From 16d2f11b407c15c8027ba29cd39241cd43cbe748 Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Tue, 26 Nov 2019 22:27:25 +0100 Subject: [PATCH 1/2] Don't allow unencrypted IMAP, allow deleting mails --- mod/settings.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/mod/settings.php b/mod/settings.php index fcc2cad369..e1cbd4998f 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -857,15 +857,15 @@ function settings_content(App $a) '$imap_desc' => L10n::t("If you wish to communicate with email contacts using this service \x28optional\x29, please specify how to connect to your mailbox."), '$imap_lastcheck' => ['imap_lastcheck', L10n::t('Last successful email check:'), $mail_chk, ''], '$mail_disabled' => $mail_disabled_message, - '$mail_server' => ['mail_server', L10n::t('IMAP server name:'), $mail_server, ''], - '$mail_port' => ['mail_port', L10n::t('IMAP port:'), $mail_port, ''], - '$mail_ssl' => ['mail_ssl', L10n::t('Security:'), strtoupper($mail_ssl), '', ['notls'=>L10n::t('None'), 'TLS'=>'TLS', 'SSL'=>'SSL']], - '$mail_user' => ['mail_user', L10n::t('Email login name:'), $mail_user, ''], - '$mail_pass' => ['mail_pass', L10n::t('Email password:'), '', ''], - '$mail_replyto' => ['mail_replyto', L10n::t('Reply-to address:'), $mail_replyto, 'Optional'], - '$mail_pubmail' => ['mail_pubmail', L10n::t('Send public posts to all email contacts:'), $mail_pubmail, ''], - '$mail_action' => ['mail_action', L10n::t('Action after import:'), $mail_action, '', [0=>L10n::t('None'), /*1=>L10n::t('Delete'),*/ 2=>L10n::t('Mark as seen'), 3=>L10n::t('Move to folder')]], - '$mail_movetofolder' => ['mail_movetofolder', L10n::t('Move to folder:'), $mail_movetofolder, ''], + '$mail_server' => ['mail_server', L10n::t('IMAP server name:'), $mail_server, ''], + '$mail_port' => ['mail_port', L10n::t('IMAP port:'), $mail_port, ''], + '$mail_ssl' => ['mail_ssl', L10n::t('Security:'), strtoupper($mail_ssl), '', [/*'notls' => L10n::t('None'),*/ 'TLS' => 'TLS', 'SSL' => 'SSL']], + '$mail_user' => ['mail_user', L10n::t('Email login name:'), $mail_user, ''], + '$mail_pass' => ['mail_pass', L10n::t('Email password:'), '', ''], + '$mail_replyto' => ['mail_replyto', L10n::t('Reply-to address:'), $mail_replyto, 'Optional'], + '$mail_pubmail' => ['mail_pubmail', L10n::t('Send public posts to all email contacts:'), $mail_pubmail, ''], + '$mail_action' => ['mail_action', L10n::t('Action after import:'), $mail_action, '', [0 => L10n::t('None'), 1 => L10n::t('Delete'), 2 => L10n::t('Mark as seen'), 3 => L10n::t('Move to folder')]], + '$mail_movetofolder' => ['mail_movetofolder', L10n::t('Move to folder:'), $mail_movetofolder, ''], '$submit' => L10n::t('Save Settings'), ]); From 3ed196fd9c2f11340cddd16be4602d566b5fbfc0 Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Tue, 26 Nov 2019 23:27:20 +0100 Subject: [PATCH 2/2] Added option for insecure IMAP --- mod/settings.php | 10 ++++++++-- static/defaults.config.php | 5 +++++ 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/mod/settings.php b/mod/settings.php index e1cbd4998f..45867c7ef9 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -829,7 +829,13 @@ function settings_content(App $a) $tpl = Renderer::getMarkupTemplate('settings/connectors.tpl'); - $mail_disabled_message = (($mail_disabled) ? L10n::t('Email access is disabled on this site.') : ''); + $mail_disabled_message = ($mail_disabled ? L10n::t('Email access is disabled on this site.') : ''); + + $ssl_options = ['TLS' => 'TLS', 'SSL' => 'SSL']; + + if (Config::get('system', 'insecure_imap')) { + $ssl_options['notls'] = L10n::t('None'); + } $o .= Renderer::replaceMacros($tpl, [ '$form_security_token' => BaseModule::getFormSecurityToken("settings_connectors"), @@ -859,7 +865,7 @@ function settings_content(App $a) '$mail_disabled' => $mail_disabled_message, '$mail_server' => ['mail_server', L10n::t('IMAP server name:'), $mail_server, ''], '$mail_port' => ['mail_port', L10n::t('IMAP port:'), $mail_port, ''], - '$mail_ssl' => ['mail_ssl', L10n::t('Security:'), strtoupper($mail_ssl), '', [/*'notls' => L10n::t('None'),*/ 'TLS' => 'TLS', 'SSL' => 'SSL']], + '$mail_ssl' => ['mail_ssl', L10n::t('Security:'), strtoupper($mail_ssl), '', $ssl_options], '$mail_user' => ['mail_user', L10n::t('Email login name:'), $mail_user, ''], '$mail_pass' => ['mail_pass', L10n::t('Email password:'), '', ''], '$mail_replyto' => ['mail_replyto', L10n::t('Reply-to address:'), $mail_replyto, 'Optional'], diff --git a/static/defaults.config.php b/static/defaults.config.php index 0cfb15e847..a4fd11662f 100644 --- a/static/defaults.config.php +++ b/static/defaults.config.php @@ -189,6 +189,11 @@ return [ // For development only. Disables the item cache. 'ignore_cache' => false, + // insecure_imap (Boolean) + // If enabled, users are allowed to connect to their IMAP servers unencrypted. + // For security reasons this is disabled by default. + 'insecure_imap' => false, + // instances_social_key (String) // Key to the API of https://instances.social which retrieves data about mastodon servers. // See https://instances.social/api/token to get an API key.