DerLinkman
03c49ea1f8
Merge branch 'staging' into feature/tfa-flow
2022-07-04 16:43:49 +02:00
Patrick Schult and GitHub
11700d7ecb
Merge pull request #4403 from El-Virus/master
...
Fix "The operation is insecure." when trying to register fido2 device.
2022-06-30 13:55:07 +02:00
FreddleSpl0it
a835419168
fix imapsync
2022-06-23 18:36:54 +02:00
FreddleSpl0it
d373164e13
hotfix imapsync
2022-06-20 21:18:57 +02:00
FreddleSpl0it
71db83efce
hotfix imapsync
2022-06-13 12:46:39 +02:00
andryyy
7ae7f25580
[Web] Re-use DKIM key if available
2022-06-11 11:42:36 +02:00
DerLinkman
c27ad97287
[DB] Remove pipemes from custom_params
2022-05-20 09:44:11 +02:00
DerLinkman
b1658c0f83
[IMAPSYNC] Hardened pipemess exploit prevention (pipemes)
2022-05-20 09:30:42 +02:00
DerLinkman
97df5c3b9c
[DB] Update DB Version to remove pipemess parameters
2022-05-19 15:42:13 +02:00
DerLinkman
33e5ad2b5c
[Imapsync] Case sensitive PIPEMESS removal
2022-05-19 14:41:21 +02:00
07ac195fea
Translations update from Weblate ( #4591 )
...
* [Web] Updated lang.ru.json [CI SKIP]
Co-authored-by: DRago_Angel <alekseev.dmitriy.92@gmail.com >
Co-authored-by: milkmaker <milkmaker@mailcow.de >
* [Web] Updated lang.uk.json [CI SKIP]
[Web] Updated lang.uk.json [CI SKIP]
[Web] Added lang.uk.json [CI SKIP]
Co-authored-by: OGudzik <olegrpg@gmail.com >
Co-authored-by: Oleksii Kruhlenko <a.kruglenko@gmail.com >
Co-authored-by: Peter <magic@kthx.at >
Co-authored-by: milkmaker <milkmaker@mailcow.de >
* [Web] Updated lang.it.json [CI SKIP]
Co-authored-by: Stefano <stefano.vassena@gmail.com >
Co-authored-by: milkmaker <milkmaker@mailcow.de >
* Add Ukrainian language code in vars.inc.php
Co-authored-by: DRago_Angel <alekseev.dmitriy.92@gmail.com >
Co-authored-by: OGudzik <olegrpg@gmail.com >
Co-authored-by: Oleksii Kruhlenko <a.kruglenko@gmail.com >
Co-authored-by: Peter <magic@kthx.at >
Co-authored-by: Stefano <stefano.vassena@gmail.com >
2022-05-18 18:20:03 +02:00
Niklas Meyer and GitHub
3029a2d33d
Change DB Date to newer Date than staging
2022-05-17 15:26:01 +02:00
Niklas Meyer and GitHub
fa0d2a959d
Merge branch 'feature/tfa-flow' into selection-tfa
2022-05-17 15:23:10 +02:00
FreddleSpl0it
f40e682800
[Web] domain/mailbox tagging check for empty tags
2022-05-06 07:42:45 +02:00
549ff7d100
Add Domain and Mailbox tagging ( #4569 )
...
* [Web] define tag tables
* [Web] add mailbox tag functions
* [Web] add domain/mailbox tagging
* [Web] add domain/mailbox tagging
* [Web] add domain/mailbox tagging
* [Web] add domain/mailbox tagging
* [Web] add domain/mailbox tagging
* [Web] add domain/mailbox tagging
* [Web] add domain/mailbox tagging
* [Web] add domain/mailbox tagging
* Include new tags lang in language.en.json
* [Web] add domain/mailbox tagging
* [Web] add domain/mailbox tagging
* [Web] add domain/mailbox tagging
* [Web] add domain/mailbox tagging
* [Web] add domain/mailbox tagging
Co-authored-by: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com >
2022-05-05 08:25:01 +02:00
Niklas Meyer and DerLinkman
06f380a17a
[DB] Removed empty space behind c_value
2022-03-22 19:47:53 +01:00
Niklas Meyer and DerLinkman
67882414e1
[DB] Update DB Version to 22032022_1330
...
