#!/usr/bin/suidperl -T ################################################################# # # # Open WebMail - Provides a web interface to user mailboxes # # # # Copyright (C) 2001-2005 # # The Open Webmail Team # # # # Copyright (C) 2000 # # Ernie Miller (original GPL project: Neomail) # # # # This program is distributed under GNU General Public License # # # #################################################################
# # openwebmail.pl - entry point of openwebmail # use vars qw($SCRIPT_DIR); if ( $0 =~ m!^(\S*)/[\w\d\-\.]+\.pl! ) { local $1; $SCRIPT_DIR=$1 } if ($SCRIPT_DIR eq '' && open(F, '/etc/openwebmail_path.conf')) { $_=<F>; close(F); if ( $_=~/^(\S*)/) { local $1; $SCRIPT_DIR=$1 } } if ($SCRIPT_DIR eq '') { print "Content-type: text/html\n\nSCRIPT_DIR not set in /etc/openwebmail_path.conf !\n"; exit 0; } push (@INC, $SCRIPT_DIR);
foreach (qw(ENV BASH_ENV CDPATH IFS TERM)) {delete $ENV{$_}}; $ENV{PATH}='/bin:/usr/bin'; # secure ENV umask(0002); # make sure the openwebmail group can write
use strict; use Fcntl qw(:DEFAULT :flock); use CGI qw(-private_tempfiles :standard); use CGI::Carp qw(fatalsToBrowser carpout); use Socket; # for gethostbyaddr() in ip2hostname use MIME::Base64;
# common globals use vars qw(%config %config_raw); use vars qw($thissession); use vars qw($default_logindomain $loginname $logindomain $loginuser); use vars qw($domain $user $userrealname $uuid $ugid $homedir); use vars qw(%prefs %style);
# extern vars use vars qw(@openwebmailrcitem); # defined in ow-shared.pl use vars qw(%lang_text %lang_err); # defined in lang/xy
########## MAIN ################################################## openwebmail_requestbegin();
load_owconf(\%config_raw, "$SCRIPT_DIR/etc/defaults/openwebmail.conf"); read_owconf(\%config, \%config_raw, "$SCRIPT_DIR/etc/openwebmail.conf") if (-f "$SCRIPT_DIR/etc/openwebmail.conf"); loadlang($config{'default_language'}); # so %lang... can be used in error msg
# check & create mapping table for solar/lunar, b2g, g2b convertion foreach my $table ('b2g', 'g2b', 'lunar') { if ( $config{$table.'_map'} && !ow::dbm::exist("$config{'ow_mapsdir'}/$table")) { print qq|Content-type: text/html\n\n|. qq|Please execute '$config{'ow_cgidir'}/openwebmail-tool.pl --init' on server first!|; openwebmail_exit(0); } }
if ($config{'logfile'}) { my $mailgid=getgrnam('mail'); my ($fmode, $fuid, $fgid) = (stat($config{'logfile'})); if ( !($fmode & 0100000) ) { open (LOGFILE,">>$config{'logfile'}") or openwebmailerror(__FILE__, __LINE__, "$lang_err{'couldnt_create'} $lang_text{'file'} $config{'logfile'}! ($!)"); close(LOGFILE); } chmod(0660, $config{'logfile'}) if (($fmode&0660)!=0660); chown($>, $mailgid, $config{'logfile'}) if ($fuid!=$>||$fgid!=$mailgid); }
if ( $config{'forced_ssl_login'} && # check the forced use of SSL !($ENV{'HTTPS'}=~/on/i||$ENV{'SERVER_PORT'}==443) ) { my ($start_url, $refresh, $js); $start_url=$config{'start_url'}; $start_url="https://$ENV{'HTTP_HOST'}$start_url" if ($start_url!~s!^https?://!https://!i); if ($ENV{'HTTP_USER_AGENT'}!~/MSIE.+Mac/) { # reload page with Refresh header only if not MSIE on Mac $refresh=qq|<meta http-equiv="refresh" content="5;URL=$start_url">|; } else { # reload page with java script if MSIE on Mac $js=qq|<script language="JavaScript">\n<!--\n|. qq|setTimeout("window.location.href='$start_url'", 5000);\n|. qq|//-->\n</script>|; } print qq|Content-type: text/html\n\n|. qq|<html><head>$refresh</head><body>\n|. qq|Service is available over SSL only,<br>\n|. qq|you will be redirected to <a href="$start_url">SSL login</a> page in 5 seconds...\n|. qq|$js\n|. qq|</body></html>\n|; openwebmail_exit(0); }
writelog("debug - request login begin - " .__FILE__.":". __LINE__) if ($config{'debug_request'}); if ( param('loginname') && param('password') ) { login(); } elsif (matchlist_fromhead('allowed_autologinip', ow::tool::clientip()) && cookie('ow-autologin')) { autologin(); } else { loginmenu(); # display login page if no login } writelog("debug - request login end - " .__FILE__.":". __LINE__) if ($config{'debug_request'});
openwebmail_requestend(); ########## END MAIN ##############################################
########## LOGINMENU ############################################# sub loginmenu { # clear vars that may have values from autologin ($domain, $user, $userrealname, $uuid, $ugid, $homedir)=('', '', '', '', '', '');
$logindomain=param('logindomain')||lc($ENV{'HTTP_HOST'}); $logindomain=~s/:\d+$//; # remove port number $logindomain=lc(safedomainname($logindomain)); $logindomain=$config{'domainname_equiv'}{'map'}{$logindomain} if (defined $config{'domainname_equiv'}{'map'}{$logindomain});
matchlist_exact('allowed_serverdomain', $logindomain) or openwebmailerror(__FILE__, __LINE__, "Service is not available for domain '$logindomain'");
read_owconf(\%config, \%config_raw, "$config{'ow_sitesconfdir'}/$logindomain") if ( -f "$config{'ow_sitesconfdir'}/$logindomain"); if ( $>!=0 && # setuid is required if spool is located in system dir !$config{'use_homedirspools'} && ($config{'mailspooldir'} eq "/var/mail" || $config{'mailspooldir'} eq "/var/spool/mail")) { print "Content-type: text/html\n\n'$0' must setuid to root"; openwebmail_exit(0); }
%prefs = readprefs(); %style = readstyle($prefs{'style'}); loadlang($prefs{'language'}); charset($prefs{'charset'}) if ($CGI::VERSION>=2.58); # setup charset of CGI module
my ($html, $temphtml); $html = applystyle(readtemplate("login.template"));
# remember params for redirection after login my $action=param('action'); $action='listmessages_afterlogin' if ($action eq 'listmessages'); if (defined $action_redirect{$action}) { $temphtml .= ow::tool::hiddens(action=>$action); foreach my $name (@{${$action_redirect{$action}}}) { $temphtml .= ow::tool::hiddens($name=>param($name)); } } $html =~ s/\@\@\@STARTFORM\@\@\@/$temphtml/;
# we set onChange to '' if browser is gecko based (eg:mozilla, firefox) to avoid the following warning in js console # "Permission denied to get property XULElement.selectedIndex' when calling method: "