Skip to content

Z
z-push
Commit ec254052 authored by Sebastian Kummer's avatar Sebastian Kummer
Browse files
Options

Merge pull request #394 in ZP/z-push from develop to release/2.3 

* commit '016e688b':
  ZP-1073 Use exit() instead of die().
  ZP-1076 Catch StatusException in ZPushAdmin::GetDeviceDetails().
  ZP-1073 list-shared-folders script, incl. usage examples (in file).
  ZP-1073 Refactor Utils::GetFolderOriginFromId() into GetFolderOriginStringFromId() so GetFolderOriginFromId() returns a value comparable to DeviceManager::FLD_ORIGIN_*.
  ZP-1017 Replace z-push.sf.net url with z-push.org.
  ZP-1062 depend on php instead of php7.0. Released under the Affero GNU General Public License (AGPL) version 3.
  ZP-1058 autodiscover: Fix mistake: always send response
  ZP-1056 Fail earlier when no password is provided. Log used username before trying to login in the backend. The $username will always be set and doesn't need to be checked again.
  ZP-1056 Fix authorization encoding and also add it to autodiscover. Released under the Affero GNU General Public License (AGPL) version 3.
  ZP-1058 autodiscover: Rework exception handling to match z-push core.
  ZP-1058 autodiscover: Print IP to log on failed authentication for usage with e.g. fail2ban
parents 0155d641 016e688b
Hide whitespace changes
Inline Side-by-side
Showing with 440 additions and 256 deletions
build/deb/debian.control
View file @ ec254052
......@@ -8,7 +8,7 @@ Homepage: http://z-push.org
Package: z-push-common
Architecture: all
Depends: ${misc:Depends}, php5 (>= 5.4) | php7.0, php5-cli | php7.0-cli, php-soap
Depends: ${misc:Depends}, php5 (>= 5.4) | php (>= 5.4) , php5-cli | php-cli, php-soap
Conflicts: d-push, z-push
Replaces: d-push, z-push
Description: open source implementation of the ActiveSync protocol
......@@ -26,7 +26,7 @@ Description: Z-Push caldav backend
Package: z-push-backend-carddav
Architecture: all
Depends: ${misc:Depends}, z-push-common (= ${binary:Version}), php-curl | php5-curl, php5-xsl | php7.0-xsl
Depends: ${misc:Depends}, z-push-common (= ${binary:Version}), php-curl | php5-curl, php5-xsl | php-xml
Description: Z-Push carddav backend
Backend for Z-Push, that adds the ability to connect to a carddav server
......
src/autodiscover/INSTALL
View file @ ec254052
Z-Push AutoDiscover manual
--------------------------
This manual gives an introduction to the Z-Push AutoDiscover service, discusses
technical details and explains the installation.
Introduction
------------
AutoDiscover is the service used to simplify the configuration of collaboration
accounts for clients, especially for mobile phones.
While in the past the user was required to enter the server name, user name and
password manually into his mobile phone in order to connect, with AutoDiscover
the user is only required to fill in his email address and the password.
AutoDiscover will try several methods to reach the correct server automatically.
How does it work?
-----------------
When speaking about AutoDiscover, this includes two distinct realms:
- AutoDiscover is a specification which defines the steps a client should take
in order to contact a service to request additional data.
- The AutoDiscover service is piece of software which accepts requests from the
clients, authenticates them, requests some additional data from the
collaboration server and sends this data back to the client.
The specification suggests several ways for client to contact the responsible
server to receive additional information. Tests have shown, that basically all
mobile phones tested support only the most basic ways. These are sufficient for
almost all types of scenarios and are the ones implemented by Z-Push AutoDiscover.
Please refer to the Mobile Compatibility List (http://z-push.sf.net/compatibility)
for an overview of supported and tested devices.
The used email address is the key for the process. The client splits it up into
the local and domain part (before and after the @-sign). The client then tries
to connect to this domain in order to get in contact with the AutoDiscover
service. The local part of the email address is used as "login" to the
AutoDiscover service. There is also an option, to use the full email address as
login name (see "Configuration" section below for details).
