'Re: [SM-PLUGINS] Issue with vlogin + secure_login and'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squirrelmail-plugins
Subject:    Re: [SM-PLUGINS] Issue with vlogin + secure_login and
From:       Paul Lesniewski <paul () squirrelmail ! org>
Date:       2009-10-20 3:59:05
Message-ID: 58191e420910192059l74782186t3424d97a79570b10 () mail ! gmail ! com
[Download RAW message or body]

Very sorry for the long delay.  Thank you for your thorough posting.  See below.

On Thu, Sep 24, 2009 at 6:08 AM, Brett Johnson <brett@blzj.com> wrote:
> Hello,
> 
> I am using SM 1.4.19 and I am having an issue with the vlogin 3.10.1
> plugin in conjunction with the secure_login 1.4 plugin using the
> allVirtualDomainsAreUnderOneHost setting. I'm not sure if the behavior I
> am seeing is normal or not. My goal is when a user accesses a SM virtual
> domain, they are redirected to a single SSL domain login page. The user
> only enters their username (without @domain) to login. Vlogin should
> append the virtual domain to the username. What I see is vlogin always
> appends the SSL domain name to the username.
> 
> Here are my configuration files:
> 
> secure_login/config.php
> =======================
> $change_back_to_http_after_login = 0;
> $remain_in_https_if_logged_in_using_https = 0;
> $allVirtualDomainsUnderOneSSLHost =
> 'https://secure.tld/###DOMAIN######PATH###';
> $entryPointDomainPattern = '';
> $entryPointPathPattern   = '';
> $entryPointQueryPattern  = '';
> $nonStandardHttpPort = '';
> $sl_obey_x_forwarded_headers = 0;
> $sl_debug = 0;
> 
> vlogin/data/config.php
> ======================
> $useSessionBased = 0;
> $virtualDomains = array(
> 'virt1' => array(
> 'domain'     => 'virt1.tld',
> 'org_name'   => 'Virtual One',
> 'org_title'  => '(isset($_SESSION["username"]) ? $_SESSION["username"] .
> " - Mail" : "Mail")',
> 'settingsWithEmbeddedPHP' => array( 'org_title',),
> ),
> 'virt2' => array(
> 'domain'     => 'virt2.tld',
> 'org_name'   => 'Virtual Two',
> 'org_title'  => '(isset($_SESSION["username"]) ? $_SESSION["username"] .
> " - Mail" : "Mail")',
> 'settingsWithEmbeddedPHP' => array( 'org_title',),
> ),
> 'virt3' => array(
> 'domain'     => 'virt3.tld',
> 'org_name'   => 'Virtual Three',
> 'org_title'  => '(isset($_SESSION["username"]) ? $_SESSION["username"] .
> " - Mail" : "Mail")',
> 'settingsWithEmbeddedPHP' => array( 'org_title',),
> ),
> 'virt4' => array(
> 'domain'     => 'virt4.tld',
> 'org_name'   => 'Virtual Four',
> 'org_title'  => '(isset($_SESSION["username"]) ? $_SESSION["username"] .
> " - Mail" : "Mail")',
> 'settingsWithEmbeddedPHP' => array( 'org_title',),
> ),
> 'virt5' => array(
> 'domain'     => 'virt5.tld',
> 'org_name'   => 'Virtual Five',
> 'org_title'  => '(isset($_SESSION["username"]) ? $_SESSION["username"] .
> " - Mail" : "Mail")',
> 'settingsWithEmbeddedPHP' => array( 'org_title',),
> ),
> );
> $useDomainFromVirtDomainsArray = 1;
> $useDomainFromServerEnvironment = '';
> $reverseDotSectionOrder = 0;
> $numberOfDotSections = 2;
> $removeFromFront = 1;
> $checkByExcludeList = 1;
> $notPartOfDomainName = array('www','mail','mail2','webmail');
> $always_prepend = '';
> $always_append = '';
> $chopOffDotSectionsFromLeft = 0;
> $chopOffDotSectionsFromRight = 0;
> $at = '@';
> $dot = '.';
> $atConversion = array();
> $forceLowercase = 0;
> $replacements = array(
> );
> $alwaysAddHostName = 0;
> $putHostNameOnFrontOfUsername = 0;
> $dontUseHostName = 0;
> $dontUseHostNameUserList = array(
> );
> $smHostIsDomainThatUserLoggedInWith = 1;
> $removeDomainIfGiven = 0;
> $usernameDomainIsHost = 0;
> $rawLoginIsOutgoingEmailAddress = 0;
> $appendDomainToOutgoingEmailAddress = 0;
> $virtualDomainDataDir = '';
> $allVirtualDomainsAreUnderOneHost = '/[\/]*(.*?)(\/|$)/';

> From the information below, it looks like the redirect is correctly going to:

secure.tld/webmail.virt1.tld/src/redirect.php

Is that correct (with "https://" pre-pended, of course)?

