr($_SERVER['REMOTE_ADDR'])) .
+ ' [' . rcmail_encrypt_header($_SERVER['REMOTE_ADDR']) .']';
+ $http_header .= $nldlm . 'with ' . $_SERVER['SERVER_PROTOCOL'] .
+ ' ('.$_SERVER['REQUEST_METHOD'] . '); ' . date('r');
+ $http_header = wordwrap($http_header, 69, $nldlm);
+ $headers['Received'] = $http_header;
+}
+
+$headers['Date'] = date('r');
+$headers['From'] = rcube_charset_convert($identity_arr['string'], RCMAIL_CHARSET, $message_charset);
+$headers['To'] = $mailto;
// additional recipients
if (!empty($mailcc))
@@ -257,16 +288,6 @@ if (!empty($_POST['_receipt']))
}
// additional headers
-if ($CONFIG['http_received_header'])
-{
- $nldlm = $RCMAIL->config->header_delimiter() . "\t";
- $headers['Received'] = wordwrap('from ' . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
- gethostbyaddr($_SERVER['HTTP_X_FORWARDED_FOR']).' ['.$_SERVER['HTTP_X_FORWARDED_FOR'].']'.$nldlm.' via ' : '') .
- gethostbyaddr($_SERVER['REMOTE_ADDR']).' ['.$_SERVER['REMOTE_ADDR'].']'.$nldlm.'with ' .
- $_SERVER['SERVER_PROTOCOL'].' ('.$_SERVER['REQUEST_METHOD'].'); ' . date('r'),
- 69, $nldlm);
-}
-
$headers['Message-ID'] = $message_id;
$headers['X-Sender'] = $from;