---------------
| Client |
| e.g. mobile |
---------------
/ \
1. Searches for / \ 2. Data access
information / \
/ \
V V
---------------- --------------
| AutoDiscover | redirects to | Z-Push |
| | --------------------> | ActiveSync |
---------------- --------------
\ /
Authen- \ / Synchronizes
ticates \ /
via Z-Push \ /
Backend V V
-----------------
| Collaboration |
| Platform |
-----------------
Requirements
------------
As described in the previous chapter, the local part of the email address or
the email address is used in order to log in.
Your configuration requires that this type of login is possible:
- either the user name is used to login and must be used in the email address
entered on the mobile, or
- the entire email address is used to login.
Which option is used has to be configured in the AutoDiscover configuration and
in the underlying platform (e.g. KC (hosting mode)).
Most companies use the user name as local part of the email by default. From the
AutoDiscover point of view, it is not required that user is able to receive
emails at the used email address. It is recommended allowing that in order not
to confuse end users.
AutoDiscover also requires a valid SSL certificate to work as expected. A very
little percentage of mobiles support self-signed certificates (showing a
pop-up alerting the user). Most mobiles silently ignore self-signed certificates
and just declare the AutoDiscover process as failed in such cases.
If AutoDiscover fails, the user is generally redirected to the
"manual configuration" of the client.
If you do not plan to acquire an official certificate, you will probably not be
able to use the AutoDiscover service.
Depending on your setup, it could be necessary to add new DNS entries for your
mail domain.
Domain setup
------------
There are two general ways the AutoDiscover process can be configured:
1. Directly with "yourdomain.com" website ("www.yourdomain.com" will most
probably not work)
2. With the sub-domain "autodiscover.yourdomain.com"
In both cases, an official SSL certificate is required. If you already have a
certificate for your domain, the webserver answering for that domain could be
reconfigured to allow AutoDiscover requests as well. In the case that you do
not have direct access to this type of configuration (e.g. hosting provider),
it's recommended to acquire a dedicated certificate for
"autodiscover.yourdomain.com". Please note, that this sub-domain can NOT be
renamed. In general, "wildcard" certificates can be used, as long they are
valid for the required domain.
Software requirements
---------------------
Like Z-Push, AutoDiscover is written in PHP, where PHP 5.1 or newer is required.
Please consult the Z-Push INSTALL file for further information about PHP versions.
If only AutoDiscover is to be executed on a host, the Z-Push PHP dependencies do
NOT need to be installed.
AutoDiscover has one direct dependency, the php-xml parser library.
These packages vary in names between the distributions.
- Generally install the packages: php-xml
- On Suse (SLES & OpenSuse) install the packages: php53-xml
- On RHEL based systems install the package: php-xml
Installation
------------
AutoDiscover is part of the Z-Push package and uses some of the functionality
available in Z-Push.
It is possible to install AutoDiscover on the same host as Z-Push, or to
install them on different hosts.
Currently, independently from the setup, it's recommended to extract the entire
z-push tarball and configure the services as required.
Please follow the install instructions from the Z-Push INSTALL file (section
"How to install") to copy the files to your server.
If you do not want to setup Z-Push on the host, do not add the "Alias" for
ActiveSync.
To setup the SSL certificate, please refer to one of the many setup guides
available on the internet, like that one:
http://www.apache.com/resources/how-to-setup-an-ssl-certificate-on-apache/
The mobiles requests these URLs (where "yourdomain.com" corresponds to the
domain part of the email used in the client):
https://yourdomain.com/Autodiscover/Autodiscover.xml and/or
https://autodiscover.yourdomain.com/Autodiscover/Autodiscover.xml
Add the following line to the apache site configuration file.
AliasMatch (?i)/Autodiscover/Autodiscover.xml "/usr/share/z-push/autodiscover/autodiscover.php"
This line assumes that Z-Push is installed in /usr/share/z-push. If the path
is different, please adjust it accordingly.
Note: some mobiles use different casings, like "AutoDiscover" in the URL. The
above statement is valid for these as well.
Please restart Apache afterwards.
Configuration
-------------
There are several parameters in the configuration file, which allow to customize
the behaviour of the AutoDiscover Service.
The configuration, generally is located in the z-push/autodiscover directory and
is called "config.php".
The parameters:
BASE_PATH This property specifies where the AutoDiscover files are
located. Normally there is no need to adjust this parameter.
