Add support for Dovecot 2.4 in "User and Login Options" page

2026-02-03 14:13:29 +00:00 · 2025-09-01 19:22:35 +03:00
parent 0ffaed090a
commit 0885a17f55
2 changed files with 207 additions and 184 deletions
--- a/dovecot/edit_login.cgi
+++ b/dovecot/edit_login.cgi
@@ -14,7 +14,11 @@ print &ui_table_row($text{'login_realms'},
 	    &ui_opt_textbox("realms", $realms, 40, $text{'login_none'}), 3);

 # Default authentication realm
-$realm = &find_value("auth_default_realm", $conf);
+$realm = &find_value(
+	&version_atleast("2.4")
+		? "auth_default_domain"
+		: "auth_default_realm",
+	$conf);
 print &ui_table_row($text{'login_realm'},
 	    &ui_opt_textbox("realm", $realm, 10, $text{'default'}));

@@ -87,25 +91,27 @@ elsif ($userdb =~ /^sql\s+(.*)/) {
 else {
 	$other = $userdb;
 	}
-print &ui_table_row($text{'login_userdb'},
-   &ui_radio("usermode", $usermode,
-	[ [ "passwd", $text{'login_passwd'}."<br>" ],
-	  [ "passwd-file", &text('login_passwdfile',
-		&ui_textbox("passwdfile", $passwdfile, 30))."<br>" ],
-	  [ "static", &text('login_static',
-		&ui_textbox("uid", $uid, 6),
-		&ui_textbox("gid", $gid, 6),
-		&ui_textbox("home", $home, 20))."<br>" ],
-	  [ "vpopmail", $text{'login_vpopmail'}."<br>" ],
-	  [ "ldap", &text('login_ldap',
-		&ui_textbox("ldap", $ldap, 30))."<br>" ],
-	  [ "pgsql", &text('login_pgsql',
-		&ui_textbox("pgsql", $pgsql, 30))."<br>" ],
-	  [ "sql", &text('login_sql',
-		&ui_textbox("sql", $sql, 30))."<br>" ],
-	  [ "", &text('login_other',
-		&ui_textbox("other", $other, 30))."<br>" ],
-	 ]), 3);
+if (&version_atmost("2.4")) {
+	print &ui_table_row($text{'login_userdb'},
+	&ui_radio("usermode", $usermode,
+		[ [ "passwd", $text{'login_passwd'}."<br>" ],
+		[ "passwd-file", &text('login_passwdfile',
+			&ui_textbox("passwdfile", $passwdfile, 30))."<br>" ],
+		[ "static", &text('login_static',
+			&ui_textbox("uid", $uid, 6),
+			&ui_textbox("gid", $gid, 6),
+			&ui_textbox("home", $home, 20))."<br>" ],
+		[ "vpopmail", $text{'login_vpopmail'}."<br>" ],
+		[ "ldap", &text('login_ldap',
+			&ui_textbox("ldap", $ldap, 30))."<br>" ],
+		[ "pgsql", &text('login_pgsql',
+			&ui_textbox("pgsql", $pgsql, 30))."<br>" ],
+		[ "sql", &text('login_sql',
+			&ui_textbox("sql", $sql, 30))."<br>" ],
+		[ "", &text('login_other',
+			&ui_textbox("other", $other, 30))."<br>" ],
+		]), 3);
+	}

