Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 89f5e338 authored by Pierre-Alain Bandinelli's avatar Pierre-Alain Bandinelli
Browse files

Backporting commit... 

Backporting commit https://github.com/RainLoop/rainloop-webmail/commit/6f4b7b8156104dc5172910a93191bc39a34ee1e6 into the nextcloud version
parent 1f0cd323

rainloop/VERSION

+1 −1
Original line number Diff line number Diff line 
5.0.5
 
5.0.6

rainloop/appinfo/info.xml

+1 −1
Original line number Diff line number Diff line
@@ -5,7 +5,7 @@ 
	<name>RainLoop</name>

	<summary>RainLoop Webmail</summary>

	<description>Simple, modern and fast web-based email client. After enabling in Nextcloud, go to Nextcloud admin panel, "Additionnal settings" and you will see a "Rainloop webmail" section. There, click on the link to go to the Rainloop admin panel. The default user/password is admin/12345.</description>

	<version>5.0.5</version>

	<version>5.0.6</version>

	<licence>AGPL</licence>

	<author>RainLoop Team and Pierre-Alain Bandinelli</author>

	<ocsid>165254</ocsid>

rainloop/appinfo/version

+1 −1
Original line number Diff line number Diff line 
5.0.5
 
5.0.6

rainloop/lib/RainLoopHelper.php

+102 −13
Original line number Diff line number Diff line
@@ -63,25 +63,115 @@ class OC_RainLoop_Helper 
		return $sUrl;

	}



	/**

	 * @return boolean

	 */

	public static function mcryptSupported()

	{

		return function_exists('mcrypt_encrypt') &&

			function_exists('mcrypt_decrypt') &&

			defined('MCRYPT_RIJNDAEL_256') &&

			defined('MCRYPT_MODE_ECB');

	}



	/**

	 * @return string

	 */

	public static function openSslSupportedMethod()

	{

		$method = 'AES-256-CBC';

		return function_exists('openssl_encrypt') &&

			function_exists('openssl_decrypt') &&

			function_exists('openssl_random_pseudo_bytes') &&

			function_exists('openssl_cipher_iv_length') &&

			function_exists('openssl_get_cipher_methods') &&

			defined('OPENSSL_RAW_DATA') && defined('OPENSSL_ZERO_PADDING') &&

			in_array($method, openssl_get_cipher_methods()) ? $method : '';

	}



	/**

	 * @param string $sMethod

	 * @param string $sPassword

	 * @param string $sSalt

	 *

	 * @return string

	 */

	public static function encodePasswordSsl($sMethod, $sPassword, $sSalt)

	{

		$sData = base64_encode($sPassword);



		$iv = @openssl_random_pseudo_bytes(openssl_cipher_iv_length($sMethod));

		$r = @openssl_encrypt($sData, $sMethod, md5($sSalt), OPENSSL_RAW_DATA, $iv);



		return @base64_encode(base64_encode($r).'|'.base64_encode($iv));

	}



	/**

	 * @param string $sMethod

	 * @param string $sPassword

	 * @param string $sSalt

	 *

	 * @return string

	 */

	public static function decodePasswordSsl($sMethod, $sPassword, $sSalt)

	{

		$sLine = base64_decode(trim($sPassword));

		$aParts = explode('|', $sLine, 2);



		if (is_array($aParts) && !empty($aParts[0]) && !empty($aParts[1])) {



			$sData = @base64_decode($aParts[0]);

			$iv = @base64_decode($aParts[1]);



			return @base64_decode(trim(

				@openssl_decrypt($sData, $sMethod, md5($sSalt), OPENSSL_RAW_DATA, $iv)

			));

		}



		return '';

	}



	/**

	 * @param string $sPassword

	 * @param string $sSalt

	 *

	 * @return string

	 */

	public static function encodePassword($sPassword, $sSalt)

	{

		if (function_exists('mcrypt_encrypt') && function_exists('mcrypt_create_iv') && function_exists('mcrypt_get_iv_size') &&

			defined('MCRYPT_RIJNDAEL_256') && defined('MCRYPT_MODE_ECB') && defined('MCRYPT_RAND'))

		$method = self::openSslSupportedMethod();

		if ($method)

		{

			return @trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($sSalt), base64_encode($sPassword),

				MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))));

			return self::encodePasswordSsl($method, $sPassword, $sSalt);

		}

		else if (self::mcryptSupported())

		{

			return @trim(base64_encode(

				@mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($sSalt), base64_encode($sPassword), MCRYPT_MODE_ECB)

			));

		}



		return @trim(base64_encode($sPassword));

	}



	/**

	 * @param string $sPassword

	 * @param string $sSalt

	 *

	 * @return string

	 */

	public static function decodePassword($sPassword, $sSalt)

	{

		if (function_exists('mcrypt_encrypt') && function_exists('mcrypt_create_iv') && function_exists('mcrypt_get_iv_size') &&

			defined('MCRYPT_RIJNDAEL_256') && defined('MCRYPT_MODE_ECB') && defined('MCRYPT_RAND'))

		$method = self::openSslSupportedMethod();

		if ($method)

		{

			return self::decodePasswordSsl($method, $sPassword, $sSalt);

		}

		else if (self::mcryptSupported())

		{

			return @base64_decode(trim(@mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($sSalt), base64_decode(trim($sPassword)),

				MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))));

			return @base64_decode(trim(

				@mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($sSalt), base64_decode(trim($sPassword)), MCRYPT_MODE_ECB)

			));

		}



		return @base64_decode(trim($sPassword));
@@ -162,17 +252,16 @@ class OC_RainLoop_Helper 
			function __get_custom_data_full_path()

			{

				$sData = __DIR__.'/../../data/';

				$ocData = "";

				if (class_exists('OC_Config'))

				{

					$ocData = rtrim(trim(OC_Config::getValue('datadirectory', '')), '\\/').'/';

					$sData = rtrim(trim(OC_Config::getValue('datadirectory', '')), '\\/').'/';

				}

				else if (class_exists('OC'))

				{

					$ocData = rtrim(trim(OC::$server->getSystemConfig()->getValue('datadirectory', '')), '\\/').'/';

					$sData = rtrim(trim(OC::$server->getSystemConfig()->getValue('datadirectory', '')), '\\/').'/';

				}



				return @is_dir($ocData) ? $ocData.'rainloop-storage' : $sData.'rainloop-storage'; #Reverting to standard defined path if OC config returns a non existing path for data folder

				return @is_dir($sData) ? $sData.'rainloop-storage' : '';

			}

		}

	}