SERVERURL This is the full URL where the Z-Push server is available.
You should adjust it to the domain/server where Z-Push is
installed.
USE_FULLEMAIL_FOR_LOGIN If this is set to "true", AutoDiscover will attempt to
login on the collaboration server with the full email
address sent by the client. If disabled (default), the
local part of the email address is used.
LOGFILEDIR The directory where logfiles are created.
LOGFILE The default AutoDiscover log file.
LOGERRORFILE The default AutoDiscover error log file.
LOGLEVEL The loglevel, set it to WBXML to see the data received
and sent from/to clients.
LOGAUTHFAIL Set to true, to explicitly log failed login attempts.
BACKEND_PROVIDER The backend to be used. If empty (default) the code
will auto detect which backend to use.
Please note: the desired backend also needs to be configured, in the
"backends/<backend>/config.php" file.
Test installation
-----------------
If everything is correct, accessing with a browser the URL for your setup, you
should see:
1. a pop-up asking for your username + password. Always use the email
address which you would also enter on the mobile (independently from
the configuration).
2. if the authentication was successful, you will see a Z-Push informational
page (like when accessing the Z-Push location).
Note: The same test can also be performed in the mobiles web browser to check
if the access works correctly from the mobile network.
If the authentication fails, please check the configuration options of AutoDiscover.
Also check the logfiles for possible failures.
If the manual method works, try setting up your mobile phone! :)
Z-Push AutoDiscover manual
--------------------------
This manual gives an introduction to the Z-Push AutoDiscover service, discusses
technical details and explains the installation.
Introduction
------------
AutoDiscover is the service used to simplify the configuration of collaboration
accounts for clients, especially for mobile phones.
While in the past the user was required to enter the server name, user name and
password manually into his mobile phone in order to connect, with AutoDiscover
the user is only required to fill in his email address and the password.
AutoDiscover will try several methods to reach the correct server automatically.
How does it work?
-----------------
When speaking about AutoDiscover, this includes two distinct realms:
- AutoDiscover is a specification which defines the steps a client should take
in order to contact a service to request additional data.
- The AutoDiscover service is piece of software which accepts requests from the
clients, authenticates them, requests some additional data from the
collaboration server and sends this data back to the client.
The specification suggests several ways for client to contact the responsible
server to receive additional information. Tests have shown, that basically all
mobile phones tested support only the most basic ways. These are sufficient for
almost all types of scenarios and are the ones implemented by Z-Push AutoDiscover.
Please refer to the Mobile Compatibility List (http://z-push.org/compatibility)
for an overview of supported and tested devices.
The used email address is the key for the process. The client splits it up into
the local and domain part (before and after the @-sign). The client then tries
to connect to this domain in order to get in contact with the AutoDiscover
service. The local part of the email address is used as "login" to the
AutoDiscover service. There is also an option, to use the full email address as
login name (see "Configuration" section below for details).
---------------
| Client |
| e.g. mobile |
---------------
/ \
1. Searches for / \ 2. Data access
information / \
/ \
V V
---------------- --------------
| AutoDiscover | redirects to | Z-Push |
| | --------------------> | ActiveSync |
---------------- --------------
\ /
Authen- \ / Synchronizes
ticates \ /
via Z-Push \ /
Backend V V
-----------------
| Collaboration |
| Platform |
-----------------
Requirements
------------
As described in the previous chapter, the local part of the email address or
the email address is used in order to log in.
Your configuration requires that this type of login is possible:
- either the user name is used to login and must be used in the email address
entered on the mobile, or
- the entire email address is used to login.
Which option is used has to be configured in the AutoDiscover configuration and
in the underlying platform (e.g. KC (hosting mode)).
Most companies use the user name as local part of the email by default. From the
AutoDiscover point of view, it is not required that user is able to receive
emails at the used email address. It is recommended allowing that in order not
to confuse end users.
AutoDiscover also requires a valid SSL certificate to work as expected. A very
little percentage of mobiles support self-signed certificates (showing a
pop-up alerting the user). Most mobiles silently ignore self-signed certificates
and just declare the AutoDiscover process as failed in such cases.
If AutoDiscover fails, the user is generally redirected to the
"manual configuration" of the client.
If you do not plan to acquire an official certificate, you will probably not be
able to use the AutoDiscover service.