 # Password authentication system
 if (&find("auth_passdb", $conf, 2)) {
@@ -174,46 +180,49 @@ elsif ($passdb =~ /^checkpassword\s+(.*)$/) {
 else {
 	$pother = $passdb;
 	}
-print &ui_table_row($text{'login_passdb'},
-   &ui_radio("passmode", $passmode,
-	[ [ "passwd", $text{'login_passwd2'}."<br>" ],
-	  [ "shadow", $text{'login_shadow'}."<br>" ],
-	  [ "dpam", &text('login_dpam')."<br>" ],
-	  $alpha_opts ?
-	    ( [ "pam", &text('login_pam2',
-		  &ui_textbox("ppam", $ppam, 10),
-		  &ui_checkbox("ppam_session", 1,
-			       $text{'login_session'}, $psession),
-		  &ui_opt_textbox("ppam_ckey", $pckey, 10,
-				  $text{'login_none'}))."<br>" ]
- 	    ) :
-	    ( [ "pam", &text('login_pam',
-		  &ui_textbox("ppam", $ppam, 10))."<br>" ]
-	    ),
-	  [ "passwd-file", &text('login_passwdfile',
-		&ui_textbox("ppasswdfile", $ppasswdfile, 30))."<br>" ],
-	  [ "vpopmail", $text{'login_vpopmail'}."<br>" ],
-	  [ "ldap", &text('login_ldap',
-		&ui_textbox("pldap", $pldap, 30))."<br>" ],
-	  [ "pgsql", &text('login_pgsql',
-		&ui_textbox("ppgsql", $ppgsql, 30))."<br>" ],
-	  [ "sql", &text('login_sql',
-		&ui_textbox("psql", $psql, 30))."<br>" ],
-	  $alpha_opts ?
-	    ( [ "bsdauth",
-	        &text('login_bsdauth',
-		      &ui_opt_textbox("bsdauth_ckey", $pbckey, 10,
-				      $text{'login_none'}))."<br>" ],
-	      [ "checkpassword",
-	        &text('login_checkpassword',
-		 &ui_textbox("checkpassword", $checkpassword, 40))."<br>" ],
-	    ) :
-	    ( ),
-	  [ "", &text('login_other',
-		&ui_textbox("pother", $pother, 30))."<br>" ],
-	 ]), 3);

-print &ui_table_hr();
+if (&version_atmost("2.4")) {
+	print &ui_table_row($text{'login_passdb'},
+	&ui_radio("passmode", $passmode,
+		[ [ "passwd", $text{'login_passwd2'}."<br>" ],
+		[ "shadow", $text{'login_shadow'}."<br>" ],
+		[ "dpam", &text('login_dpam')."<br>" ],
+		$alpha_opts ?
+		( [ "pam", &text('login_pam2',
+			&ui_textbox("ppam", $ppam, 10),
+			&ui_checkbox("ppam_session", 1,
+				$text{'login_session'}, $psession),
+			&ui_opt_textbox("ppam_ckey", $pckey, 10,
+					$text{'login_none'}))."<br>" ]
+		) :
+		( [ "pam", &text('login_pam',
+			&ui_textbox("ppam", $ppam, 10))."<br>" ]
+		),
+		[ "passwd-file", &text('login_passwdfile',
+			&ui_textbox("ppasswdfile", $ppasswdfile, 30))."<br>" ],
+		[ "vpopmail", $text{'login_vpopmail'}."<br>" ],
+		[ "ldap", &text('login_ldap',
+			&ui_textbox("pldap", $pldap, 30))."<br>" ],
+		[ "pgsql", &text('login_pgsql',
+			&ui_textbox("ppgsql", $ppgsql, 30))."<br>" ],
+		[ "sql", &text('login_sql',
+			&ui_textbox("psql", $psql, 30))."<br>" ],
+		$alpha_opts ?
+		( [ "bsdauth",
+			&text('login_bsdauth',
+			&ui_opt_textbox("bsdauth_ckey", $pbckey, 10,
+					$text{'login_none'}))."<br>" ],
+		[ "checkpassword",
+			&text('login_checkpassword',
+			&ui_textbox("checkpassword", $checkpassword, 40))."<br>" ],
+		) :
+		( ),
+		[ "", &text('login_other',
+			&ui_textbox("pother", $pother, 30))."<br>" ],
+		]), 3);
+
+	print &ui_table_hr();
+	}

 $fuid = &find_value("first_valid_uid", $conf);
 print &ui_table_row($text{'login_fuid'},
@@ -232,7 +241,11 @@ $lgid = &find_value("last_valid_gid", $conf);
 print &ui_table_row($text{'login_lgid'},
    &ui_opt_textbox("lgid", $lgid, 6, &getdef("last_valid_gid", \@mmap)));

-$extra = &find_value("mail_extra_groups", $conf);
+$extra = &find_value(&version_atleast("2")
+			? "mail_access_groups"
+			: "mail_extra_groups",
+		     $conf);
+
 print &ui_table_row($text{'login_extra'},
 	    &ui_opt_textbox("extra", $extra, 50, $text{'login_none'})."\n".
 	    &group_chooser_button("extra", 1), 3);
--- a/dovecot/save_login.cgi
+++ b/dovecot/save_login.cgi
@@ -10,144 +10,151 @@ $conf = &get_config();
 # Allowed and default realm
 &save_directive($conf, "auth_realms",
 		$in{'realms_def'} ? undef : $in{'realms'});
-&save_directive($conf, "auth_default_realm",
+&save_directive($conf,
+		&version_atleast("2.4")
+			? "auth_default_domain"
+			: "auth_default_realm",
 		$in{'realm_def'} ? undef : $in{'realm'});

 # Authentication mechanisms
 if (&find("auth_mechanisms", $conf, 2)) {
 	&save_directive($conf, "auth_mechanisms",
-			join(" ", split(/\0/, $in{'mechs'})));
+			$in{'mechs'}
+				? join(" ", split(/\0/, $in{'mechs'}))
+				: undef);
 	}
 else {
 	&save_directive($conf, "mechanisms",
 			join(" ", split(/\0/, $in{'mechs'})), "auth","default");
 	}

-# User database
-$userdb = $in{'usermode'};
-if ($in{'usermode'} eq 'passwd-file') {
-	-r $in{'passwdfile'} || &error($text{'login_epasswdfile'});
-	$userdb .= " ".$in{'passwdfile'};
-	}
-elsif ($in{'usermode'} eq 'static') {
-	$in{'uid'} =~ /^\d+$/ || &error($text{'login_euid'});
-	$in{'gid'} =~ /^\d+$/ || &error($text{'login_egid'});
-	$in{'home'} || &error($text{'login_ehome'});
-	$userdb .= " uid=".$in{'uid'}." gid=".$in{'gid'}.
-		   " home=".$in{'home'};
-	}
-elsif ($in{'usermode'} eq 'ldap') {
-	-r $in{'ldap'} || &error($text{'login_eldap'});
-	$userdb .= " ".$in{'ldap'};
-	}
-elsif ($in{'usermode'} eq 'pgsql') {
-	-r $in{'pgsql'} || &error($text{'login_epgsql'});
-	$userdb .= " ".$in{'pgsql'};
-	}
-elsif ($in{'usermode'} eq 'sql') {
-	-r $in{'sql'} || &error($text{'login_esql'});
-	$userdb .= " ".$in{'sql'};
-	}
-elsif ($in{'usermode'} eq '') {
-	$userdb = $in{'other'};
-	}
-if ($usec = &find_section("userdb", $conf, undef, "auth", "default")) {
-	# Version 1.0.alpha format, which has a userdb *section*
-	($svalue, $args) = split(/\s+/, $userdb, 2);
-	$usec->{'value'} = $svalue;
-	$usec->{'members'} = [ grep { $_->{'name'} ne 'args' }
-				    @{$usec->{'members'}} ];
-	if ($args) {
-		$usec->{'members'} = [ { 'name' => 'args',
-					 'value' => $args } ];
+if (&version_atmost("2.4")) {
+	# User database
+	$userdb = $in{'usermode'};
+	if ($in{'usermode'} eq 'passwd-file') {
+		-r $in{'passwdfile'} || &error($text{'login_epasswdfile'});
+		$userdb .= " ".$in{'passwdfile'};
+		}
+	elsif ($in{'usermode'} eq 'static') {
+		$in{'uid'} =~ /^\d+$/ || &error($text{'login_euid'});
+		$in{'gid'} =~ /^\d+$/ || &error($text{'login_egid'});
+		$in{'home'} || &error($text{'login_ehome'});
+		$userdb .= " uid=".$in{'uid'}." gid=".$in{'gid'}.
+			" home=".$in{'home'};
+		}
+	elsif ($in{'usermode'} eq 'ldap') {
+		-r $in{'ldap'} || &error($text{'login_eldap'});
+		$userdb .= " ".$in{'ldap'};
+		}
+	elsif ($in{'usermode'} eq 'pgsql') {
+		-r $in{'pgsql'} || &error($text{'login_epgsql'});
+		$userdb .= " ".$in{'pgsql'};
+		}
+	elsif ($in{'usermode'} eq 'sql') {
+		-r $in{'sql'} || &error($text{'login_esql'});
+		$userdb .= " ".$in{'sql'};
+		}
+	elsif ($in{'usermode'} eq '') {
+		$userdb = $in{'other'};
+		}
+	if ($usec = &find_section("userdb", $conf, undef, "auth", "default")) {
+		# Version 1.0.alpha format, which has a userdb *section*
+		($svalue, $args) = split(/\s+/, $userdb, 2);
+		$usec->{'value'} = $svalue;
+		$usec->{'members'} = [ grep { $_->{'name'} ne 'args' }
+					@{$usec->{'members'}} ];
+		if ($args) {
+			$usec->{'members'} = [ { 'name' => 'args',
+						'value' => $args } ];
+			}
+		&save_section($conf, $usec);
+		}
+	elsif (&find("auth_userdb", $conf, 2)) {
+		# Version 0.99 format
+		&save_directive($conf, "auth_userdb", $userdb);
+		}
+	elsif (&find_value("driver", $conf, 2, "userdb")) {
+		# Version 2.0 format
+		$args = $userdb =~ s/\s+(\S.*)$// ? $1 : undef;
+		&save_directive($conf, "driver", $userdb, "userdb");
+		&save_directive($conf, "args", $args, "userdb");
+		}
+	else {
+		# Version 1.0 format
+		&save_directive($conf, "userdb", $userdb, "auth", "default");
 		}
-	&save_section($conf, $usec);
-	}
-elsif (&find("auth_userdb", $conf, 2)) {
-	# Version 0.99 format
-	&save_directive($conf, "auth_userdb", $userdb);
-	}
-elsif (&find_value("driver", $conf, 2, "userdb")) {
-	# Version 2.0 format
-	$args = $userdb =~ s/\s+(\S.*)$// ? $1 : undef;
-	&save_directive($conf, "driver", $userdb, "userdb");
-	&save_directive($conf, "args", $args, "userdb");
-	}
-else {
-	# Version 1.0 format
-	&save_directive($conf, "userdb", $userdb, "auth", "default");
-	}

-# Password mode
-$passdb = $in{'passmode'};
-if ($in{'passmode'} eq 'dpam') {
-	$passdb = "pam";
-	}
-elsif ($in{'passmode'} eq 'pam') {
-	$in{'ppam'} =~ /^\S+$/ || &error($text{'login_edpam'});
-	if (defined($in{'ppam_ckey'}) && !$in{'ppam_ckey_def'}) {
-		$ckey = $in{'ppam_ckey'};
-		$ckey =~ /^\S+$/ || &error($text{'login_eckey'});
+	# Password mode
+	$passdb = $in{'passmode'};
+	if ($in{'passmode'} eq 'dpam') {
+		$passdb = "pam";
 		}
-	$passdb .= ($in{'ppam_session'} ? " -session" : "").
-		   ($ckey ? " cache_key=$ckey" : "").
-		   " ".$in{'ppam'};
-	}
-elsif ($in{'passmode'} eq 'passwd-file') {
-	-r $in{'ppasswdfile'} || &error($text{'login_epasswdfile'});
-	$passdb .= " ".$in{'ppasswdfile'};
-	}
-elsif ($in{'passmode'} eq 'ldap') {
-	-r $in{'pldap'} || &error($text{'login_eldap'});
-	$passdb .= " ".$in{'pldap'};
-	}
-elsif ($in{'passmode'} eq 'pgsql') {
-	-r $in{'ppgsql'} || &error($text{'login_epgsql'});
-	$passdb .= " ".$in{'ppgsql'};
-	}
-elsif ($in{'passmode'} eq 'sql') {
-	-r $in{'psql'} || &error($text{'login_esql'});
-	$passdb .= " ".$in{'psql'};
-	}
-elsif ($in{'passmode'} eq 'bsdauth') {
-	$in{'bsdauth_ckey_def'} || $in{'bsdauth_ckey'} =~ /^\S+$/ ||
-		&error($text{'login_eckey'});
-	$passdb .= " cache_key=$in{'bsdauth_ckey'}"
-		if (!$in{'bsdauth_ckey_def'});
-	}
-elsif ($in{'passmode'} eq 'checkpassword') {
-	-x $in{'checkpassword'} || &error($text{'login_echeckpassword'});
-	$passdb .= " ".$in{'checkpassword'};
-	}
-elsif ($in{'passmode'} eq '') {
-	$passdb = $in{'other'};
-	}
-# XXX other modes
-if ($psec = &find_section("passdb", $conf, undef, "auth", "default")) {
-	# Version 1.0.alpha format
-	($svalue, $args) = split(/\s+/, $passdb, 2);
-	$psec->{'value'} = $svalue;
-	$psec->{'members'} = [ grep { $_->{'name'} ne 'args' }
-				    @{$psec->{'members'}} ];
-	if ($args) {
-		$psec->{'members'} = [ { 'name' => 'args',
-					 'value' => $args } ];
+	elsif ($in{'passmode'} eq 'pam') {
+		$in{'ppam'} =~ /^\S+$/ || &error($text{'login_edpam'});
+		if (defined($in{'ppam_ckey'}) && !$in{'ppam_ckey_def'}) {
+			$ckey = $in{'ppam_ckey'};
+			$ckey =~ /^\S+$/ || &error($text{'login_eckey'});
+			}
+		$passdb .= ($in{'ppam_session'} ? " -session" : "").
+			($ckey ? " cache_key=$ckey" : "").
+			" ".$in{'ppam'};
+		}
+	elsif ($in{'passmode'} eq 'passwd-file') {
+		-r $in{'ppasswdfile'} || &error($text{'login_epasswdfile'});
+		$passdb .= " ".$in{'ppasswdfile'};
+		}
+	elsif ($in{'passmode'} eq 'ldap') {
+		-r $in{'pldap'} || &error($text{'login_eldap'});
+		$passdb .= " ".$in{'pldap'};
+		}
+	elsif ($in{'passmode'} eq 'pgsql') {
+		-r $in{'ppgsql'} || &error($text{'login_epgsql'});
+		$passdb .= " ".$in{'ppgsql'};
+		}
+	elsif ($in{'passmode'} eq 'sql') {
+		-r $in{'psql'} || &error($text{'login_esql'});
+		$passdb .= " ".$in{'psql'};
+		}
+	elsif ($in{'passmode'} eq 'bsdauth') {
+		$in{'bsdauth_ckey_def'} || $in{'bsdauth_ckey'} =~ /^\S+$/ ||
+			&error($text{'login_eckey'});
+		$passdb .= " cache_key=$in{'bsdauth_ckey'}"
+			if (!$in{'bsdauth_ckey_def'});
+		}
+	elsif ($in{'passmode'} eq 'checkpassword') {
+		-x $in{'checkpassword'} || &error($text{'login_echeckpassword'});
+		$passdb .= " ".$in{'checkpassword'};
+		}
+	elsif ($in{'passmode'} eq '') {
+		$passdb = $in{'other'};
+		}
+	# XXX other modes
+	if ($psec = &find_section("passdb", $conf, undef, "auth", "default")) {
+		# Version 1.0.alpha format
+		($svalue, $args) = split(/\s+/, $passdb, 2);
+		$psec->{'value'} = $svalue;
+		$psec->{'members'} = [ grep { $_->{'name'} ne 'args' }
+					@{$psec->{'members'}} ];
+		if ($args) {
+			$psec->{'members'} = [ { 'name' => 'args',
+						'value' => $args } ];
+			}
+		&save_section($conf, $psec);
+		}
+	elsif (&find("auth_passdb", $conf, 2)) {
+		# Version 0.99 format
+		&save_directive($conf, "auth_passdb", $passdb);
+		}
+	elsif (&find_value("driver", $conf, 2, "passdb")) {
+		# Version 2.0 format
+		$args = $passdb =~ s/\s+(\S.*)$// ? $1 : undef;
+		&save_directive($conf, "driver", $passdb, "passdb");
+		&save_directive($conf, "args", $args, "passdb");
+		}
+	else {
+		# Version 1.0 format
+		&save_directive($conf, "passdb", $passdb, "auth", "default");
 		}
-	&save_section($conf, $psec);
-	}
-elsif (&find("auth_passdb", $conf, 2)) {
-	# Version 0.99 format
-	&save_directive($conf, "auth_passdb", $passdb);
-	}
-elsif (&find_value("driver", $conf, 2, "passdb")) {
-	# Version 2.0 format
-	$args = $passdb =~ s/\s+(\S.*)$// ? $1 : undef;
-	&save_directive($conf, "driver", $passdb, "passdb");
-	&save_directive($conf, "args", $args, "passdb");
-	}
-else {
-	# Version 1.0 format
-	&save_directive($conf, "passdb", $passdb, "auth", "default");
 	}

 # Allowed UIDs and GIDs
@@ -167,7 +174,10 @@ $in{'lgid_def'} || $in{'lgid'} =~ /^\d+$/ || &error($text{'login_elgid'});
 &save_directive($conf, "last_valid_gid",
 		$in{'lgid_def'} ? undef : $in{'lgid'});

-&save_directive($conf, "mail_extra_groups",
+&save_directive($conf,
+		&version_atleast("2")
+			? "mail_access_groups"
+			: "mail_extra_groups",
 		$in{'extra_def'} ? undef : $in{'extra'});

 $in{'chroot_def'} || -d $in{'chroot'} || &error($text{'login_echroot'});