For SOGo 5.5.1 and newer
2022-03-22 19:47:53 +01:00
Niklas Meyer and DerLinkman
2b149fb8ea
[DB] Update schema for longer passwords in sogo
2022-03-22 19:47:53 +01:00
FreddleSpl0it
6d3798ad08
[Web] fix yubi otp
2022-03-19 20:18:31 +01:00
FreddleSpl0it
70921b8d15
[Web] tfa extra debugging
2022-03-18 08:45:02 +01:00
FreddleSpl0it
b185f83fc3
[Web] tfa extra debugging
2022-03-18 08:37:22 +01:00
FreddleSpl0it
e7fe52a625
[Web] increase mysql publicKey field length
2022-03-14 10:31:59 +01:00
FreddleSpl0it
49c506eed9
[Web] multiple tfa - user support
2022-03-14 10:31:59 +01:00
FreddleSpl0it
21fadf6df2
[Web] multiple tfa - domainadmin support
2022-03-14 10:31:58 +01:00
FreddleSpl0it
5fcccbc97d
[Web] add verify selected tfa
2022-03-14 10:31:56 +01:00
FreddleSpl0it
3ef2b6cfa2
[Web] add verify selected tfa
2022-03-14 10:31:51 +01:00
andryyy
b820096656
[Web] Delete related spam aliases when deleting alias domain
2022-03-14 08:35:21 +01:00
andryyy
98bc947d00
[Web] Update composer libs
...
- Removing symfony/deprecation-contracts (v2.4.0)
- Upgrading ddeboer/imap (1.12.1 => 1.13.1)
- Upgrading directorytree/ldaprecord (v2.6.3 => v2.10.1)
- Upgrading illuminate/contracts (v8.53.1 => v9.3.0)
- Upgrading nesbot/carbon (2.51.1 => 2.57.0)
- Upgrading phpmailer/phpmailer (v6.5.0 => v6.6.0)
- Upgrading psr/container (1.1.1 => 2.0.2)
- Upgrading psr/log (1.1.4 => 3.0.0)
- Upgrading psr/simple-cache (1.0.1 => 2.0.0)
- Upgrading robthree/twofactorauth (1.8.0 => 1.8.1)
- Upgrading symfony/polyfill-ctype (v1.23.0 => v1.24.0)
- Upgrading symfony/polyfill-mbstring (v1.23.1 => v1.24.0)
- Upgrading symfony/polyfill-php80 (v1.23.1 => v1.24.0)
- Upgrading symfony/translation (v5.3.4 => v6.0.5)
- Upgrading symfony/translation-contracts (v2.4.0 => v3.0.0)
- Upgrading symfony/var-dumper (v5.3.6 => v6.0.5)
- Upgrading tightenco/collect (v8.34.0 => v8.83.2)
- Upgrading twig/twig (v3.3.2 => v3.3.8)
2022-03-02 20:08:44 +01:00
89fdd1986d
Jan(moo)uary Update 2022 - Revision A (2022-01a) ( #4445 )
...
* [API] Fix minor issue in api docs
* [GH-Actions][stale] Add neverstale label to exempt list
* [Web] add github version tag
* [Web] add github version tag error handling
* Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions
Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php.
* [Web] add github version tag - adjust css
* [Compose] Update SOGo Autoreply Schedule to 5m
Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber
Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436
* [Web] add github version tag - move twig globals
* [Web] add github version tag - missing </div>
* Passwordless SOGo auth: improvements for when accessing other users
* [WebAuthn] fido2 passwordless auth - fix (#4440 )
* [WebAuthn] fido2 revert
* [WebAuthn] set UV flags to 'discouraged'
* [WebAuthn] revert - set UV flags to 'discouraged'
Co-authored-by: ntimo <git@nowitzki.me >
Co-authored-by: Peter <magic@kthx.at >
Co-authored-by: FreddleSpl0it <patschul@posteo.de >
Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com >
Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com >
2022-02-01 15:26:48 +01:00
El-Virus and GitHub
ea1a412749
Fix missing "lbuchs", after resolving last conflict
...