Depending on your setup, it could be necessary to add new DNS entries for your
mail domain.
Domain setup
------------
There are two general ways the AutoDiscover process can be configured:
1. Directly with "yourdomain.com" website ("www.yourdomain.com" will most
probably not work)
2. With the sub-domain "autodiscover.yourdomain.com"
In both cases, an official SSL certificate is required. If you already have a
certificate for your domain, the webserver answering for that domain could be
reconfigured to allow AutoDiscover requests as well. In the case that you do
not have direct access to this type of configuration (e.g. hosting provider),
it's recommended to acquire a dedicated certificate for
"autodiscover.yourdomain.com". Please note, that this sub-domain can NOT be
renamed. In general, "wildcard" certificates can be used, as long they are
valid for the required domain.
Software requirements
---------------------
Like Z-Push, AutoDiscover is written in PHP, where PHP 5.1 or newer is required.
Please consult the Z-Push INSTALL file for further information about PHP versions.
If only AutoDiscover is to be executed on a host, the Z-Push PHP dependencies do
NOT need to be installed.
AutoDiscover has one direct dependency, the php-xml parser library.
These packages vary in names between the distributions.
- Generally install the packages: php-xml
- On Suse (SLES & OpenSuse) install the packages: php53-xml
- On RHEL based systems install the package: php-xml
Installation
------------
AutoDiscover is part of the Z-Push package and uses some of the functionality
available in Z-Push.
It is possible to install AutoDiscover on the same host as Z-Push, or to
install them on different hosts.
Currently, independently from the setup, it's recommended to extract the entire
z-push tarball and configure the services as required.
Please follow the install instructions from the Z-Push INSTALL file (section
"How to install") to copy the files to your server.
If you do not want to setup Z-Push on the host, do not add the "Alias" for
ActiveSync.
To setup the SSL certificate, please refer to one of the many setup guides
available on the internet, like that one:
http://www.apache.com/resources/how-to-setup-an-ssl-certificate-on-apache/
The mobiles requests these URLs (where "yourdomain.com" corresponds to the
domain part of the email used in the client):
https://yourdomain.com/Autodiscover/Autodiscover.xml and/or
https://autodiscover.yourdomain.com/Autodiscover/Autodiscover.xml
Add the following line to the apache site configuration file.
AliasMatch (?i)/Autodiscover/Autodiscover.xml "/usr/share/z-push/autodiscover/autodiscover.php"
This line assumes that Z-Push is installed in /usr/share/z-push. If the path
is different, please adjust it accordingly.
Note: some mobiles use different casings, like "AutoDiscover" in the URL. The
above statement is valid for these as well.
Please restart Apache afterwards.
Configuration
-------------
There are several parameters in the configuration file, which allow to customize
the behaviour of the AutoDiscover Service.
The configuration, generally is located in the z-push/autodiscover directory and
is called "config.php".
The parameters:
BASE_PATH This property specifies where the AutoDiscover files are
located. Normally there is no need to adjust this parameter.
SERVERURL This is the full URL where the Z-Push server is available.
You should adjust it to the domain/server where Z-Push is
installed.
USE_FULLEMAIL_FOR_LOGIN If this is set to "true", AutoDiscover will attempt to
login on the collaboration server with the full email
address sent by the client. If disabled (default), the
local part of the email address is used.
LOGFILEDIR The directory where logfiles are created.
LOGFILE The default AutoDiscover log file.
LOGERRORFILE The default AutoDiscover error log file.
LOGLEVEL The loglevel, set it to WBXML to see the data received
and sent from/to clients.
LOGAUTHFAIL Set to true, to explicitly log failed login attempts.
BACKEND_PROVIDER The backend to be used. If empty (default) the code
will auto detect which backend to use.
Please note: the desired backend also needs to be configured, in the
"backends/<backend>/config.php" file.
Test installation
-----------------
If everything is correct, accessing with a browser the URL for your setup, you
should see:
1. a pop-up asking for your username + password. Always use the email
address which you would also enter on the mobile (independently from
the configuration).
2. if the authentication was successful, you will see a Z-Push informational
page (like when accessing the Z-Push location).
Note: The same test can also be performed in the mobiles web browser to check
if the access works correctly from the mobile network.
