Page MenuHomePhorge
Differential D5118

2FA: Use 32-char (160bit) long secrets
ClosedPublic
Actions

Authored by machniak on Tue, Feb 25, 12:12 PM.

Details

Reviewers
mollekopf
Group Reviewers
Roundcube Kolab Plugins Developers
Commits
rRPK0d455af28061: 2FA: Use 32-char (160bit) long secrets
Summary

Also fix logger, so it does not log anything by default

Diff Detail

Repository
rRPK roundcubemail-plugins-kolab
Branch
dev/2fa-secret-length
Lint
Lint Skipped
Unit
No Test Coverage
Build Status
Buildable 52760
Build 18716: arc lint + arc unit

Event Timeline

machniak requested review of this revision.Tue, Feb 25, 12:12 PM
machniak created this revision.
Harbormaster completed remote builds in B52760: Diff 14672.Tue, Feb 25, 12:12 PM
machniak updated this revision to Diff 14674.Tue, Feb 25, 1:14 PM
  • Remove the config option, hardcode length=32
Harbormaster completed remote builds in B52764: Diff 14674.Tue, Feb 25, 1:14 PM
machniak retitled this revision from 2FA: Make secret's length configurable to 2FA: Use 32-char (160bit) long secrets.Tue, Feb 25, 1:15 PM
mollekopf accepted this revision.Tue, Feb 25, 1:50 PM
This revision is now accepted and ready to land.Tue, Feb 25, 1:50 PM
Closed by commit rRPK0d455af28061: 2FA: Use 32-char (160bit) long secrets. · Explain WhyThu, Feb 27, 3:45 PM
This revision was automatically updated to reflect the committed changes.
machniak added a commit: rRPK0d455af28061: 2FA: Use 32-char (160bit) long secrets.

Revision Contents
Changeset List

PathSize
plugins/
kolab_2fa/
4 lines
lib/
Kolab2FA/
Driver/
10 lines
Log/
4 lines