The $allVirtualDomainsAreUnderOneHost pattern above is intended to
take the part of that address string that comes after the first slash
and before the 2nd one.  So if it's instead grabbing "secure.tld" my
guess is that the pattern needs to use the + quantifier rather than *.
 Can you please UNDO your patch and try this change to the
$allVirtualDomainsAreUnderOneHost pattern instead?

$allVirtualDomainsAreUnderOneHost = '/[\/]+(.*?)(\/|$)/';

Thank you

> $securePort = 443;
> $stripDomainFromUserSubstitution = 0;
> $usernameReplacements = array(
> );
> $sendmailVirtualUserTable = '';
> $virtualUserTableDBFlavor = '';
> $postProcessingPattern = '';
> $postProcessingReplacement = '';
> $translateHostnameTable = '';
> $pathToQmail = '';
> $default_org_logo = '';
> $perUserSettingsFile = '';
> $IMAPServerRules = array(
> );
> $SMTPServerRules = array(
> );
> $serviceLevelBackend = 0;
> $internalServiceLevelFile =
> '/path/to/squirrelmail/plugins/vlogin/data/service_levels.php';
> $sqlServiceLevelQuery = 'SELECT service_level FROM users WHERE username
> = "%1"';
> $SQLDatabaseDomainLookup = '';
> $SQLDatabaseUserLookup = '';
> $SQLDatabaseServiceLevelLookup = '';
> $vlogin_dsn = 'mysql://user:password@localhost/email_users';
> $override_config_during_login = 1;
> $vlogin_debug = 1;
> 
> Here is the vlogin debug output:
> 
> Your original username was:
> test
> > 
> > ______________________________________________________________________
> Your IMAP login was resolved to:
> test@secure.tld
> > 
> > ______________________________________________________________________
> $hostname is secure.tld
> 
> PHP_SELF is /webmail.virt1.tld/src/redirect.php
> 
> ________________________________________________________________________
> IMAP server: localhost
> 
> 
> The PHP_SELF variable contains the correct virtual domain but the IMAP
> login gets constructed with the SSL domain.
> 
> After playing around with the plugin a bit, I was able to get the plugin
> to append the virtual domain by removing "$hostname ." from the
> preg_match call in the determine_user_hostname function in
> functions.php:
> 
> --- functions.orig      2009-09-24 08:46:22.000000000 -0400
> +++ functions.php       2009-09-24 08:47:46.000000000 -0400
> @@ -1025,7 +1025,7 @@
> //
> // run pattern match against full URI starting after the protocol
> (http(s)://)
> //
> -      preg_match($allVirtualDomainsAreUnderOneHost, $hostname .
> (strpos($_SERVER['PHP_SELF'], '/') === 0 ? '' : '/') .
> $_SERVER['PHP_SELF'] . (empty($_SERVER['QUERY_STRING']) ? '' :
> (strpos($_SERVER['QUERY_STRING'], '?') === 0 ? '' : '?') .
> $_SERVER['QUERY_STRING']), $matches);
> +      preg_match($allVirtualDomainsAreUnderOneHost,
> (strpos($_SERVER['PHP_SELF'], '/') === 0 ? '' : '/') .
> $_SERVER['PHP_SELF'] . (empty($_SERVER['QUERY_STRING']) ? '' :
> (strpos($_SERVER['QUERY_STRING'], '?') === 0 ? '' : '?') .
> $_SERVER['QUERY_STRING']), $matches);
> $hostname = $matches[1];
> 
> }
> 
> Here is the debug output after making the change defined above:
> 
> Your original username was:
> test
> 
> ________________________________________________________________________
> Your IMAP login was resolved to:
> test@virt1.tld
> 
> ________________________________________________________________________
> $hostname is virt1.tld
> 
> PHP_SELF is /webmail.vitr1.tld/src/redirect.php
> 
> ________________________________________________________________________
> IMAP server: localhost
> 
> I am wondering if there is something wrong in my configuration or if
> this behavior is a bug. If this behavior is incorrect, is the code
> change I made above the correct solution, or is a better solution?
> 
> --
> Regards,
> 
> Brett Johnson


-- 
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php

------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay 
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
-----
squirrelmail-plugins mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-plugins@lists.sourceforge.net
List archives: http://news.gmane.org/gmane.mail.squirrelmail.plugins
List info (subscribe/unsubscribe/change options): \
https://lists.sourceforge.net/lists/listinfo/squirrelmail-plugins


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic