diff options
Diffstat (limited to 'plugins/managesieve')
-rw-r--r-- | plugins/managesieve/Changelog | 3 | ||||
-rw-r--r-- | plugins/managesieve/config.inc.php.dist | 5 | ||||
-rw-r--r-- | plugins/managesieve/lib/rcube_sieve_script.php | 96 | ||||
-rw-r--r-- | plugins/managesieve/localization/en_GB.inc | 9 | ||||
-rw-r--r-- | plugins/managesieve/localization/en_US.inc | 9 | ||||
-rw-r--r-- | plugins/managesieve/localization/pl_PL.inc | 9 | ||||
-rw-r--r-- | plugins/managesieve/managesieve.js | 6 | ||||
-rw-r--r-- | plugins/managesieve/managesieve.php | 111 | ||||
-rw-r--r-- | plugins/managesieve/package.xml | 4 | ||||
-rw-r--r-- | plugins/managesieve/tests/src/parser_enotify_a | 19 | ||||
-rw-r--r-- | plugins/managesieve/tests/src/parser_enotify_b | 18 | ||||
-rw-r--r-- | plugins/managesieve/tests/src/parser_notify_a | 18 | ||||
-rw-r--r-- | plugins/managesieve/tests/src/parser_notify_b | 17 |
13 files changed, 305 insertions, 19 deletions
diff --git a/plugins/managesieve/Changelog b/plugins/managesieve/Changelog index 482cff0ca..c0428c4fc 100644 --- a/plugins/managesieve/Changelog +++ b/plugins/managesieve/Changelog @@ -1,4 +1,7 @@ - Fixed issue with DBMail bug [http://pear.php.net/bugs/bug.php?id=19077] (#1488594) +- Added support for enotify/notify (RFC5435, RFC5436, draft-ietf-sieve-notify-00) +- Change default port to 4190 (IANA-allocated), add port auto-detection (#1488713) +- Added request size limits detection and script corruption prevention (#1488648) * version 5.2 [2012-07-24] ----------------------------------------------------------- diff --git a/plugins/managesieve/config.inc.php.dist b/plugins/managesieve/config.inc.php.dist index cb9b2a97f..1f34564c5 100644 --- a/plugins/managesieve/config.inc.php.dist +++ b/plugins/managesieve/config.inc.php.dist @@ -1,7 +1,8 @@ <?php -// managesieve server port -$rcmail_config['managesieve_port'] = 2000; +// managesieve server port. When empty the port will be determined automatically +// using getservbyname() function, with 4190 as a fallback. +$rcmail_config['managesieve_port'] = null; // managesieve server address, default is localhost. // Replacement variables supported in host name: diff --git a/plugins/managesieve/lib/rcube_sieve_script.php b/plugins/managesieve/lib/rcube_sieve_script.php index aa3b9ab6e..36eb1bcf8 100644 --- a/plugins/managesieve/lib/rcube_sieve_script.php +++ b/plugins/managesieve/lib/rcube_sieve_script.php @@ -41,7 +41,9 @@ class rcube_sieve_script 'variables', // RFC5229 'body', // RFC5173 'subaddress', // RFC5233 - // @TODO: enotify/notify, spamtest+virustest, mailbox, date + 'enotify', // RFC5435 + 'notify', // draft-ietf-sieve-notify-00 + // @TODO: spamtest+virustest, mailbox, date ); /** @@ -198,6 +200,9 @@ class rcube_sieve_script } } + $imapflags = in_array('imap4flags', $this->supported) ? 'imap4flags' : 'imapflags'; + $notify = in_array('enotify', $this->supported) ? 'enotify' : 'notify'; + // rules foreach ($this->content as $rule) { $extension = ''; @@ -370,11 +375,7 @@ class rcube_sieve_script case 'addflag': case 'setflag': case 'removeflag': - if (in_array('imap4flags', $this->supported)) - array_push($exts, 'imap4flags'); - else - array_push($exts, 'imapflags'); - + array_push($exts, $imapflags); $action_script .= $action['type'].' ' . self::escape_string($action['target']); break; @@ -403,6 +404,46 @@ class rcube_sieve_script $action_script .= self::escape_string($action['name']) . ' ' . self::escape_string($action['value']); break; + case 'notify': + array_push($exts, $notify); + $action_script .= 'notify'; + + // Here we support only 00 version of notify draft, there + // were a couple regressions in 00 to 04 changelog, we use + // the version used by Cyrus + if ($notify == 'notify') { + switch ($action['importance']) { + case 1: $action_script .= " :high"; break; + case 2: $action_script .= " :normal"; break; + case 3: $action_script .= " :low"; break; + + } + unset($action['importance']); + } + + foreach (array('from', 'importance', 'options', 'message') as $n_tag) { + if (!empty($action[$n_tag])) { + $action_script .= " :$n_tag " . self::escape_string($action[$n_tag]); + } + } + + if (!empty($action['address'])) { + $method = 'mailto:' . $action['address']; + if (!empty($action['body'])) { + $method .= '?body=' . rawurlencode($action['body']); + } + } + else { + $method = $action['method']; + } + + // method is optional in notify extension + if (!empty($method)) { + $action_script .= ($notify == 'notify' ? " :method " : " ") . self::escape_string($method); + } + + break; + case 'vacation': array_push($exts, 'vacation'); $action_script .= 'vacation'; @@ -840,6 +881,49 @@ class rcube_sieve_script // $result[] = array('type' => 'require', 'target' => $tokens); break; + case 'notify': + $notify = array('type' => 'notify'); + $priorities = array(':high' => 1, ':normal' => 2, ':low' => 3); + + // Parameters: :from, :importance, :options, :message + // additional (optional) :method parameter for notify extension + for ($i=0, $len=count($tokens); $i<$len; $i++) { + $tok = strtolower($tokens[$i]); + if ($tok[0] == ':') { + // Here we support only 00 version of notify draft, there + // were a couple regressions in 00 to 04 changelog, we use + // the version used by Cyrus + if (isset($priorities[$tok])) { + $notify['importance'] = $priorities[$tok]; + } + else { + $notify[substr($tok, 1)] = $tokens[++$i]; + } + } + else { + // unnamed parameter is a :method in enotify extension + $notify['method'] = $tokens[$i]; + } + } + + $method_components = parse_url($notify['method']); + if ($method_components['scheme'] == 'mailto') { + $notify['address'] = $method_components['path']; + $method_params = array(); + if (array_key_exists('query', $method_components)) { + parse_str($method_components['query'], $method_params); + } + $method_params = array_change_key_case($method_params, CASE_LOWER); + // magic_quotes_gpc and magic_quotes_sybase affect the output of parse_str + if (ini_get('magic_quotes_gpc') || ini_get('magic_quotes_sybase')) { + array_map('stripslashes', $method_params); + } + $notify['body'] = (array_key_exists('body', $method_params)) ? $method_params['body'] : ''; + } + + $result[] = $notify; + break; + } if ($separator == $end) diff --git a/plugins/managesieve/localization/en_GB.inc b/plugins/managesieve/localization/en_GB.inc index 6859f5fff..f9075b8e0 100644 --- a/plugins/managesieve/localization/en_GB.inc +++ b/plugins/managesieve/localization/en_GB.inc @@ -97,6 +97,15 @@ $labels['setvariable'] = 'Set variable'; $labels['setvarname'] = 'Variable name:'; $labels['setvarvalue'] = 'Variable value:'; $labels['setvarmodifiers'] = 'Modifiers:'; +$labels['notify'] = 'Send notification'; +$labels['notifyaddress'] = 'To e-mail address:'; +$labels['notifybody'] = 'Notification body:'; +$labels['notifysubject'] = 'Notification subject:'; +$labels['notifyfrom'] = 'Notification