Diff 14672

View Options

plugins/kolab_2fa/config.inc.php.dist

Show First 20 LinesShow All 304 Lines▼ Show 20 Linesclass calendar_ui
/** /**
* Helper method to build a calendar list item (HTML content and js data) * Helper method to build a calendar list item (HTML content and js data)
*/ */
public function calendar_list_item($id, $prop, &$jsenv, $activeonly = false) public function calendar_list_item($id, $prop, &$jsenv, $activeonly = false)
{ {
// enrich calendar properties with settings from the driver // enrich calendar properties with settings from the driver
if (empty($prop['virtual'])) { if (empty($prop['virtual'])) {
unset($prop['user_id']); unset($prop['user_id']);
$feed = ['_cal' => $this->cal->ical_feed_hash($id) . '.ics', 'action' => 'feed'];
$prop['alarms'] = $this->cal->driver->alarms; $prop['alarms'] = $this->cal->driver->alarms;
$prop['attendees'] = $this->cal->driver->attendees; $prop['attendees'] = $this->cal->driver->attendees;
$prop['freebusy'] = $this->cal->driver->freebusy; $prop['freebusy'] = $this->cal->driver->freebusy;
$prop['attachments'] = $this->cal->driver->attachments; $prop['attachments'] = $this->cal->driver->attachments;
$prop['undelete'] = $this->cal->driver->undelete; $prop['undelete'] = $this->cal->driver->undelete;
$prop['feedurl'] = $this->cal->get_url( $prop['feedurl'] = $this->cal->get_url($feed);
[
'_cal' => $this->cal->ical_feed_hash($id) . '.ics',
'action' => 'feed',
]
);
$jsenv[$id] = $prop; $jsenv[$id] = $prop;
} }
if (!empty($prop['title'])) { if (!empty($prop['title'])) {
$title = $prop['title']; $title = $prop['title'];
} elseif ($prop['name'] != $prop['listname'] || strlen($prop['name']) > 25) { } elseif ($prop['name'] != $prop['listname'] || strlen($prop['name']) > 25) {
$title = html_entity_decode($prop['name'], ENT_COMPAT, RCUBE_CHARSET); $title = html_entity_decode($prop['name'], ENT_COMPAT, RCUBE_CHARSET);
} else { } else {
$title = ''; $title = '';
} }
$classes = ['calendar', 'cal-' . asciiwords($id, true)]; $classes = ['calendar', 'cal-' . asciiwords($id, true)];
if (!empty($prop['virtual'])) { if (!empty($prop['virtual'])) {
$classes[] = 'virtual'; $classes[] = 'virtual';
} elseif (empty($prop['editable'])) { } elseif (!empty($prop['rights']) && strpos($prop['rights'], 'i') === false && strpos($prop['rights'], 'w') === false) {
$classes[] = 'readonly'; $classes[] = 'readonly';
} }
if (!empty($prop['subscribed'])) { if (!empty($prop['subscribed'])) {
$classes[] = 'subscribed'; $classes[] = 'subscribed';
if ($prop['subscribed'] === 2) { if ($prop['subscribed'] === 2) {
$classes[] = 'partial'; $classes[] = 'partial';
} }
} }
if (!empty($prop['class'])) { if (!empty($prop['class'])) {
$classes[] = $prop['class']; $classes[] = $prop['class'];
} }
$content = ''; $content = '';
if (!$activeonly || !empty($prop['active'])) { if (!$activeonly || !empty($prop['active'])) {
$label_id = 'cl:' . $id; $label_id = 'cl:' . $id;
$content = html::a( $content = html::a(
['class' => 'calname', 'id' => $label_id, 'title' => $title, 'href' => '#'], ['class' => 'calname', 'id' => $label_id, 'title' => $title, 'href' => '#'],
rcube::Q(!empty($prop['editname']) ? $prop['editname'] : $prop['listname']) rcube::Q(!empty($prop['listname']) ? $prop['listname'] : $prop['name'])
); );
if (empty($prop['virtual'])) { if (empty($prop['virtual'])) {
$color = !empty($prop['color']) ? $prop['color'] : 'f00'; $color = !empty($prop['color']) ? $prop['color'] : 'f00';
$actions = ''; $actions = '';
if (!empty($prop['removable'])) { if (!empty($prop['removable'])) {
$actions .= html::a( $actions .= html::a(
[ [
'href' => '#', 'href' => '#',
'class' => 'remove', 'class' => 'remove',
'title' => $this->cal->gettext('removelist'), 'title' => $this->cal->gettext('removelist'),
], ],
' ' ' '
); );
} }
$actions .= html::a( $actions .= html::a(
[ [
'href' => '#', 'href' => '#',
'class' => 'quickview', 'class' => 'quickview',
'title' => $this->cal->gettext('quickview'), 'title' => $this->cal->gettext('quickview'),
'role' => 'checkbox', 'role' => 'checkbox',
'aria-checked' => 'false', 'aria-checked' => 'false',
'style' => !empty($prop['share_invitation']) ? 'display:none' : null,
], ],
'' ' '
); );
if (!isset($prop['subscriptions']) || $prop['subscriptions'] !== false) { if (!isset($prop['subscriptions']) || $prop['subscriptions'] !== false) {
if (!empty($prop['subscribed'])) { if (!empty($prop['subscribed'])) {
$actions .= html::a( $actions .= html::a(
[ [
'href' => '#', 'href' => '#',
'class' => 'subscribed', 'class' => 'subscribed',
'title' => $this->cal->gettext('calendarsubscribe'), 'title' => $this->cal->gettext('calendarsubscribe'),
'role' => 'checkbox', 'role' => 'checkbox',
'aria-checked' => !empty($prop['subscribed']) ? 'true' : 'false', 'aria-checked' => !empty($prop['subscribed']) ? 'true' : 'false',
], ],
' ' ' '
); );
} }
} }
$content .= html::tag('input', [ $content .= html::tag('input', [
'type' => 'checkbox', 'type' => 'checkbox',
'name' => '_cal[]', 'name' => '_cal[]',
'value' => $id, 'value' => $id,
'checked' => !empty($prop['active']), 'checked' => !empty($prop['active']) && empty($prop['share_invitation']),
'aria-labelledby' => $label_id, 'aria-labelledby' => $label_id,
]) ])
. html::span('actions', $actions) . html::span('actions', $actions)
. html::span(['class' => 'handle', 'style' => "background-color: #$color"], ' '); . html::span(['class' => 'handle', 'style' => "background-color: #$color"], ' ');
} }
$content = html::div(implode(' ', $classes), $content); $content = html::div(implode(' ', $classes), $content);
} }
Show All 34 Linesclass calendar_ui
public function calendar_select($attrib = []) public function calendar_select($attrib = [])
{ {
$attrib['name'] = 'calendar'; $attrib['name'] = 'calendar';
$attrib['is_escaped'] = true; $attrib['is_escaped'] = true;
$select = new html_select($attrib); $select = new html_select($attrib);
foreach ((array) $this->cal->driver->list_calendars() as $id => $prop) { foreach ((array) $this->cal->driver->list_calendars() as $id => $prop) {
if ( if (!empty($prop['rights']) && strpos($prop['rights'], 'i') !== false) {
!empty($prop['editable'])
|| (!empty($prop['rights']) && strpos($prop['rights'], 'i') !== false)
) {
$select->add($prop['name'], $id); $select->add($prop['name'], $id);
} }
} }
return $select->show(null); return $select->show(null);
} }
/** /**
▲ Show 20 LinesShow All 602 LinesShow Last 20 Lines
View Options