If the authentication fails, please check the configuration options of AutoDiscover.
Also check the logfiles for possible failures.
If the manual method works, try setting up your mobile phone! :)
src/autodiscover/autodiscover.php
View file @ ec254052
......@@ -104,25 +104,42 @@ class ZPushAutodiscover {
}
}
catch (AuthenticationRequiredException $ex) {
if (isset($incomingXml)) {
ZLog::Write(LOGLEVEL_ERROR, sprintf("Unable to complete autodiscover because login failed for user with email '%s'", $incomingXml->Request->EMailAddress));
catch (Exception $ex) {
// Extract any previous exception message for logging purpose.
$exclass = get_class($ex);
$exception_message = $ex->getMessage();
if($ex->getPrevious()){
do {
$current_exception = $ex->getPrevious();
$exception_message .= ' -> ' . $current_exception->getMessage();
} while($current_exception->getPrevious());
}
else {
ZLog::Write(LOGLEVEL_ERROR, sprintf("Unable to complete autodiscover incorrect request: '%s'", $ex->getMessage()));
ZLog::Write(LOGLEVEL_FATAL, sprintf('Exception: (%s) - %s', $exclass, $exception_message));
if ($ex instanceof AuthenticationRequiredException) {
if (isset($incomingXml)) {
// log the failed login attemt e.g. for fail2ban
if (defined('LOGAUTHFAIL') && LOGAUTHFAIL != false)
ZLog::Write(LOGLEVEL_WARN, sprintf("Unable to complete autodiscover because login failed for user with email '%s' from IP %s.", $incomingXml->Request->EMailAddress, $_SERVER["REMOTE_ADDR"]));
}
else {
ZLog::Write(LOGLEVEL_ERROR, sprintf("Unable to complete autodiscover incorrect request: '%s'", $ex->getMessage()));
}
http_response_code(401);
header('WWW-Authenticate: Basic realm="ZPush"');
}
http_response_code(401);
header('WWW-Authenticate: Basic realm="ZPush"');
}
catch (ZPushException $ex) {
ZLog::Write(LOGLEVEL_ERROR, sprintf("Unable to complete autodiscover because of ZPushException. Error: %s", $ex->getMessage()));
if(!headers_sent()) {
header('HTTP/1.1 '. $ex->getHTTPCodeString());
foreach ($ex->getHTTPHeaders() as $h) {
header($h);
else if ($ex instanceof ZPushException) {
ZLog::Write(LOGLEVEL_ERROR, sprintf("Unable to complete autodiscover because of ZPushException. Error: %s", $ex->getMessage()));
if(!headers_sent()) {
header('HTTP/1.1 '. $ex->getHTTPCodeString());
foreach ($ex->getHTTPHeaders() as $h) {
header($h);
}
}
}
}
$this->sendResponse($response);
}
......@@ -182,21 +199,32 @@ class ZPushAutodiscover {
* @return string $username
*/
private function login($backend, $incomingXml) {
// don't even try to login if there is no PW set
if (!isset($_SERVER['PHP_AUTH_PW'])) {
throw new AuthenticationRequiredException("Access denied. No password provided.");
}
// Determine the login name depending on the configuration: complete email address or
// the local part only.
if (USE_FULLEMAIL_FOR_LOGIN) {
ZLog::Write(LOGLEVEL_DEBUG, sprintf("Using the complete email address for login."));
$username = $incomingXml->Request->EMailAddress;
ZLog::Write(LOGLEVEL_DEBUG, sprintf("Using the complete email address for login: '%s'", $username));
}
else{
ZLog::Write(LOGLEVEL_DEBUG, sprintf("Using the username only for login."));
else {
$username = Utils::GetLocalPartFromEmail($incomingXml->Request->EMailAddress);
ZLog::Write(LOGLEVEL_DEBUG, sprintf("Using the username only for login: '%s'", $username));
}
if($backend->Logon($username, "", $_SERVER['PHP_AUTH_PW']) == false) {
// Mobile devices send Authorization header using UTF-8 charset. Outlook sends it using ISO-8859-1 encoding.
// For the successful authentication the user and password must be UTF-8 encoded. Try to determine which
// charset was sent by the client and convert it to UTF-8. See https://jira.z-hub.io/browse/ZP-864.
