From d1a94601177113db258876943bb495e2ff3f0c3c Mon Sep 17 00:00:00 2001
From: "Michael Kaufmann (d00p)" <d00p@froxlor.org>
Date: Mon, 22 Nov 2010 07:13:56 +0000
Subject: [PATCH] - validate if used mail-service (imap, pop3) is allowed for
 user, fixes #475

---
 .../configfiles/debian_lenny/courier/etc_courier_authmysqlrc  | 3 ++-
 .../debian_lenny/dovecot/etc_dovecot_dovecot-sql.conf         | 4 ++--
 .../freebsd/dovecot/usr_local_etc_dovecot-sql.conf            | 4 ++--
 .../gentoo/courier/etc_courier_authlib_authmysqlrc            | 3 ++-
 .../configfiles/gentoo/dovecot/etc_dovecot_dovecot-sql.conf   | 4 ++--
 .../suse_linux_10_0/courier/etc_authlib_authmysqlrc           | 2 ++
 .../configfiles/ubuntu_hardy/courier/etc_courier_authmysqlrc  | 3 ++-
 .../ubuntu_hardy/dovecot/etc_dovecot_dovecot-sql.conf         | 4 ++--
 .../configfiles/ubuntu_lucid/courier/etc_courier_authmysqlrc  | 3 ++-
 .../ubuntu_lucid/dovecot/etc_dovecot_dovecot-sql.conf         | 4 ++--
 10 files changed, 20 insertions(+), 14 deletions(-)

diff --git a/templates/misc/configfiles/debian_lenny/courier/etc_courier_authmysqlrc b/templates/misc/configfiles/debian_lenny/courier/etc_courier_authmysqlrc
index 6703bef4..8e5eef90 100644
--- a/templates/misc/configfiles/debian_lenny/courier/etc_courier_authmysqlrc
+++ b/templates/misc/configfiles/debian_lenny/courier/etc_courier_authmysqlrc
@@ -10,4 +10,5 @@ MYSQL_GID_FIELD gid
 MYSQL_LOGIN_FIELD username
 MYSQL_HOME_FIELD homedir
 MYSQL_MAILDIR_FIELD maildir
-MYSQL_QUOTA_FIELD (quota*1024*1024)
\ No newline at end of file
+MYSQL_QUOTA_FIELD (quota*1024*1024)
+MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)
diff --git a/templates/misc/configfiles/debian_lenny/dovecot/etc_dovecot_dovecot-sql.conf b/templates/misc/configfiles/debian_lenny/dovecot/etc_dovecot_dovecot-sql.conf
index ff1f064b..7323e623 100644
--- a/templates/misc/configfiles/debian_lenny/dovecot/etc_dovecot_dovecot-sql.conf
+++ b/templates/misc/configfiles/debian_lenny/dovecot/etc_dovecot_dovecot-sql.conf
@@ -1,5 +1,5 @@
 driver = mysql
 connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
 default_pass_scheme = CRYPT
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE username = '%u' OR email = '%u'
-user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE username = '%u' OR email = '%u'
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3'))
+user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3'))
diff --git a/templates/misc/configfiles/freebsd/dovecot/usr_local_etc_dovecot-sql.conf b/templates/misc/configfiles/freebsd/dovecot/usr_local_etc_dovecot-sql.conf
index 445daa4b..f9d84f6f 100644
--- a/templates/misc/configfiles/freebsd/dovecot/usr_local_etc_dovecot-sql.conf
+++ b/templates/misc/configfiles/freebsd/dovecot/usr_local_etc_dovecot-sql.conf
@@ -1,5 +1,5 @@
 driver = mysql
 connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
 default_pass_scheme = CRYPT
-password_query = SELECT username AS user, password_enc AS password FROM mail_users WHERE username = '%u'
-user_query = SELECT CONCAT(homedir,maildir) AS home, concat('maildir:',homedir,maildir) AS mail, uid, gid FROM mail_users where username = '%u'
+password_query = SELECT username AS user, password_enc AS password FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3'))
+user_query = SELECT CONCAT(homedir,maildir) AS home, concat('maildir:',homedir,maildir) AS mail, uid, gid FROM mail_users where (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3'))
diff --git a/templates/misc/configfiles/gentoo/courier/etc_courier_authlib_authmysqlrc b/templates/misc/configfiles/gentoo/courier/etc_courier_authlib_authmysqlrc
index 9208bfff..29d84fc4 100644
--- a/templates/misc/configfiles/gentoo/courier/etc_courier_authlib_authmysqlrc
+++ b/templates/misc/configfiles/gentoo/courier/etc_courier_authlib_authmysqlrc
@@ -10,4 +10,5 @@ MYSQL_GID_FIELD <VIRTUAL_GID_MAPS>
 MYSQL_LOGIN_FIELD username
 MYSQL_HOME_FIELD "<VIRTUAL_MAILBOX_BASE>"
 MYSQL_MAILDIR_FIELD maildir
-MYSQL_QUOTA_FIELD (quota*1024*1024)
\ No newline at end of file
+MYSQL_QUOTA_FIELD (quota*1024*1024)
+MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)
diff --git a/templates/misc/configfiles/gentoo/dovecot/etc_dovecot_dovecot-sql.conf b/templates/misc/configfiles/gentoo/dovecot/etc_dovecot_dovecot-sql.conf
index 62dd59ba..40a44d57 100644
--- a/templates/misc/configfiles/gentoo/dovecot/etc_dovecot_dovecot-sql.conf
+++ b/templates/misc/configfiles/gentoo/dovecot/etc_dovecot_dovecot-sql.conf
@@ -1,5 +1,5 @@
 driver = mysql
 connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
 default_pass_scheme = CRYPT
-password_query = "SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('*:storage=', quota,'M') AS userdb_quota_rule FROM mail_users WHERE username = '%u' OR email = '%u'"
-user_query = "SELECT CONCAT(homedir, maildir) AS home, uid, gid, CONCAT('*:storage=', quota,'M') AS quota_rule FROM mail_users WHERE username = '%u' OR email = '%u'"
+password_query = "SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('*:storage=', quota,'M') AS userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3'))"
+user_query = "SELECT CONCAT(homedir, maildir) AS home, uid, gid, CONCAT('*:storage=', quota,'M') AS quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3'))"
diff --git a/templates/misc/configfiles/suse_linux_10_0/courier/etc_authlib_authmysqlrc b/templates/misc/configfiles/suse_linux_10_0/courier/etc_authlib_authmysqlrc
index 4190aa9e..8e5eef90 100644
--- a/templates/misc/configfiles/suse_linux_10_0/courier/etc_authlib_authmysqlrc
+++ b/templates/misc/configfiles/suse_linux_10_0/courier/etc_authlib_authmysqlrc
@@ -10,3 +10,5 @@ MYSQL_GID_FIELD gid
 MYSQL_LOGIN_FIELD username
 MYSQL_HOME_FIELD homedir
 MYSQL_MAILDIR_FIELD maildir
+MYSQL_QUOTA_FIELD (quota*1024*1024)
+MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)
diff --git a/templates/misc/configfiles/ubuntu_hardy/courier/etc_courier_authmysqlrc b/templates/misc/configfiles/ubuntu_hardy/courier/etc_courier_authmysqlrc
index 6703bef4..8e5eef90 100644
--- a/templates/misc/configfiles/ubuntu_hardy/courier/etc_courier_authmysqlrc
+++ b/templates/misc/configfiles/ubuntu_hardy/courier/etc_courier_authmysqlrc
@@ -10,4 +10,5 @@ MYSQL_GID_FIELD gid
 MYSQL_LOGIN_FIELD username
 MYSQL_HOME_FIELD homedir
 MYSQL_MAILDIR_FIELD maildir
-MYSQL_QUOTA_FIELD (quota*1024*1024)
\ No newline at end of file
+MYSQL_QUOTA_FIELD (quota*1024*1024)
+MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)
diff --git a/templates/misc/configfiles/ubuntu_hardy/dovecot/etc_dovecot_dovecot-sql.conf b/templates/misc/configfiles/ubuntu_hardy/dovecot/etc_dovecot_dovecot-sql.conf
index ff1f064b..7323e623 100644
--- a/templates/misc/configfiles/ubuntu_hardy/dovecot/etc_dovecot_dovecot-sql.conf
+++ b/templates/misc/configfiles/ubuntu_hardy/dovecot/etc_dovecot_dovecot-sql.conf
@@ -1,5 +1,5 @@
 driver = mysql
 connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
 default_pass_scheme = CRYPT
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE username = '%u' OR email = '%u'
-user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE username = '%u' OR email = '%u'
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3'))
+user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3'))
diff --git a/templates/misc/configfiles/ubuntu_lucid/courier/etc_courier_authmysqlrc b/templates/misc/configfiles/ubuntu_lucid/courier/etc_courier_authmysqlrc
index 6703bef4..8e5eef90 100644
--- a/templates/misc/configfiles/ubuntu_lucid/courier/etc_courier_authmysqlrc
+++ b/templates/misc/configfiles/ubuntu_lucid/courier/etc_courier_authmysqlrc
@@ -10,4 +10,5 @@ MYSQL_GID_FIELD gid
 MYSQL_LOGIN_FIELD username
 MYSQL_HOME_FIELD homedir
 MYSQL_MAILDIR_FIELD maildir
-MYSQL_QUOTA_FIELD (quota*1024*1024)
\ No newline at end of file
+MYSQL_QUOTA_FIELD (quota*1024*1024)
+MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)
diff --git a/templates/misc/configfiles/ubuntu_lucid/dovecot/etc_dovecot_dovecot-sql.conf b/templates/misc/configfiles/ubuntu_lucid/dovecot/etc_dovecot_dovecot-sql.conf
index bbe09293..330877eb 100644
--- a/templates/misc/configfiles/ubuntu_lucid/dovecot/etc_dovecot_dovecot-sql.conf
+++ b/templates/misc/configfiles/ubuntu_lucid/dovecot/etc_dovecot_dovecot-sql.conf
@@ -1,5 +1,5 @@
 driver = mysql
 connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
 default_pass_scheme = CRYPT
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE username = '%u' OR email = '%u'
-user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', (quota*1024)) as quota_rule FROM mail_users WHERE username = '%u' OR email = '%u'
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3'))
+user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', (quota*1024)) as quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3'))