plugins/kolab_2fa/lib/Kolab2FA/Driver/Base.php

Show First 20 LinesShow All 304 Lines▼ Show 20 Linesclass calendar_ui
/** /**
* Helper method to build a calendar list item (HTML content and js data) * Helper method to build a calendar list item (HTML content and js data)
*/ */
public function calendar_list_item($id, $prop, &$jsenv, $activeonly = false) public function calendar_list_item($id, $prop, &$jsenv, $activeonly = false)
{ {
// enrich calendar properties with settings from the driver // enrich calendar properties with settings from the driver
if (empty($prop['virtual'])) { if (empty($prop['virtual'])) {
unset($prop['user_id']); unset($prop['user_id']);
$feed = ['_cal' => $this->cal->ical_feed_hash($id) . '.ics', 'action' => 'feed'];
$prop['alarms'] = $this->cal->driver->alarms; $prop['alarms'] = $this->cal->driver->alarms;
$prop['attendees'] = $this->cal->driver->attendees; $prop['attendees'] = $this->cal->driver->attendees;
$prop['freebusy'] = $this->cal->driver->freebusy; $prop['freebusy'] = $this->cal->driver->freebusy;
$prop['attachments'] = $this->cal->driver->attachments; $prop['attachments'] = $this->cal->driver->attachments;
$prop['undelete'] = $this->cal->driver->undelete; $prop['undelete'] = $this->cal->driver->undelete;
$prop['feedurl'] = $this->cal->get_url( $prop['feedurl'] = $this->cal->get_url($feed);
[
'_cal' => $this->cal->ical_feed_hash($id) . '.ics',
'action' => 'feed',
]
);
$jsenv[$id] = $prop; $jsenv[$id] = $prop;
} }
if (!empty($prop['title'])) { if (!empty($prop['title'])) {
$title = $prop['title']; $title = $prop['title'];
} elseif ($prop['name'] != $prop['listname'] || strlen($prop['name']) > 25) { } elseif ($prop['name'] != $prop['listname'] || strlen($prop['name']) > 25) {
$title = html_entity_decode($prop['name'], ENT_COMPAT, RCUBE_CHARSET); $title = html_entity_decode($prop['name'], ENT_COMPAT, RCUBE_CHARSET);
} else { } else {
$title = ''; $title = '';
} }
$classes = ['calendar', 'cal-' . asciiwords($id, true)]; $classes = ['calendar', 'cal-' . asciiwords($id, true)];
if (!empty($prop['virtual'])) { if (!empty($prop['virtual'])) {
$classes[] = 'virtual'; $classes[] = 'virtual';
} elseif (empty($prop['editable'])) { } elseif (!empty($prop['rights']) && strpos($prop['rights'], 'i') === false && strpos($prop['rights'], 'w') === false) {
$classes[] = 'readonly'; $classes[] = 'readonly';
} }
if (!empty($prop['subscribed'])) { if (!empty($prop['subscribed'])) {
$classes[] = 'subscribed'; $classes[] = 'subscribed';
if ($prop['subscribed'] === 2) { if ($prop['subscribed'] === 2) {
$classes[] = 'partial'; $classes[] = 'partial';
} }
} }
if (!empty($prop['class'])) { if (!empty($prop['class'])) {
$classes[] = $prop['class']; $classes[] = $prop['class'];
} }
$content = ''; $content = '';
if (!$activeonly || !empty($prop['active'])) { if (!$activeonly || !empty($prop['active'])) {
$label_id = 'cl:' . $id; $label_id = 'cl:' . $id;
$content = html::a( $content = html::a(
['class' => 'calname', 'id' => $label_id, 'title' => $title, 'href' => '#'], ['class' => 'calname', 'id' => $label_id, 'title' => $title, 'href' => '#'],
rcube::Q(!empty($prop['editname']) ? $prop['editname'] : $prop['listname']) rcube::Q(!empty($prop['listname']) ? $prop['listname'] : $prop['name'])
); );
if (empty($prop['virtual'])) { if (empty($prop['virtual'])) {
$color = !empty($prop['color']) ? $prop['color'] : 'f00'; $color = !empty($prop['color']) ? $prop['color'] : 'f00';
$actions = ''; $actions = '';
if (!empty($prop['removable'])) { if (!empty($prop['removable'])) {
$actions .= html::a( $actions .= html::a(
[ [
'href' => '#', 'href' => '#',
'class' => 'remove', 'class' => 'remove',
'title' => $this->cal->gettext('removelist'), 'title' => $this->cal->gettext('removelist'),
], ],
' ' ' '
); );
} }
$actions .= html::a( $actions .= html::a(
[ [
'href' => '#', 'href' => '#',
'class' => 'quickview', 'class' => 'quickview',
'title' => $this->cal->gettext('quickview'), 'title' => $this->cal->gettext('quickview'),
'role' => 'checkbox', 'role' => 'checkbox',
'aria-checked' => 'false', 'aria-checked' => 'false',
'style' => !empty($prop['share_invitation']) ? 'display:none' : null,
], ],
'' ' '
); );
if (!isset($prop['subscriptions']) || $prop['subscriptions'] !== false) { if (!isset($prop['subscriptions']) || $prop['subscriptions'] !== false) {
if (!empty($prop['subscribed'])) { if (!empty($prop['subscribed'])) {
$actions .= html::a( $actions .= html::a(
[ [
'href' => '#', 'href' => '#',
'class' => 'subscribed', 'class' => 'subscribed',
'title' => $this->cal->gettext('calendarsubscribe'), 'title' => $this->cal->gettext('calendarsubscribe'),
'role' => 'checkbox', 'role' => 'checkbox',
'aria-checked' => !empty($prop['subscribed']) ? 'true' : 'false', 'aria-checked' => !empty($prop['subscribed']) ? 'true' : 'false',
], ],
' ' ' '
); );
} }
} }
$content .= html::tag('input', [ $content .= html::tag('input', [
'type' => 'checkbox', 'type' => 'checkbox',
'name' => '_cal[]', 'name' => '_cal[]',
'value' => $id, 'value' => $id,
'checked' => !empty($prop['active']), 'checked' => !empty($prop['active']) && empty($prop['share_invitation']),
'aria-labelledby' => $label_id, 'aria-labelledby' => $label_id,
]) ])
. html::span('actions', $actions) . html::span('actions', $actions)
. html::span(['class' => 'handle', 'style' => "background-color: #$color"], ' '); . html::span(['class' => 'handle', 'style' => "background-color: #$color"], ' ');
} }
$content = html::div(implode(' ', $classes), $content); $content = html::div(implode(' ', $classes), $content);
} }
Show All 34 Linesclass calendar_ui
public function calendar_select($attrib = []) public function calendar_select($attrib = [])
{ {
$attrib['name'] = 'calendar'; $attrib['name'] = 'calendar';
$attrib['is_escaped'] = true; $attrib['is_escaped'] = true;
$select = new html_select($attrib); $select = new html_select($attrib);
foreach ((array) $this->cal->driver->list_calendars() as $id => $prop) { foreach ((array) $this->cal->driver->list_calendars() as $id => $prop) {
if ( if (!empty($prop['rights']) && strpos($prop['rights'], 'i') !== false) {
!empty($prop['editable'])
|| (!empty($prop['rights']) && strpos($prop['rights'], 'i') !== false)
) {
$select->add($prop['name'], $id); $select->add($prop['name'], $id);
} }
} }
return $select->show(null); return $select->show(null);
} }
/** /**
▲ Show 20 LinesShow All 602 LinesShow Last 20 Lines
View Options