$username = Utils::ConvertAuthorizationToUTF8($username);
$password = Utils::ConvertAuthorizationToUTF8($_SERVER['PHP_AUTH_PW']);
if ($backend->Logon($username, "", $password) == false) {
throw new AuthenticationRequiredException("Access denied. Username or password incorrect.");
}
ZLog::Write(LOGLEVEL_DEBUG, sprintf("ZPushAutodiscover->login() Using '%s' as the username.", $username));
ZLog::Write(LOGLEVEL_DEBUG, sprintf("ZPushAutodiscover->login() successfull with '%s' as the username.", $username));
return $username;
}
......
src/lib/request/request.php
View file @ ec254052
......@@ -254,25 +254,10 @@ class Request {
// Mobile devices send Authorization header using UTF-8 charset. Outlook sends it using ISO-8859-1 encoding.
// For the successful authentication the user and password must be UTF-8 encoded. Try to determine which
// charset was sent by the client and convert it to UTF-8. See https://jira.z-hub.io/browse/ZP-864.
if (isset($_SERVER['PHP_AUTH_USER'])) {
$encoding = mb_detect_encoding(self::$authUser, "UTF-8, ISO-8859-1");
if (!$encoding) {
$encoding = mb_detect_encoding(self::$authUser, Utils::GetAvailableCharacterEncodings());
if ($encoding) {
ZLog::Write(LOGLEVEL_WARN,
sprintf("Request->ProcessHeaders(): mb_detect_encoding detected '%s' charset. This charset is not in the default detect list. Please report it to Z-Push developers.",
$encoding));
}
else {
ZLog::Write(LOGLEVEL_ERROR, "Request->ProcessHeaders(): mb_detect_encoding failed to detect the Authorization header charset. It's possible that user won't be able to login.");
}
}
if ($encoding && strtolower($encoding) != "utf-8") {
ZLog::Write(LOGLEVEL_DEBUG, sprintf("Request->ProcessHeaders(): mb_detect_encoding detected '%s' charset. Authorization header will be converted to UTF-8 from it.", $encoding));
self::$authUser = mb_convert_encoding(self::$authUser, "UTF-8", $encoding);
self::$authPassword = mb_convert_encoding(self::$authPassword, "UTF-8", $encoding);
}
}
if (isset(self::$authUser))
self::$authUser = Utils::ConvertAuthorizationToUTF8(self::$authUser);
if (isset(self::$authPassword))
self::$authPassword = Utils::ConvertAuthorizationToUTF8(self::$authPassword);
}
/**
......
src/lib/utils/utils.php
View file @ ec254052
......@@ -1092,15 +1092,36 @@ class Utils {
}
/**
* Returns folder origin from its id.
* Returns folder origin identifier from its id.
*
* @param string $fid
* @param string $folderid
*
* @access public
* @return string|boolean matches values of DeviceManager::FLD_ORIGIN_*
*/
public static function GetFolderOriginFromId($folderid) {
$origin = substr($folderid, 0, 1);
switch ($origin) {
case DeviceManager::FLD_ORIGIN_CONFIG:
case DeviceManager::FLD_ORIGIN_GAB:
case DeviceManager::FLD_ORIGIN_SHARED:
case DeviceManager::FLD_ORIGIN_USER:
return $origin;
}
ZLog::Write(LOGLEVEL_WARN, sprintf("Utils->GetFolderOriginFromId(): Unknown folder origin for folder with id '%s'", $folderid));
return false;
}
/**
* Returns folder origin as string from its id.
*
* @param string $folderid
*
* @access public
* @return string
*/
public static function GetFolderOriginFromId($fid) {
$origin = substr($fid, 0, 1);
public static function GetFolderOriginStringFromId($folderid) {
$origin = substr($folderid, 0, 1);
switch ($origin) {
case DeviceManager::FLD_ORIGIN_CONFIG:
return 'configured';
......@@ -1111,7 +1132,7 @@ class Utils {
case DeviceManager::FLD_ORIGIN_USER:
return 'user';
}
ZLog::Write(LOGLEVEL_WARN, sprintf("Utils->GetFolderOriginFromId(): Unknown folder origin for folder with id '%s'", $fid));
ZLog::Write(LOGLEVEL_WARN, sprintf("Utils->GetFolderOriginStringFromId(): Unknown folder origin for folder with id '%s'", $folderid));
return 'unknown';
}
......@@ -1130,6 +1151,38 @@ class Utils {
}
return array(null, $id);
}
/**
* Detects encoding of the input and converts it to UTF-8.
