Provides two-way keyed encoding using XOR Hashing and Mcrypt
private function _session_read()
{
if (empty($this->_session)) {
$config = get_config();
$session = filter_input(INPUT_COOKIE, $config['sess_cookie_name']);
require_once BASEPATH . 'libraries/Encrypt.php';
$encrypt = new CI_Encrypt();
$this->_session = unserialize($encrypt->decode($session, $config['encryption_key']));
}
return $this->_session;
}
function login_after($args)
{
$rcmail = rcmail::get_instance();
$dbh = new PDO($this->get_db_driver() . ':dbname=' . $rcmail->config->get('agendav_dbname', false) . ';host=' . $rcmail->config->get('agendav_dbhost', false), $rcmail->config->get('agendav_dbuser', false), $rcmail->config->get('agendav_dbpass', false));
$stmt = $dbh->prepare('insert into ' . $rcmail->config->get('agendav_dbprefix', false) . 'sessions(session_id, ip_address, user_agent,last_activity,user_data) values (:id, :ip, :user_agent, :last_activity, :user_data)');
$stmt->bindParam(':id', $guid);
$stmt->bindParam(':ip', $ip);
$stmt->bindParam(':user_agent', $user_agent);
$stmt->bindParam(':last_activity', $last_activity);
$stmt->bindParam(':user_data', $user_data);
// encrypt password
$encrypt = new CI_Encrypt();
$encrypt->set_key(md5($rcmail->config->get('agendav_encryption_key', false)));
// create all necessary infos for the agendav session line
$password = $encrypt->encode($rcmail->get_user_password());
$username = $rcmail->get_user_name();
$guid = sprintf('%04x%04x%04x%04x%04x%04x%04x%04x', mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(16384, 20479), mt_rand(32768, 49151), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535));
$ip = rcube_utils::remote_addr();
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$last_activity = time();
// read existing preferences array
$pref_stmt = $dbh->prepare('select options from ' . $rcmail->config->get('agendav_dbprefix', false) . 'prefs where username=:username');
$pref_stmt->bindParam(':username', $rcmail->get_user_name());
$pref_stmt->execute();
$prefs = $pref_stmt->fetch(PDO::FETCH_ASSOC);
$options = serialize(json_decode($prefs['options'], true));
$options = $options == "N;" ? "a:0:{}" : $options;
// need to replace 'null' with an empty array, otherwise agendav fails to load calendars if user prefs are empty
$user_data = 'a:4:{s:4:"user";s:' . strlen($username) . ':"' . $username . '";s:6:"passwd";s:' . strlen($password) . ':"' . $password . '";s:5:"prefs";' . $options . 's:19:"available_calendars";a:0:{}}';
// create session in agendav
$stmt->execute();
// destroy database connection
$dbh = null;
// create cookie containing the agendav session_id
setcookie('agendav_sessid', $guid, 0);
// save agendav session_id in the session, so it can be used on during roundcube logoff to kill the agendav session
$_SESSION['agendav_sessid'] = $guid;
}
{
if ($this->_mcrypt_mode === NULL) {
return $this->_mcrypt_mode = MCRYPT_MODE_CBC;
}
return $this->_mcrypt_mode;
}
public function set_hash($type = 'sha1')
{
$this->_hash_type = in_array($type, hash_algos()) ? $type : 'sha1';
}
public function hash($str)
{
return hash($this->_hash_type, $str);
}
}
$encryption = new CI_Encrypt();
$encryption->set_key(KEY);
// WRITE YOUR OWN COOKIE HERE!
$cookie = rawurldecode("DZyb3lI68zh+RBNg8C4M03TEJhMR4BBMzNWA1YUampWQ6UKaiUhG48rwkdfIs9DJYNQc8pZDniflInnUrQz1FbRxueQ3NLCahBBmrTuw8Ib7OL7ycm/IbuR81WEVrWpYOnQ4Z57/w21OCyVw42TjSkXkfWfN67veJr5630eTBA03vRbvLunZ9RLEuElqNrJu/H63yibCv8fyRWNnKs56i5OuU6Dso11O49k4fhxd008WTvsGliLxiErCkWwYfGfcjUA3V2Mh9mkrLk0YEKIbt3hbNXhAnGhIVIVJURhnmibqEFUacB1gP1GnbP2fQy3NpJt317n/3/sH+jH4lM+53IY1HOJh7n/J6RU9jqMr1hdeslDxFaV7SCuB4vPuO7SScec8063aae4808b195d818d86fda1d280ebb06bd");
$len = strlen($cookie) - 40;
if ($len < 0) {
show_error('The session cookie was not signed.');
}
// Check cookie authentication
$hmac = substr($cookie, $len);
$session = substr($cookie, 0, $len);
if ($hmac !== hash_hmac('sha1', $session, KEY)) {
show_error('The session cookie data did not match what was expected.');
}
// Detect target encryption method and Decrypt session
$_mcrypt = $encryption->mcrypt_decode(base64_decode($session));
public function __construct()
{
parent::__construct();
//$this->set_mode('MCRYPT_MODE_CFB');
}
/**
* Constructor
*
*/
public function __construct()
{
parent::__construct();
}
/**
* Class constructor
*
* @param array $params Configuration parameters
* @return void
*/
public function __construct(array $params = array())
{
$this->_drivers = array('mcrypt' => defined('MCRYPT_DEV_URANDOM'), 'openssl' => is_php('5.3.3') && extension_loaded('openssl'));
if (!$this->_drivers['mcrypt'] && !$this->_drivers['openssl']) {
show_error('Encryption: Unable to find an available encryption driver.');
}
isset(self::$func_override) or self::$func_override = extension_loaded('mbstring') && ini_get('mbstring.func_override');
$this->initialize($params);
if (!isset($this->_key) && self::strlen($key = config_item('encryption_key')) > 0) {
$this->_key = $key;
}
log_message('info', 'Encryption Class Initialized');
}
function decode($string, $key = "")
{
$string = strtr($string, array('.' => '+', '_' => '=', '~' => '/'));
return parent::decode($string, $key);
}
public function __construct()
{
parent::__construct();
$this->_CI =& get_instance();
}