It seems that when solving the conflict in my pr when the latest staging branch was merged to master, I accidentally deleted "lbuchs", I added it back
2022-01-21 15:46:44 +01:00
El-Virus and GitHub
db82327d9a
Merge branch 'staging' into master
2022-01-21 15:40:37 +01:00
Niklas Meyer and GitHub
355ea71877
Merge pull request #4428 from FreddleSpl0it/master
...
Migrating from U2F to WebAuthn for 2FA
2022-01-21 12:19:25 +01:00
FreddleSpl0it and GitHub
af1b90fa18
[WebAuthn] rename env var
2022-01-20 14:37:20 +01:00
FreddleSpl0it
7df2bb28f8
[WebAuthn] disable rootCA default
2022-01-19 21:35:21 +01:00
FreddleSpl0it
0f464658cc
[WebAuthn] disable webauthn rootca by mailcow.conf
2022-01-19 19:10:43 +01:00
FreddleSpl0it
5712192bcb
[WebAuthn] fix error on android
2022-01-18 11:40:06 +01:00
FreddleSpl0it
0e4ddacf92
[WebAuthn] cleanup
2022-01-18 10:23:32 +01:00
FreddleSpl0it
8316e763fa
[WebAuthn] remove old u2f functions
2022-01-18 10:14:18 +01:00
FreddleSpl0it and FreddleSpl0it
a849d03a00
[WebAuthn] show user deprecated warning
2022-01-18 10:14:18 +01:00
FreddlePat
68abd6a535
migrating from u2f-api.js to webauthn
2022-01-12 21:57:21 +01:00
FreddlePat
be4af41e64
migrating from u2f-api.js to webauthn
2022-01-12 21:26:42 +01:00
FreddlePat
d1d134038f
migrating from u2f-api.js to webauthn
2022-01-12 21:09:18 +01:00
El-Virus and GitHub
ea1a02bd7d
Fix "The operation is insecure." when trying to register fido2 device.
...
navigator.credentials.create(); Doesn't accept a port in the "id" parameter. So, when trying to register a fido2 device via WebAuthn throws: "The operation is insecure." on firefox and "The relying party ID is not a registrable domain suffix of, nor equal to the current domain." on Chrome or Edge.
This commit replaces `$_SERVER['HTTP_HOST']` with `$_SERVER['SERVER_NAME']` when initializing `$WebAuthn` which excludes the port to formulate correct requests.
Now Mailcow allows the registration of fido2 devices when running in a non-standard port(eg. 443).
2021-12-26 17:11:06 +01:00
andryyy
e4d23b7887
[Web] Add default sieve accessq
2021-12-07 13:56:56 +01:00
Kristian Feldsam
08f8eeb2e6
[web] fixed html in alerts
...
Signed-off-by: Kristian Feldsam <feldsam@gmail.com >
2021-11-28 22:49:18 +01:00
André Peters and GitHub
f4319a0e20
Revert "Add app-passwd list ( #4281 ) ( #4311 )" ( #4318 )
...
This reverts commit 8dad04e0e6 .
2021-11-11 13:48:47 +01:00
Felix and GitHub
8dad04e0e6
Add app-passwd list ( #4281 ) ( #4311 )
...
* Add list option for app passwords
* Add app-passwd option to OpenAPI documentation
2021-11-11 13:45:04 +01:00
andryyy
116c7919e3
[Web] Add missing sieve permission
2021-10-31 08:46:54 +01:00
jkellerer and GitHub
9946bb3427
[Web] Display app password name in last login ( #4304 )
2021-10-30 16:51:26 +02:00
andryyy
f0aae22f77
[Dovecot, Web] Fix remaining issues of app password enhancements from #4296
2021-10-30 14:34:33 +02:00