plugins/kolab_2fa/lib/Kolab2FA/Log/RcubeLogger.php

Show First 20 LinesShow All 304 Lines▼ Show 20 Linesclass calendar_ui
/** /**
* Helper method to build a calendar list item (HTML content and js data) * Helper method to build a calendar list item (HTML content and js data)
*/ */
public function calendar_list_item($id, $prop, &$jsenv, $activeonly = false) public function calendar_list_item($id, $prop, &$jsenv, $activeonly = false)
{ {
// enrich calendar properties with settings from the driver // enrich calendar properties with settings from the driver
if (empty($prop['virtual'])) { if (empty($prop['virtual'])) {
unset($prop['user_id']); unset($prop['user_id']);
$feed = ['_cal' => $this->cal->ical_feed_hash($id) . '.ics', 'action' => 'feed'];
$prop['alarms'] = $this->cal->driver->alarms; $prop['alarms'] = $this->cal->driver->alarms;
$prop['attendees'] = $this->cal->driver->attendees; $prop['attendees'] = $this->cal->driver->attendees;
$prop['freebusy'] = $this->cal->driver->freebusy; $prop['freebusy'] = $this->cal->driver->freebusy;
$prop['attachments'] = $this->cal->driver->attachments; $prop['attachments'] = $this->cal->driver->attachments;
$prop['undelete'] = $this->cal->driver->undelete; $prop['undelete'] = $this->cal->driver->undelete;
$prop['feedurl'] = $this->cal->get_url( $prop['feedurl'] = $this->cal->get_url($feed);
[
'_cal' => $this->cal->ical_feed_hash($id) . '.ics',
'action' => 'feed',
]
);
$jsenv[$id] = $prop; $jsenv[$id] = $prop;
} }
if (!empty($prop['title'])) { if (!empty($prop['title'])) {
$title = $prop['title']; $title = $prop['title'];
} elseif ($prop['name'] != $prop['listname'] || strlen($prop['name']) > 25) { } elseif ($prop['name'] != $prop['listname'] || strlen($prop['name']) > 25) {
$title = html_entity_decode($prop['name'], ENT_COMPAT, RCUBE_CHARSET); $title = html_entity_decode($prop['name'], ENT_COMPAT, RCUBE_CHARSET);
} else { } else {
$title = ''; $title = '';
} }
$classes = ['calendar', 'cal-' . asciiwords($id, true)]; $classes = ['calendar', 'cal-' . asciiwords($id, true)];
if (!empty($prop['virtual'])) { if (!empty($prop['virtual'])) {
$classes[] = 'virtual'; $classes[] = 'virtual';
} elseif (empty($prop['editable'])) { } elseif (!empty($prop['rights']) && strpos($prop['rights'], 'i') === false && strpos($prop['rights'], 'w') === false) {
$classes[] = 'readonly'; $classes[] = 'readonly';
} }
if (!empty($prop['subscribed'])) { if (!empty($prop['subscribed'])) {
$classes[] = 'subscribed'; $classes[] = 'subscribed';
if ($prop['subscribed'] === 2) { if ($prop['subscribed'] === 2) {
$classes[] = 'partial'; $classes[] = 'partial';
} }
} }
if (!empty($prop['class'])) { if (!empty($prop['class'])) {
$classes[] = $prop['class']; $classes[] = $prop['class'];
} }
$content = ''; $content = '';
if (!$activeonly || !empty($prop['active'])) { if (!$activeonly || !empty($prop['active'])) {
$label_id = 'cl:' . $id; $label_id = 'cl:' . $id;
$content = html::a( $content = html::a(
['class' => 'calname', 'id' => $label_id, 'title' => $title, 'href' => '#'], ['class' => 'calname', 'id' => $label_id, 'title' => $title, 'href' => '#'],
rcube::Q(!empty($prop['editname']) ? $prop['editname'] : $prop['listname']) rcube::Q(!empty($prop['listname']) ? $prop['listname'] : $prop['name'])
); );
if (empty($prop['virtual'])) { if (empty($prop['virtual'])) {
$color = !empty($prop['color']) ? $prop['color'] : 'f00'; $color = !empty($prop['color']) ? $prop['color'] : 'f00';
$actions = ''; $actions = '';
if (!empty($prop['removable'])) { if (!empty($prop['removable'])) {
$actions .= html::a( $actions .= html::a(
[ [
'href' => '#', 'href' => '#',
'class' => 'remove', 'class' => 'remove',
'title' => $this->cal->gettext('removelist'), 'title' => $this->cal->gettext('removelist'),
], ],
' ' ' '
); );
} }
$actions .= html::a( $actions .= html::a(
[ [
'href' => '#', 'href' => '#',
'class' => 'quickview', 'class' => 'quickview',
'title' => $this->cal->gettext('quickview'), 'title' => $this->cal->gettext('quickview'),
'role' => 'checkbox', 'role' => 'checkbox',
'aria-checked' => 'false', 'aria-checked' => 'false',
'style' => !empty($prop['share_invitation']) ? 'display:none' : null,
], ],
'' ' '
); );
if (!isset($prop['subscriptions']) || $prop['subscriptions'] !== false) { if (!isset($prop['subscriptions']) || $prop['subscriptions'] !== false) {
if (!empty($prop['subscribed'])) { if (!empty($prop['subscribed'])) {
$actions .= html::a( $actions .= html::a(
[ [
'href' => '#', 'href' => '#',
'class' => 'subscribed', 'class' => 'subscribed',
'title' => $this->cal->gettext('calendarsubscribe'), 'title' => $this->cal->gettext('calendarsubscribe'),
'role' => 'checkbox', 'role' => 'checkbox',
'aria-checked' => !empty($prop['subscribed']) ? 'true' : 'false', 'aria-checked' => !empty($prop['subscribed']) ? 'true' : 'false',
], ],
' ' ' '
); );
} }
} }
$content .= html::tag('input', [ $content .= html::tag('input', [
'type' => 'checkbox', 'type' => 'checkbox',
'name' => '_cal[]', 'name' => '_cal[]',
'value' => $id, 'value' => $id,
'checked' => !empty($prop['active']), 'checked' => !empty($prop['active']) && empty($prop['share_invitation']),
'aria-labelledby' => $label_id, 'aria-labelledby' => $label_id,
]) ])
. html::span('actions', $actions) . html::span('actions', $actions)
. html::span(['class' => 'handle', 'style' => "background-color: #$color"], ' '); . html::span(['class' => 'handle', 'style' => "background-color: #$color"], ' ');
} }
$content = html::div(implode(' ', $classes), $content); $content = html::div(implode(' ', $classes), $content);
} }
Show All 34 Linesclass calendar_ui
public function calendar_select($attrib = []) public function calendar_select($attrib = [])
{ {
$attrib['name'] = 'calendar'; $attrib['name'] = 'calendar';
$attrib['is_escaped'] = true; $attrib['is_escaped'] = true;
$select = new html_select($attrib); $select = new html_select($attrib);
foreach ((array) $this->cal->driver->list_calendars() as $id => $prop) { foreach ((array) $this->cal->driver->list_calendars() as $id => $prop) {
if ( if (!empty($prop['rights']) && strpos($prop['rights'], 'i') !== false) {
!empty($prop['editable'])
|| (!empty($prop['rights']) && strpos($prop['rights'], 'i') !== false)
) {
$select->add($prop['name'], $id); $select->add($prop['name'], $id);
} }
} }
return $select->show(null); return $select->show(null);
} }
/** /**
▲ Show 20 LinesShow All 602 LinesShow Last 20 Lines