sender:'; +$labels['notifyimportance'] = 'Importance:'; +$labels['notifyimportancelow'] = 'low'; +$labels['notifyimportancenormal'] = 'normal'; +$labels['notifyimportancehigh'] = 'high'; $labels['filtercreate'] = 'Create filter'; $labels['usedata'] = 'Use following data in the filter:'; $labels['nextstep'] = 'Next Step'; diff --git a/plugins/managesieve/localization/en_US.inc b/plugins/managesieve/localization/en_US.inc index 191291338..cb223c18f 100644 --- a/plugins/managesieve/localization/en_US.inc +++ b/plugins/managesieve/localization/en_US.inc @@ -88,6 +88,15 @@ $labels['varlowerfirst'] = 'first character lower-case'; $labels['varupperfirst'] = 'first character upper-case'; $labels['varquotewildcard'] = 'quote special characters'; $labels['varlength'] = 'length'; +$labels['notify'] = 'Send notification'; +$labels['notifyaddress'] = 'To e-mail address:'; +$labels['notifybody'] = 'Notification body:'; +$labels['notifysubject'] = 'Notification subject:'; +$labels['notifyfrom'] = 'Notification sender:'; +$labels['notifyimportance'] = 'Importance:'; +$labels['notifyimportancelow'] = 'low'; +$labels['notifyimportancenormal'] = 'normal'; +$labels['notifyimportancehigh'] = 'high'; $labels['filtercreate'] = 'Create filter'; $labels['usedata'] = 'Use following data in the filter:'; $labels['nextstep'] = 'Next Step'; diff --git a/plugins/managesieve/localization/pl_PL.inc b/plugins/managesieve/localization/pl_PL.inc index 0b4cb6073..734a4ebcf 100644 --- a/plugins/managesieve/localization/pl_PL.inc +++ b/plugins/managesieve/localization/pl_PL.inc @@ -103,6 +103,15 @@ $labels['varlowerfirst'] = 'pierwsza litera mała (:lowerfirst)'; $labels['varupperfirst'] = 'pierwsza litera duża (:upperfirst)'; $labels['varquotewildcard'] = 'anulowane znaki specjalne (:quotewildcard)'; $labels['varlength'] = 'długość (:length)'; +$labels['notify'] = 'Wyślij powiadomienie'; +$labels['notifyaddress'] = 'Na adres e-mail:'; +$labels['notifybody'] = 'Treść powiadomienia:'; +$labels['notifysubject'] = 'Temat powiadomienia:'; +$labels['notifyfrom'] = 'Nadawca powiadomienia:'; +$labels['notifyimportance'] = 'Priorytet:'; +$labels['notifyimportancelow'] = 'niski'; +$labels['notifyimportancenormal'] = 'normalny'; +$labels['notifyimportancehigh'] = 'wysoki'; $labels['filtercreate'] = 'Utwórz filtr'; $labels['usedata'] = 'Użyj następujących danych do utworzenia filtra:'; $labels['nextstep'] = 'Następny krok'; diff --git a/plugins/managesieve/managesieve.js b/plugins/managesieve/managesieve.js index f447719a2..bbc10793c 100644 --- a/plugins/managesieve/managesieve.js +++ b/plugins/managesieve/managesieve.js @@ -639,7 +639,8 @@ function action_type_select(id) target_area: document.getElementById('action_target_area' + id), flags: document.getElementById('action_flags' + id), vacation: document.getElementById('action_vacation' + id), - set: document.getElementById('action_set' + id) + set: document.getElementById('action_set' + id), + notify: document.getElementById('action_notify' + id) }; if (obj.value == 'fileinto' || obj.value == 'fileinto_copy') { @@ -660,6 +661,9 @@ function action_type_select(id) else if (obj.value == 'set') { enabled.set = 1; } + else if (obj.value == 'notify') { + enabled.notify = 1; + } for (var x in elems) { elems[x].style.display = !enabled[x] ? 'none' : 'inline'; diff --git a/plugins/managesieve/managesieve.php b/plugins/managesieve/managesieve.php index e7828f1da..7282ff2e0 100644 --- a/plugins/managesieve/managesieve.php +++ b/plugins/managesieve/managesieve.php @@ -7,13 +7,13 @@ * It's clickable interface which operates on text scripts and communicates * with server using managesieve protocol. Adds Filters tab in Settings. * - * @version 5.0 + * @version @package_version@ * @author Aleksander Machniak <alec@alec.pl> * * Configuration (see config.inc.php.dist) * - * Copyright (C) 2008-2011, The Roundcube Dev Team - * Copyright (C) 2011, Kolab Systems AG + * Copyright (C) 2008-2012, The Roundcube Dev Team + * Copyright (C) 2011-2012, Kolab Systems AG * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 @@ -62,8 +62,9 @@ class managesieve extends rcube_plugin "x-beenthere", ); - const VERSION = '5.2'; + const VERSION = '5.2'; const PROGNAME = 'Roundcube (Managesieve)'; + const PORT = 4190; function init() @@ -200,10 +201,16 @@ class managesieve extends rcube_plugin set_include_path($include_path); $host = rcube_parse_host($this->rc->config->get('managesieve_host', 'localhost')); - $port = $this->rc->config->get('managesieve_port', 2000); - $host = rcube_idn_to_ascii($host); + $port = $this->rc->config->get('managesieve_port'); + if (empty($port)) { + $port = getservbyname('sieve', 'tcp'); + if (empty($port)) { + $port = self::PORT; + } + } + $plugin = $this->rc->plugins->exec_hook('managesieve_connect', array( 'user' => $_SESSION['username'], 'password' => $this->rc->decrypt($_SESSION['password']), @@ -523,9 +530,37 @@ class managesieve extends rcube_plugin // Init plugin and handle managesieve connection $error = $this->managesieve_start(); - // filters set add action - if (!empty($_POST['_newset'])) { + // get request size limits (#1488648) + $max_post = max(array( + ini_get('max_input_vars'), + ini_get('suhosin.request.max_vars'), + ini_get('suhosin.post.max_vars'), + )); + $max_depth = max(array( + ini_get('suhosin.request.max_array_depth'), + ini_get('suhosin.post.max_array_depth'), + )); + // check request size limit + if ($max_post && count($_POST, COUNT_RECURSIVE) >= $max_post) { + rcube::raise_error(array( + 'code' => 500, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Request size limit exceeded (one of max_input_vars/suhosin.request.max_vars/suhosin.post.max_vars)" + ), true, false); + $this->rc->output->show_message('managesieve.filtersaveerror', 'error'); + } + // check request depth limits + else if ($max_depth && count($_POST['_header']) > $max_depth) { + rcube::raise_error(array( + 'code' => 500, 'type' => 'php', + 'file' => __FILE__, 'line' => __LINE__, + 'message' => "Request size limit exceeded (one of suhosin.request.max_array_depth/suhosin.post.max_array_depth)" + ), true, false); + $this->rc->output->show_message('managesieve.filtersaveerror', 'error'); + } + // filters set add action + else if (!empty($_POST['_newset'])) { $name = get_input_value('_name', RCUBE_INPUT_POST, true); $copy = get_input_value('_copy', RCUBE_INPUT_POST, true); $from = get_input_value('_from', RCUBE_INPUT_POST); @@ -625,6 +660,11 @@ class managesieve extends rcube_plugin $varnames = get_input_value('_action_varname', RCUBE_INPUT_POST); $varvalues = get_input_value('_action_varvalue', RCUBE_INPUT_POST); $varmods = get_input_value('_action_varmods', RCUBE_INPUT_POST); + $notifyaddrs = get_input_value('_action_notifyaddress', RCUBE_INPUT_POST); + $notifybodies = get_input_value('_action_notifybody', RCUBE_INPUT_POST); + $notifymessages = get_input_value('_action_notifymessage', RCUBE_INPUT_POST); + $notifyfrom = get_input_value('_action_notifyfrom', RCUBE_INPUT_POST); + $notifyimp = get_input_value('_action_notifyimportance', RCUBE_INPUT_POST); // we need a "hack" for radiobuttons foreach ($sizeitems as $item) @@ -878,6 +918,23 @@ class managesieve extends rcube_plugin $this->errors['actions'][$i]['value'] = $this->gettext('cannotbeempty'); } break; + + case 'notify': + if (empty($notifyaddrs[$idx])) { + $this->errors['actions'][$i]['address'] = $this->gettext('cannotbeempty'); + } + else if (!check_email($notifyaddrs[$idx])) { + $this->errors['actions'][$i]['address'] = $this->gettext('noemailwarning'); + } + if (!empty($notifyfrom[$idx]) && !check_email($notifyfrom[$idx])) { + $this->errors['actions'][$i]['from'] = $this->gettext('noemailwarning'); + } + $this->form['actions'][$i]['address'] = $notifyaddrs[$idx]; + $this->form['actions'][$i]['body'] = $notifybodies[$idx]; + $this->form['actions'][$i]['message'] = $notifymessages[$idx]; + $this->form['actions'][$i]['from'] = $notifyfrom[$idx]; + $this->form['actions'][$i]['importance'] = $notifyimp[$idx]; + break; } $this->form['actions'][$i]['type'] = $type; @@ -1479,6 +1536,9 @@ class managesieve extends rcube_plugin if (in_array('variables', $this->exts)) { $select_action->add(Q($this->gettext('setvariable')), 'set'); } + if (in_array('enotify', $this->exts) || in_array('notify', $this->exts)) { + $select_action->add(Q($this->gettext('notify')), 'notify'); + } $select_action->add(Q($this->gettext('rulestop')), 'stop'); $select_type = $action['type']; @@ -1571,6 +1631,41 @@ class managesieve extends rcube_plugin } $out .= '</div>'; + // notify + // skip :options tag - not used by the mailto method + $out .= '<div id="action_notify' .$id.'" style="display:' .($action['type']=='notify' ? 'inline' : 'none') .'">'; + $out .= '<span class="label">' .Q($this->gettext('notifyaddress')) . '</span><br />' + .'<input type="text" name="_action_notifyaddress['.$id.']" id="action_notifyaddress'.$id.'" ' + .'value="' . Q($action['address']) . '" size="35" ' + . $this->error_class($id, 'action', 'address', 'action_notifyaddress') .' />'; + $out .= '<br /><span class="label">'. Q($this->gettext('notifybody')) .'</span><br />' + .'<textarea name="_action_notifybody['.$id.']" id="action_notifybody' .$id. '" ' + .'rows="3" cols="35" '. $this->error_class($id, 'action', 'method', 'action_notifybody') . '>' + . Q($action['body'], 'strict', false) . "</textarea>\n"; + $out .= '<br /><span class="label">' .Q($this->gettext('notifysubject')) . '</span><br />' + .'<input type="text" name="_action_notifymessage['.$id.']" id="action_notifymessage'.$id.'" ' + .'value="' . Q($action['message']) . '" size="35" ' + . $this->error_class($id, 'action', 'message', 'action_notifymessage') .' />'; + $out .= '<br /><span class="label">' .Q($this->gettext('notifyfrom')) . '</span><br />' + .'<input type="text" name="_action_notifyfrom['.$id.']" id="action_notifyfrom'.$id.'" ' + .'value="' . Q($action['from']) . '" size="35" ' + . $this->error_class($id, 'action', 'from', 'action_notifyfrom') .' />'; + $importance_options = array( + 3 => 'notifyimportancelow', + 2 => 'notifyimportancenormal', + 1 => 'notifyimportancehigh' + ); + $select_importance = new html_select(array( + 'name' => '_action_notifyimportance[' . $id . ']', + 'id' => '_action_notifyimportance' . $id, + 'class' => $this->error_class($id, 'action', 'importance', 'action_notifyimportance'))); + foreach ($importance_options as $io_v => $io_n) { + $select_importance->add(Q($this->gettext($io_n)), $io_v); + } + $out .= '<br /><span class="label">' . Q($this->gettext('notifyimportance')) . '</span><br />'; + $out .= $select_importance->show($action['importance'] ? $action['importance'] : 2); + $out .= '</div>'; + // mailbox select if ($action['type'] == 'fileinto') $mailbox = $this->mod_mailbox($action['target'], 'out'); diff --git a/plugins/managesieve/package.xml b/plugins/managesieve/package.xml index cde78c9a3..20fec7895 100644 --- a/plugins/managesieve/package.xml +++ b/plugins/managesieve/package.xml @@ -17,9 +17,9 @@ <email>alec@alec.pl</email> <active>yes</active> </lead> - <date>2012-06-21</date> + <date>2012-07-24</date> <version> - <release>5.1</release> + <release>5.2</release> <api>5.0</api> </version> <stability> diff --git a/plugins/managesieve/tests/src/parser_enotify_a b/plugins/managesieve/tests/src/parser_enotify_a new file mode 100644 index 000000000..68a9ef5cc --- /dev/null +++ b/plugins/managesieve/tests/src/parser_enotify_a @@ -0,0 +1,19 @@ +require ["enotify","variables"]; +# rule:[notify1] +if header :contains "from" "boss@example.org" +{ + notify :importance "1" :message "This is probably very important" "mailto:alm@example.com"; + stop; +} +# rule:[subject] +if header :matches "Subject" "*" +{ + set "subject" "${1}"; +} +# rule:[from notify2] +if header :matches "From" "*" +{ + set "from" "${1}"; + notify :importance "3" :message "${from}: ${subject}" "mailto:alm@example.com"; +} + diff --git a/plugins/managesieve/tests/src/parser_enotify_b b/plugins/managesieve/tests/src/parser_enotify_b new file mode 100644 index 000000000..8854658f4 --- /dev/null +++ b/plugins/managesieve/tests/src/parser_enotify_b @@ -0,0 +1,18 @@ +require ["envelope","variables","enotify"]; +# rule:[from] +if envelope :all :matches "from" "*" +{ + set "env_from" " [really: ${1}]"; +} +# rule:[subject] +if header :matches "Subject" "*" +{ + set "subject" "${1}"; +} +# rule:[from notify] +if address :all :matches "from" "*" +{ + set "from_addr" "${1}"; + notify :message "${from_addr}${env_from}: ${subject}" "mailto:alm@example.com"; +} + diff --git a/plugins/managesieve/tests/src/parser_notify_a b/plugins/managesieve/tests/src/parser_notify_a new file mode 100644 index 000000000..f1a57540e --- /dev/null +++ b/plugins/managesieve/tests/src/parser_notify_a @@ -0,0 +1,18 @@ +require ["notify","variables"]; +# rule:[notify1] +if header :contains "from" "boss@example.org" +{ + notify :low :message "This is probably very important"; + stop; +} +# rule:[subject] +if header :matches "Subject" "*" +{ + set "subject" "${1}"; +} +# rule:[from notify2] +if header :matches "From" "*" +{ + set "from" "${1}"; + notify :high :message "${from}: ${subject}" :method "mailto:test@example.org"; +} diff --git a/plugins/managesieve/tests/src/parser_notify_b b/plugins/managesieve/tests/src/parser_notify_b new file mode 100644 index 000000000..cf80a9701 --- /dev/null +++ b/plugins/managesieve/tests/src/parser_notify_b @@ -0,0 +1,17 @@ +require ["envelope","variables","notify"]; +# rule:[from] +if envelope :all :matches "from" "*" +{ + set "env_from" " [really: ${1}]"; +} +# rule:[subject] +if header :matches "Subject" "*" +{ + set "subject" "${1}"; +} +# rule:[from notify] +if address :all :matches "from" "*" +{ + set "from_addr" "${1}"; + notify :message "${from_addr}${env_from}: ${subject}" :method "sms:1234567890"; +} |