* This is currently only used for authorization header conversion.
*
* @param string $data input data
*
* @access public
* @return string utf-8 encoded data
*/
public static function ConvertAuthorizationToUTF8($data) {
$encoding = mb_detect_encoding($data, "UTF-8, ISO-8859-1");
if (!$encoding) {
$encoding = mb_detect_encoding($data, Utils::GetAvailableCharacterEncodings());
if ($encoding) {
ZLog::Write(LOGLEVEL_WARN,
sprintf("Utils::ConvertAuthorizationToUTF8(): mb_detect_encoding detected '%s' charset. This charset is not in the default detect list. Please report it to Z-Push developers.",
$encoding));
}
else {
ZLog::Write(LOGLEVEL_ERROR, "Utils::ConvertAuthorizationToUTF8(): mb_detect_encoding failed to detect the Authorization header charset. It's possible that user won't be able to login.");
}
}
if ($encoding && strtolower($encoding) != "utf-8") {
ZLog::Write(LOGLEVEL_DEBUG, sprintf("Utils::ConvertAuthorizationToUTF8(): mb_detect_encoding detected '%s' charset. Authorization header will be converted to UTF-8 from it.", $encoding));
return mb_convert_encoding($data, "UTF-8", $encoding);
}
return $data;
}
}
......
src/lib/utils/zpushadmin.php
View file @ ec254052
......@@ -113,6 +113,10 @@ class ZPushAdmin {
ZLog::Write(LOGLEVEL_WARN, sprintf("ZPushAdmin::GetDeviceDetails(): device '%s' of user '%s' has invalid states. Please sync to solve this issue.", $devid, $user));
$device->SetDeviceError("Invalid states. Please force synchronization!");
}
catch (StatusException $ste) {
ZLog::Write(LOGLEVEL_WARN, sprintf("ZPushAdmin::GetDeviceDetails(): device '%s' of user '%s' has status exceptions. Please sync to solve this issue.", $devid, $user));
$device->SetDeviceError("State exceptions. Please force synchronization or remove device to fix!");
}
if ($sc) {
if ($sc->GetLastSyncTime())
......@@ -496,7 +500,7 @@ class ZPushAdmin {
foreach ($device->GetAdditionalFolders() as $folder) {
$syncfolderid = $device->GetFolderIdForBackendId($folder['folderid'], false, false, null);
$folder['syncfolderid'] = $syncfolderid;
$folder['origin'] = Utils::GetFolderOriginFromId($syncfolderid);
$folder['origin'] = Utils::GetFolderOriginStringFromId($syncfolderid);
$new_list[$folder['folderid']] = $folder;
}
foreach (ZPush::GetAdditionalSyncFolders() as $fid => $so) {
......@@ -509,7 +513,7 @@ class ZPushAdmin {
'syncfolderid' => $syncfolderid,
'name' => $so->displayname,
'type' => $so->type,
'origin' => Utils::GetFolderOriginFromId($syncfolderid),
'origin' => Utils::GetFolderOriginStringFromId($syncfolderid),
'flags' => 0, // static folders have no flags
);
}
......
src/lib/webservice/webservice.php
View file @ ec254052
......@@ -62,7 +62,7 @@ class Webservice {
ZLog::Write(LOGLEVEL_INFO, sprintf("Webservice::HandleWebservice('%s'): user '%s' executing action for user '%s'", $commandCode, Request::GetAuthUser(), Request::GetGETUser()));
// initialize non-wsdl soap server
$this->server = new SoapServer(null, array('uri' => "http://z-push.sf.net/webservice"));
$this->server = new SoapServer(null, array('uri' => "http://z-push.org/webservice"));
// the webservice command is handled by its class
if ($commandCode == ZPush::COMMAND_WEBSERVICE_DEVICE) {
......
tools/list-shared-folders.php 0 → 100644
View file @ ec254052
#!/usr/bin/env php
<?php
/**********************************************************
* File : list-shared-folders.php
* Project : Z-Push - tools
* Descr : Lists all users and devices that have open additional folders
*
* Created : 20.10.2016
*
* Copyright 2007 - 2016 Zarafa Deutschland GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation with the following additional
* term according to sec. 7:
*
* According to sec. 7 of the GNU Affero General Public License, version 3,
* the terms of the AGPL are supplemented with the following terms:
*
* "Zarafa" is a registered trademark of Zarafa B.V.
* "Z-Push" is a registered trademark of Zarafa Deutschland GmbH
* The licensing of the Program under the AGPL does not imply a trademark license.
* Therefore any rights, title and interest in our trademarks remain entirely with us.
*
* However, if you propagate an unmodified version of the Program you are
* allowed to use the term "Z-Push" to indicate that you distribute the Program.
* Furthermore you may use our trademarks where it is necessary to indicate
* the intended purpose of a product or service provided you use it in accordance
* with honest practices in industrial or commercial matters.
* If you want to propagate modified versions of the Program under the name "Z-Push",
* you may only do so if you have a written permission by Zarafa Deutschland GmbH
* (to acquire a permission please contact Zarafa at trademark@zarafa.com).
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Consult LICENSE file for details
************************************************/
// Please adjust to match your z-push installation directory, usually /usr/share/z-push
define('ZPUSH_BASE_PATH', "/usr/share/z-push");
/**
* Usage:
* php list-shared-folders.php
* List all shared folders for all devices
*
* php list-shared-folders.php | awk -F',' '$6 == "13" && $7 != ""'
* List all shared folders of type calendar (13) that are synchronized on a device (else SyncUUID is empty)
*
* php list-shared-folders.php | awk -F',' '$6 == "13" && $7 != "" { system("z-push-admin -a resync -d " $1 " -u " $2 " -t " $5) }'
* Resynchronizes all shared folders from type calendar (13) that are synchronized already
*/
/************************************************
* MAIN
*/
try {
if (php_sapi_name() != "cli") {
fwrite(STDERR, "This script can only be called from the CLI.\n");
exit(1);
}
if (!defined('ZPUSH_BASE_PATH') || !file_exists(ZPUSH_BASE_PATH . "/config.php")) {
die("ZPUSH_BASE_PATH not set correctly or no config.php file found\n");
}
define('BASE_PATH_CLI', ZPUSH_BASE_PATH ."/");
set_include_path(get_include_path() . PATH_SEPARATOR . ZPUSH_BASE_PATH);
require_once 'vendor/autoload.php';
if (!defined('ZPUSH_CONFIG')) define('ZPUSH_CONFIG', 'config.php');
include_once(ZPUSH_CONFIG);
ZPush::CheckConfig();
$sm = ZPush::GetStateMachine();
$devices = $sm->GetAllDevices();
if (!empty($devices)) {
printf("%s,%s,%s,%s,%s,%s,%s,%s\n", "DeviceId", "User", "Store", "SyncFolderId", "FolderId", "Type", "SyncUUID", "Name");
}
foreach ($devices as $devid) {
$users = ZPushAdmin::ListUsers($devid);
foreach($users as $user) {
$device = ZPushAdmin::GetDeviceDetails($devid, $user);
foreach ($device->GetAdditionalFolders() as $folder) {
$syncfolderid = $device->GetFolderIdForBackendId($folder['folderid'], false, false, null);
if(Utils::GetFolderOriginFromId($syncfolderid) !== DeviceManager::FLD_ORIGIN_SHARED) {
continue;
}
$syncfolder = $device->GetHierarchyCache()->GetFolder($syncfolderid);
// if there is no syncfolder then this folder was not synchronized to the client (e.g. no permissions)
if (!$syncfolder) {
continue;
}
$folderUuid = $device->GetFolderUUID($syncfolderid);
printf("%s,%s,%s,%s,%s,%d,%s,%s\n", $devid, $user, $syncfolder->Store, $syncfolderid, $folder['folderid'], $syncfolder->type, $folderUuid, $syncfolder->displayname);
}
}
}
}
catch (ZPushException $zpe) {
fwrite(STDERR, get_class($zpe) . ": ". $zpe->getMessage() . "\n");
exit(1);
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment