git: c88031b675d1 - main - mail/roundcube-twofactor_gauthenticator: Fix PHP 8.1 compat
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 18 Sep 2022 10:29:42 UTC
The branch main has been updated by brnrd:
URL: https://cgit.FreeBSD.org/ports/commit/?id=c88031b675d1f28b9039b7af1a4e9c8c5a259970
commit c88031b675d1f28b9039b7af1a4e9c8c5a259970
Author: Bernard Spil <brnrd@FreeBSD.org>
AuthorDate: 2022-09-18 10:27:55 +0000
Commit: Bernard Spil <brnrd@FreeBSD.org>
CommitDate: 2022-09-18 10:29:27 +0000
mail/roundcube-twofactor_gauthenticator: Fix PHP 8.1 compat
* Mark 8.1 compatible for Roundcube 1.6.0
* Add patch [1]
[1]: https://github.com/alexandregz/twofactor_gauthenticator/pull/165
PR: 265653
---
mail/roundcube-twofactor_gauthenticator/Makefile | 4 +-
mail/roundcube-twofactor_gauthenticator/distinfo | 6 +-
.../files/patch-Issue165 | 781 +++++++++++++++++++++
mail/roundcube-twofactor_gauthenticator/pkg-plist | 1 +
4 files changed, 787 insertions(+), 5 deletions(-)
diff --git a/mail/roundcube-twofactor_gauthenticator/Makefile b/mail/roundcube-twofactor_gauthenticator/Makefile
index d35aaa295034..aab1470d92ea 100644
--- a/mail/roundcube-twofactor_gauthenticator/Makefile
+++ b/mail/roundcube-twofactor_gauthenticator/Makefile
@@ -1,5 +1,5 @@
PORTNAME= twofactor_gauthenticator
-PORTVERSION= g20220403
+PORTVERSION= g20220911
CATEGORIES= mail security
PKGNAMEPREFIX= roundcube-
PKGNAMESUFFIX= ${PHP_PKGNAMESUFFIX}
@@ -14,7 +14,7 @@ BUILD_DEPENDS= roundcube${PHP_PKGNAMESUFFIX}>=1.0:mail/roundcube@${PHP_FLAVOR}
RUN_DEPENDS= roundcube${PHP_PKGNAMESUFFIX}>=1.0:mail/roundcube@${PHP_FLAVOR}
USES= php:flavors
-IGNORE_WITH_PHP=81 82
+IGNORE_WITH_PHP=82
USE_GITHUB= yes
GH_ACCOUNT= alexandregz
diff --git a/mail/roundcube-twofactor_gauthenticator/distinfo b/mail/roundcube-twofactor_gauthenticator/distinfo
index 3322ebdbdb81..a1b643c02fc3 100644
--- a/mail/roundcube-twofactor_gauthenticator/distinfo
+++ b/mail/roundcube-twofactor_gauthenticator/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1659705932
-SHA256 (alexandregz-twofactor_gauthenticator-g20220403-06e21b0_GH0.tar.gz) = fb224c584af79e3797a1de6319a63cbc8773b97bea14161654139d2e5872307b
-SIZE (alexandregz-twofactor_gauthenticator-g20220403-06e21b0_GH0.tar.gz) = 1157840
+TIMESTAMP = 1663421514
+SHA256 (alexandregz-twofactor_gauthenticator-g20220911-06e21b0_GH0.tar.gz) = fb224c584af79e3797a1de6319a63cbc8773b97bea14161654139d2e5872307b
+SIZE (alexandregz-twofactor_gauthenticator-g20220911-06e21b0_GH0.tar.gz) = 1157840
diff --git a/mail/roundcube-twofactor_gauthenticator/files/patch-Issue165 b/mail/roundcube-twofactor_gauthenticator/files/patch-Issue165
new file mode 100644
index 000000000000..2f867ccda1ca
--- /dev/null
+++ b/mail/roundcube-twofactor_gauthenticator/files/patch-Issue165
@@ -0,0 +1,781 @@
+diff -ruN 2FA_qr_code.js.orig 2FA_qr_code.js
+--- 2FA_qr_code.js.orig 2022-04-04 01:10:32.000000000 +0200
++++ 2FA_qr_code.js 2022-08-26 10:13:19.458764000 +0200
+@@ -7,9 +7,9 @@
+ text: url_qr_code_values,
+ width: 200,
+ height: 200,
+- colorDark : "#000000",
++ colorDark : rcmail.env.qr_image_colour,
+ colorLight : "#ffffff",
+- correctLevel : QRCode.CorrectLevel.M // like charts.googleapis.com
++ correctLevel : QRCode.CorrectLevel.M //like charts.googleapis.com
+ });
+
+ $('#2FA_qr_code').prop('title', ''); // enjoy the silence (qrcode.js uses text to set title)
+diff -ruN config.inc.php.dist.orig config.inc.php.dist
+--- config.inc.php.dist.orig 2022-04-04 01:10:32.000000000 +0200
++++ config.inc.php.dist 2022-08-29 15:50:06.293339000 +0200
+@@ -8,12 +8,17 @@
+
+ // Admin can disable saving devices for all users (paranoid mode)
+ // Default: allow saving devices (true)
+-$rcmail_config['allow_save_device_30days'] = true;
++$rcmail_config['allow_save_device_xdays'] = true;
+
++$rcmail_config['save_device_xdays'] = 30;
++
++$rcmail_config['qr_image_colour'] = "#000000";
++
+ // Make the 2-step field a masked password input type
+ // Default: form field will be text (false)
+ $rcmail_config['twofactor_formfield_as_password'] = false;
+
++$rcmail_config['enable_ua2fa'] = false;
+
+ // Users allowed to use plugin (IMPORTANT: other users DON'T have plugin activated)
+ $rcmail_config['users_allowed_2FA'] = array('ale.*@tereborace.com', 'administrator@tereborace.com');
+diff -ruN localization/cs_CZ.inc.orig localization/cs_CZ.inc
+--- localization/cs_CZ.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/cs_CZ.inc 2022-09-17 15:26:27.718498000 +0200
+@@ -31,7 +31,7 @@
+ $labels['code_ok'] = 'Správný kód';
+ $labels['code_ko'] = 'Špatný kód';
+
+-$labels['dont_ask_me_30days'] = 'Neptat se na tomto stroji znovu na kódy následujích 30 dnů';
++$labels['dont_ask_me_xdays'] = 'Neptat se na tomto stroji znovu na kódy následujích % dnů';
+
+ $labels['check_code_to_activate'] = 'Pro uložení, naskenujte QR kód a vložte následně vygenerovaný dvoufázový kód níže.';
+
+diff -ruN localization/da_DK.inc ./localization/da_DK.inc
+--- localization/da_DK.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/da_DK.inc 2022-09-17 15:26:27.718746000 +0200
+@@ -32,7 +32,7 @@
+ $labels['code_ok'] = 'Koden er OK';
+ $labels['code_ko'] = 'Koden er forkert';
+
+-$labels['dont_ask_me_30days'] = 'Spørg mig ikke igen de næste 30 dage på denne computer';
++$labels['dont_ask_me_xdays'] = 'Spørg mig ikke igen de næste % dage på denne computer';
+
+ $labels['check_code_to_activate'] = 'For at gemme, scan QR koden og indtast verificeringskoden nederst.';
+
+diff -ruN localization/de_DE.inc.orig localization/de_DE.inc
+--- localization/de_DE.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/de_DE.inc 2022-09-17 15:26:27.718988000 +0200
+@@ -31,7 +31,7 @@
+ $labels['code_ok'] = 'Code OK';
+ $labels['code_ko'] = 'Falscher Code';
+
+-$labels['dont_ask_me_30days'] = 'Nicht erneut nach dem Code fragen für die nächsten 30 Tage';
++$labels['dont_ask_me_xdays'] = 'Nicht erneut nach dem Code fragen für die nächsten % Tage';
+
+ $labels['check_code_to_activate'] = 'Um zu speichern, muss mindestens 1 Code zuvor geprüpft werden';
+
+diff -ruN localization/en_UK.inci.orig localization/en_UK.inc
+--- localization/en_UK.inc.orig 1970-01-01 01:00:00.000000000 +0100
++++ localization/en_UK.inc 2022-08-29 16:54:34.478291000 +0200
+@@ -0,0 +1,41 @@
++<?php
++// Labels used for different portions of the plugin
++$labels = array();
++$labels['activate'] = 'Activate';
++$labels['twofactor_gauthenticator'] = 'Two-Factor Authentication';
++$labels['code'] = 'Google Authenticator Code';
++
++$labels['two_step_verification_form'] = '2-Factor Authentication Code:';
++
++$labels['secret'] = 'Secret';
++$labels['qr_code'] = 'QR Code';
++$labels['msg_infor'] = 'You can scan this QR code containing the 2-Factor settings using a TOTP compatible app such as <a href="https://github.com/google/google-authenticator" target="_blank">google-authenticator</a>';
++
++$labels['show_secret'] = 'Show secret';
++$labels['hide_secret'] = 'Hide secret';
++$labels['create_secret'] = 'Create secret';
++
++$labels['show_qr_code'] = 'Show QR Code';
++$labels['hide_qr_code'] = 'Hide QR Code';
++
++$labels['recovery_codes'] = 'Recovery codes';
++$labels['show_recovery_codes'] = 'Show recovery codes';
++$labels['hide_recovery_codes'] = 'Hide recovery codes';
++
++$labels['setup_all_fields'] = 'Fill all fields (make sure you click save to store your settings)';
++
++$labels['enrollment_dialog_title'] = '2-Factor authentication enrollment';
++$labels['enrollment_dialog_msg'] = '<strong>2-Factor authentication codes</strong> are required for increased security, please configure them now.';
++
++$labels['check_code'] = 'Check code';
++$labels['code_ok'] = 'Code OK';
++$labels['code_ko'] = 'Incorrect code';
++
++$labels['dont_ask_me_xdays'] = 'Don't ask me codes again on this computer for % days';
++
++$labels['check_code_to_activate'] = 'To save, please scan the QR Code and enter the current 2-Factor code below.';
++
++// Messages used for the different portions of the plugin
++$messages = array();
++$messages['successfully_saved'] = '2-Factor authentication settings saved successfully.';
++
+diff -ruN localization/en_US.inc.orig localization/en_US.inc
+--- localization/en_US.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/en_US.inc 2022-08-29 16:54:34.478453000 +0200
+@@ -2,7 +2,7 @@
+ // Labels used for different portions of the plugin
+ $labels = array();
+ $labels['activate'] = 'Activate';
+-$labels['twofactor_gauthenticator'] = '2-Factor Authentication';
++$labels['twofactor_gauthenticator'] = 'Two-Factor Authentication';
+ $labels['code'] = 'Google Authenticator Code';
+
+ $labels['two_step_verification_form'] = '2-Factor Authentication Code:';
+@@ -31,11 +31,10 @@
+ $labels['code_ok'] = 'Code OK';
+ $labels['code_ko'] = 'Incorrect code';
+
+-$labels['dont_ask_me_30days'] = 'Don't ask me codes again on this computer for 30 days';
++$labels['dont_ask_me_xdays'] = 'Don't ask me codes again on this computer for % days';
+
+ $labels['check_code_to_activate'] = 'To save, please scan the QR Code and enter the current 2-Factor code below.';
+
+ // Messages used for the different portions of the plugin
+ $messages = array();
+ $messages['successfully_saved'] = '2-Factor authentication settings saved successfully.';
+-
+diff -ruN localization/es_AR.inc.orig localization/es_AR.inc
+--- localization/es_AR.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/es_AR.inc 2022-09-17 15:26:27.719230000 +0200
+@@ -32,7 +32,7 @@
+ $labels['code_ok'] = 'Código correcto';
+ $labels['code_ko'] = 'Código incorrecto';
+
+-$labels['dont_ask_me_30days'] = 'No solicitar códigos en esta computadora durante 30 días';
++$labels['dont_ask_me_xdays'] = 'No solicitar códigos en esta computadora durante % días';
+
+ $labels['check_code_to_activate'] = 'Para poder guardar, antes debe de chequearse algún código';
+
+diff -ruN localization/es_ES.inc.orig localization/es_ES.inc
+--- localization/es_ES.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/es_ES.inc 2022-09-17 15:26:27.719477000 +0200
+@@ -32,7 +32,7 @@
+ $labels['code_ok'] = 'Codigo correcto';
+ $labels['code_ko'] = 'Codigo erróneo';
+
+-$labels['dont_ask_me_30days'] = 'No solicitar códigos en este ordenador durante 30 días';
++$labels['dont_ask_me_xdays'] = 'No solicitar códigos en este ordenador durante % días';
+
+ $labels['check_code_to_activate'] = 'Para poder guardar, antes debe de comprobarse algún código';
+
+diff -ruN localization/fr_FR.inc.orig ./localization/fr_FR.inc
+--- localization/fr_FR.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/fr_FR.inc 2022-09-17 15:26:27.719708000 +0200
+@@ -32,7 +32,7 @@
+ $labels['code_ok'] = 'Code OK';
+ $labels['code_ko'] = 'Code incorrect';
+
+-$labels['dont_ask_me_30days'] = 'Ne plus me demander de codes pour 30 jours.';
++$labels['dont_ask_me_xdays'] = 'Ne plus me demander de codes pour % jours.';
+
+ $labels['check_code_to_activate'] = 'Pour enregistrer, scannez le QR Code et entrez un premier code de vérification ci-dessous.';
+
+diff -ruN localization/gl_ES.inc.orig localization/gl_ES.inc
+--- localization/gl_ES.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/gl_ES.inc 2022-09-17 15:26:27.719937000 +0200
+@@ -32,7 +32,7 @@
+ $labels['code_ok'] = 'Codigo correcto';
+ $labels['code_ko'] = 'Codigo erróneo';
+
+-$labels['dont_ask_me_30days'] = 'Non solicitar códigos nesta computadora durante 30 días';
++$labels['dont_ask_me_xdays'] = 'Non solicitar códigos nesta computadora durante % días';
+
+ $labels['check_code_to_activate'] = 'Para poder gardar, antes debese ter comprobado a validez dalgún código';
+
+diff -ruN localization/he_IL.inc.orig localization/he_IL.inc
+--- localization/he_IL.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/he_IL.inc 2022-09-17 15:26:27.720169000 +0200
+@@ -22,7 +22,7 @@
+ $labels['check_code'] = 'בדוק קוד';
+ $labels['code_ok'] = 'הקוד תקין';
+ $labels['code_ko'] = 'הקוד לא תקין';
+-$labels['dont_ask_me_30days'] = 'אל תבקש ממני קודים אלו שוב במחשב זה למשך 30 יום';
++$labels['dont_ask_me_xdays'] = 'אל תבקש ממני קודים אלו שוב במחשב זה למשך % יום';
+ $labels['check_code_to_activate'] = 'כדי לשמור, אנא סרוק את קוד ה-QR והכנס למטה את קוד האימות הדו-שלבי הנוכחי.';
+ // Messages used for the different portions of the plugin
+ $messages = array();
+diff -ruN localization/hu_HU.inc.orig localization/hu_HU.inc
+--- localization/hu_HU.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/hu_HU.inc 2022-09-17 15:26:27.720411000 +0200
+@@ -31,7 +31,7 @@
+ $labels['code_ok'] = 'Helyes kód';
+ $labels['code_ko'] = 'Hibás kód';
+
+-$labels['dont_ask_me_30days'] = 'Ne kérdezze tőlem a kódot a következő 30 napban';
++$labels['dont_ask_me_xdays'] = 'Ne kérdezze tőlem a kódot a következő % napban';
+
+ $labels['check_code_to_activate'] = 'A mentéshez kérem olvassa be a QR-kódot és írja be a kapott kétfaktoros kódot.';
+
+diff -ruN localization/it_IT.inc.orig localization/it_IT.inc
+--- localization/it_IT.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/it_IT.inc 2022-09-17 15:26:27.720632000 +0200
+@@ -32,7 +32,7 @@
+ $labels['code_ok'] = 'Codice OK';
+ $labels['code_ko'] = 'Codicec non corretto';
+
+-$labels['dont_ask_me_30days'] = 'Non chiedermi più codici per i prossimi 30 giorni su questo computer';
++$labels['dont_ask_me_xdays'] = 'Non chiedermi più codici per i prossimi % giorni su questo computer';
+
+ $labels['check_code_to_activate'] = 'Per salvare devi prima verificare il codice';
+
+diff -ruN localization/ja_JP.inc.orig localization/ja_JP.inc
+--- localization/ja_JP.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/ja_JP.inc 2022-09-17 15:26:27.720851000 +0200
+@@ -31,7 +31,7 @@
+ $labels['code_ok'] = 'コードOK';
+ $labels['code_ko'] = 'コードが違ってます';
+
+-$labels['dont_ask_me_30days'] = '子の端末で以後30日間コードを求めるな';
++$labels['dont_ask_me_xdays'] = '子の端末で以後%日間コードを求めるな';
+
+ $labels['check_code_to_activate'] = '保存する前にコードを確認してください';
+
+diff -ruN localization/nl_NL.inc.orig localization/nl_NL.inc
+--- localization/nl_NL.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/nl_NL.inc 2022-09-17 15:26:27.721067000 +0200
+@@ -16,13 +16,13 @@
+ $labels['recovery_codes'] = 'Herstelcodes';
+ $labels['show_recovery_codes'] = 'Herstelcodes weergeven';
+ $labels['hide_recovery_codes'] = 'Herstelcodes verbergen';
+-$labels['setup_all_fields'] = 'Alle velden instellen (vereist )';
++$labels['setup_all_fields'] = 'Alle velden instellen (vereist)';
+ $labels['enrollment_dialog_title'] = '2-staps verificatie';
+ $labels['enrollment_dialog_msg'] = '<strong>2-staps verificatiecodes</strong> zijn vereist voor veiligheid, stel ze alstublieft in';
+ $labels['check_code'] = 'Check code';
+ $labels['code_ok'] = 'Code correct';
+ $labels['code_ko'] = 'Code incorrect';
+-$labels['dont_ask_me_30days'] = 'Vraag me de komende 30 dagen niet opnieuw op deze computer';
++$labels['dont_ask_me_xdays'] = 'Vraag me de komende % dagen niet opnieuw op deze computer';
+ $labels['check_code_to_activate'] = 'Om op te slaan, scan alstublieft de QR Code en voer de verificatiecode hieronder in.';
+ // Messages used for the different portions of the plugin
+ $messages = array();
+diff -ruN localization/pl_PL.inc localization/pl_PL.inc
+--- localization/pl_PL.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/pl_PL.inc 2022-09-17 15:26:27.721291000 +0200
+@@ -32,7 +32,7 @@
+ $labels['code_ok'] = 'Kod OK';
+ $labels['code_ko'] = 'Błędny kod';
+
+-$labels['dont_ask_me_30days'] = 'Nie pytaj ponownie o kod na tym komputerze przez następne 30 dni';
++$labels['dont_ask_me_xdays'] = 'Nie pytaj ponownie o kod na tym komputerze przez następne % dni';
+
+ $labels['check_code_to_activate'] = 'Aby zapisać, zeskanuj kod QR i zweryfikuj go przyciskiem Sprawdź Kod';
+
+diff -ruN localization/pt_BR.inc.orig localization/pt_BR.inc
+--- localization/pt_BR.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/pt_BR.inc 2022-09-17 15:26:27.721519000 +0200
+@@ -31,7 +31,7 @@
+ $labels['code_ok'] = 'QR Code Válido';
+ $labels['code_ko'] = 'QR Code Incorreto';
+
+-$labels['dont_ask_me_30days'] = 'Não perguntar por 30 dias';
++$labels['dont_ask_me_xdays'] = 'Não perguntar por % dias';
+
+ $labels['check_code_to_activate'] = 'Para salvar, escaneie o QR code e introduza o código da Verificação em Duas Etapas [2FA] abaixo.';
+
+diff -ruN localization/ru_RU.inc.orig localization/ru_RU.inc
+--- localization/ru_RU.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/ru_RU.inc 2022-09-17 15:26:27.721744000 +0200
+@@ -32,7 +32,7 @@
+ $labels['code_ok'] = 'Код в порядке';
+ $labels['code_ko'] = 'Неверный код';
+
+-$labels['dont_ask_me_30days'] = 'Не спрашивать коды на этом компьютере 30 дней';
++$labels['dont_ask_me_xdays'] = 'Не спрашивать коды на этом компьютере % дней';
+
+ $labels['check_code_to_activate'] = 'Для сохранения, необходимо проверить код';
+
+diff -ruN localization/sk_SK.inc.orig localization/sk_SK.inc
+--- localization/sk_SK.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/sk_SK.inc 2022-09-17 15:26:27.721968000 +0200
+@@ -31,7 +31,7 @@
+ $labels['code_ok'] = 'Správny kód';
+ $labels['code_ko'] = 'Neplatný kód';
+
+-$labels['dont_ask_me_30days'] = 'Nepýtať si na tomto zariadení kódy 30 dní ';
++$labels['dont_ask_me_xdays'] = 'Nepýtať si na tomto zariadení kódy % dní ';
+
+ $labels['check_code_to_activate'] = 'Pre aktiváciu naskenujte QR kód v TOTP aplikácii (napr. Google Authenticator alebo Authy) a následne zadajte vygenerovaný kód.';
+
+diff -ruN localization/sv_SE.inc.orig localization/sv_SE.inc
+--- localization/sv_SE.inc.orig 2022-04-04 01:10:32.000000000 +0200
++++ localization/sv_SE.inc 2022-09-17 15:26:27.722189000 +0200
+@@ -32,7 +32,7 @@
+ $labels['code_ok'] = 'Koden godkänd';
+ $labels['code_ko'] = 'Inkorrekt kod';
+
+-$labels['dont_ask_me_30days'] = 'KOm i håg mig på den här enheten i 30 dagar';
++$labels['dont_ask_me_xdays'] = 'KOm i håg mig på den här enheten i % dagar';
+
+ $labels['check_code_to_activate'] = 'KOntrollera kod för att aktivera';
+
+diff -ruN twofactor_gauthenticator.js.orig twofactor_gauthenticator.js
+--- twofactor_gauthenticator.js.orig 2022-04-04 01:10:32.000000000 +0200
++++ twofactor_gauthenticator.js 2022-08-26 10:13:19.459868000 +0200
+@@ -50,14 +50,14 @@
+
+ // add qr-code before msg_infor
+ var url_qr_code_values = 'otpauth://totp/' +$('#prefs-title').html().split(/ - /)[1]+ '?secret=' +$('#2FA_secret').get(0).value +'&issuer=RoundCube2FA%20'+window.location.hostname;
+- $('table tr:last').before('<tr><td>' +rcmail.gettext('qr_code', 'twofactor_gauthenticator')+ '</td><td><input type="button" class="button mainaction btn btn-primary" id="2FA_change_qr_code" value="'
++ $('table tr:last').before('<tr class="form-group row"><td class="title col-sm-6">' +rcmail.gettext('qr_code', 'twofactor_gauthenticator')+ '</td><td class="col-sm-6"><input type="button" class="button mainaction btn btn-primary" id="2FA_change_qr_code" value="'
+ +rcmail.gettext('hide_qr_code', 'twofactor_gauthenticator')+ '"><div id="2FA_qr_code" style="display: visible; margin-top: 10px;"></div></td></tr>');
+
+ var qrcode = new QRCode(document.getElementById("2FA_qr_code"), {
+ text: url_qr_code_values,
+ width: 200,
+ height: 200,
+- colorDark : "#000000",
++ colorDark : rcmail.env.qr_image_colour,
+ colorLight : "#ffffff",
+ correctLevel : QRCode.CorrectLevel.L // like charts.googleapis.com
+ });
+@@ -129,7 +129,9 @@
+ $('#2FA_check_code').click(function(){
+ url = "./?_action=plugin.twofactor_gauthenticator-checkcode&code=" +$('#2FA_code_to_check').val() + '&secret='+$('#2FA_secret').val();
+ $.post(url, function(data){
+- alert(data);
++
++ alert(data);
++
+ if(data == rcmail.gettext('code_ok', 'twofactor_gauthenticator'))
+ $('#2FA_setup_fields').prev().removeAttr('disabled');
+
+diff -ruN twofactor_gauthenticator.php twofactor_gauthenticator.php
+--- twofactor_gauthenticator.php 2022-04-04 01:10:32.000000000 +0200
++++ twofactor_gauthenticator.php.orig 2022-09-17 15:26:27.722699000 +0200
+@@ -19,8 +19,9 @@
+ {
+ private $_number_recovery_codes = 4;
+
+- // relative from RC home dir, not plugin directory
+- private $_logs_file = '/logs/log_errors_2FA.txt';
++ // relative to $config['log_dir'], not plugin directory
++ private $_log_dir = '.';
++ private $_log_file = 'twofactor_gauthenticator.txt';
+
+ function init()
+ {
+@@ -32,7 +33,8 @@
+ $this->add_hook('render_page', array($this, 'popup_msg_enrollment'));
+
+ $this->load_config();
+-
++ $this->_log_dir = realpath($rcmail->config->get('log_dir','.')).DIRECTORY_SEPARATOR;
++
+ $allowedPlugin = $this->__pluginAllowedByConfig();
+
+ // skipping all logic and plugin not appears
+@@ -52,11 +54,13 @@
+ $this->include_script('qrcode.min.js');
+
+ // settings we will export to the form javascript
+- //$this_output = $this->api->output;
+- //if ($this_output) {
+- // $this->api->output->set_env('allow_save_device_30days',$rcmail->config->get('allow_save_device_30days',true));
+- // $this->api->output->set_env('twofactor_formfield_as_password',$rcmail->config->get('twofactor_formfield_as_password',false));
+- //}
++ $this_output = $this->api->output;
++ if ($this_output) {
++ $this->api->output->set_env('allow_save_device_xdays',$rcmail->config->get('allow_save_device_xdays',true));
++ $this->api->output->set_env('save_device_xdays',$rcmail->config->get('save_device_xdays',30));
++ $this->api->output->set_env('twofactor_formfield_as_password',$rcmail->config->get('twofactor_formfield_as_password',false));
++ $this->api->output->set_env('qr_image_colour',$rcmail->config->get('qr_image_colour',"#000000"));
++ }
+ }
+
+ // check if user are valid from config.inc.php or true (by default) if config.inc.php not exists
+@@ -65,23 +69,27 @@
+
+ $this->load_config();
+
+- // users allowed to use plugin (not showed for others!).
+- // -- From config.inc.php file.
+- // -- You can use regexp: admin.*@domain.com
+- $users = $rcmail->config->get('users_allowed_2FA');
+- if(is_array($users)) { // exists "users" from config.inc.php
+- foreach($users as $u) {
+- if (isset( $rcmail->user->data['username'])){
+- preg_match("/$u/", $rcmail->user->data['username'], $matches);
++ if($rcmail->config->get('enable_ua2fa')){
++
++ // users allowed to use plugin (not showed for others!).
++ // -- From config.inc.php file.
++ // -- You can use regexp: admin.*@domain.com
++ $users = $rcmail->config->get('users_allowed_2FA');
++ if(is_array($users)) { // exists "users" from config.inc.php
++ foreach($users as $u) {
++ if (isset( $rcmail->user->data['username'])){
++ preg_match("/$u/", $rcmail->user->data['username'], $matches);
+
+- if(isset($matches[0])) {
+- return true;
+- }
+- }
+- }
++ if(isset($matches[0])) {
++ return true;
++ }
++ }
++ }
+
+- // not allowed for all, except explicit
+- return false;
++ // not allowed for all, except explicit
++ return false;
++ }
++
+ }
+
+ // by default, all users have plugin activated
+@@ -98,7 +106,7 @@
+
+
+ $config_2FA = self::__get2FAconfig();
+- if(!($config_2FA['activate'] ?? false))
++ if(!$config_2FA['activate'])
+ {
+ if($rcmail->config->get('force_enrollment_users'))
+ {
+@@ -115,12 +123,9 @@
+
+ $rcmail->output->set_pagetitle($this->gettext('twofactor_gauthenticator'));
+
+- $rcmail->output->set_env('allow_save_device_30days',$rcmail->config->get('allow_save_device_30days',true));
+- $rcmail->output->set_env('twofactor_formfield_as_password',$rcmail->config->get('twofactor_formfield_as_password',false));
+-
+ $this->add_texts('localization', true);
+ $this->include_script('twofactor_gauthenticator_form.js');
+-
++
+ $rcmail->output->send('login');
+ }
+
+@@ -130,21 +135,21 @@
+ $rcmail = rcmail::get_instance();
+ $config_2FA = self::__get2FAconfig();
+
+- if($config_2FA['activate'] ?? false)
++
++ if($config_2FA['activate'])
+ {
+- // with IP allowed, we don't need to check anything
+- if($rcmail->config->get('whitelist')) {
+- foreach($rcmail->config->get('whitelist') as $ip_to_check) {
+- if(CIDR::match($_SERVER['REMOTE_ADDR'], $ip_to_check)) {
+- if(isset($_SESSION['twofactor_gauthenticator_login'])) {
++ // with IP allowed, we don't need to check anything
++ if($rcmail->config->get('whitelist')) {
++ if(is_array($rcmail->config->get('whitelist'))){
++ foreach($rcmail->config->get('whitelist') as $ip_to_check) {
++ if(CIDR::match($_SERVER['REMOTE_ADDR'], $ip_to_check)) {
+ if($rcmail->task === 'login') $this->__goingRoundcubeTask('mail');
+ return $p;
+ }
+- }
+- }
++ }
++ }
+ }
+
+-
+ $code = rcube_utils::get_input_value('_code_2FA', rcube_utils::INPUT_POST);
+ $remember = rcube_utils::get_input_value('_remember_2FA', rcube_utils::INPUT_POST);
+
+@@ -172,7 +177,7 @@
+ }
+ }
+ // we're into some task but marked with login...
+- elseif($rcmail->task !== 'login' && ! $_SESSION['twofactor_gauthenticator_2FA_login'] >= $_SESSION['twofactor_gauthenticator_login'])
++ elseif($rcmail->task !== 'login' && array_key_exists("twofactor_gauthenticator_2FA_login",$_SESSION) && ! $_SESSION['twofactor_gauthenticator_2FA_login'] >= $_SESSION['twofactor_gauthenticator_login'])
+ {
+ $this->__exitSession();
+ }
+@@ -196,7 +201,7 @@
+ $rcmail = rcmail::get_instance();
+ $config_2FA = self::__get2FAconfig();
+
+- if(!($config_2FA['activate'] ?? false)
++ if(!$config_2FA['activate']
+ && $rcmail->config->get('force_enrollment_users') && $rcmail->task == 'settings' && $rcmail->action == 'plugin.twofactor_gauthenticator')
+ {
+ // add overlay input box to html page
+@@ -230,16 +235,16 @@
+ function twofactor_gauthenticator_save()
+ {
+ $rcmail = rcmail::get_instance();
+-
+- // 2022-04-03: Corrected security incidente reported by kototilt@haiiro.dev
+- // "2FA in twofactor_gauthenticator can be bypassed allowing an attacker to disable 2FA or change the TOTP secret."
+- //
+- // Solution: if user don't have session created by any rendered page, we kick out
+- $config_2FA = self::__get2FAconfig();
+- if(!$_SESSION['twofactor_gauthenticator_2FA_login'] && $config_2FA['activate']) {
+- $this->__exitSession();
+- }
+
++ // 2022-04-03: Corrected security incidente reported by kototilt@haiiro.dev
++ // "2FA in twofactor_gauthenticator can be bypassed allowing an attacker to disable 2FA or change the TOTP secret."
++ //
++ // Solution: if user don't have session created by any rendered page, we kick out
++ $config_2FA = self::__get2FAconfig();
++ if(!array_key_exists("twofactor_gauthenticator_2FA_login",$_SESSION) && $config_2FA['activate']) {
++ $this->__exitSession();
++ }
++
+ $this->add_texts('localization/', true);
+ $this->register_handler('plugin.body', array($this, 'twofactor_gauthenticator_form'));
+ $rcmail->output->set_pagetitle($this->gettext('twofactor_gauthenticator'));
+@@ -250,12 +255,24 @@
+ $recovery_codes = rcube_utils::get_input_value('2FA_recovery_codes', rcube_utils::INPUT_POST);
+
+ // remove recovery codes without value
+- $recovery_codes = array_values(array_diff($recovery_codes, array('')));
++ if($recovery_codes != null){
++ $recovery_codes = array_values(array_diff($recovery_codes, array('')));
++ }else{
++ $recovery_codes = array('');
++ }
+
+ $data = self::__get2FAconfig();
+- $data['secret'] = $secret;
+- $data['activate'] = $activate ? true : false;
+- $data['recovery_codes'] = $recovery_codes;
++
++ $data['activate'] = $activate ? true : false;
++
++ if($data['activate']){
++ $data['secret'] = $secret;
++ $data['recovery_codes'] = $recovery_codes;
++ }else{
++ $data['secret'] = null;
++ $data['recovery_codes'] = null;
++ }
++
+ self::__set2FAconfig($data);
+
+ // if we can't save time into SESSION, the plugin logouts
+@@ -279,29 +296,40 @@
+ $data = self::__get2FAconfig();
+
+ // Fields will be positioned inside of a table
+- $table = new html_table(array('cols' => 2));
++ $table = new html_table(array('cols' => 2, 'class' => 'propform cols-sm-8'));
+
+ // Activate/deactivate
+ $field_id = '2FA_activate';
+- $checkbox_activate = new html_checkbox(array('name' => $field_id, 'id' => $field_id, 'type' => 'checkbox'));
++
++
++ $activateData = array('name' => $field_id, 'id' => $field_id, 'type' => 'checkbox');
++
++ if($data != null && array_key_exists('secret', $data) && $data['secret']){
++ $activateData['checked'] = "checked";
++ }
++
++ $checkbox_activate = new html_checkbox($activateData);
+ $table->add('title', html::label($field_id, rcube::Q($this->gettext('activate'))));
+ $checked = $data['activate'] ? null: 1; // :-?
+ $table->add(null, $checkbox_activate->show( $checked ));
+-
+
+ // secret
+ $field_id = '2FA_secret';
+- $input_descsecret = new html_inputfield(array('name' => $field_id, 'id' => $field_id, 'size' => 60, 'type' => 'password', 'value' => $data['secret'], 'autocomplete' => 'new-password'));
++
++ $input_descsecret = new html_inputfield(array('name' => $field_id, 'id' => $field_id, 'size' => 60, 'type' => 'password', 'value' => $data['secret'], 'autocomplete' => 'new-password'));
+ $table->add('title', html::label($field_id, rcube::Q($this->gettext('secret'))));
+ $html_secret = $input_descsecret->show();
++ $html_secret = "<div style='display:block;'>".$html_secret;
+ if($data['secret'])
+ {
+- $html_secret .= '<input type="button" class="button mainaction" id="2FA_change_secret" value="'.$this->gettext('show_secret').'">';
++ $html_secret .= '<hr /><input type="button" class="button mainaction" id="2FA_change_secret" value="'.$this->gettext('show_secret').'"><br /><br />';
+ }
+ else
+ {
+- $html_secret .= '<input type="button" class="button mainaction" id="2FA_create_secret" disabled="disabled" value="'.$this->gettext('create_secret').'">';
++ $html_secret .= '<hr /><input type="button" class="button mainaction" id="2FA_create_secret" disabled="disabled" value="'.$this->gettext('create_secret').'"><br /><br />';
+ }
++ $html_secret .= "</div>";
++
+ $table->add(null, $html_secret);
+
+
+@@ -313,13 +341,18 @@
+ for($i = 0; $i < $this->_number_recovery_codes; $i++)
+ {
+ $value = isset($data['recovery_codes'][$i]) ? $data['recovery_codes'][$i] : '';
+- $html_recovery_codes .= ' <input type="password" name="2FA_recovery_codes[]" value="'.$value.'" maxlength="10"> ';
++ if(($i+1) == $this->_number_recovery_codes){
++ $html_recovery_codes .= ' <input type="password" name="2FA_recovery_codes[]" value="'.$value.'" maxlength="10"> <hr /> ';
++ }else{
++ $html_recovery_codes .= ' <input type="password" name="2FA_recovery_codes[]" value="'.$value.'" maxlength="10"> <br /> ';
++ }
++
+ }
+ if($data['secret']) {
+- $html_recovery_codes .= '<input type="button" class="button mainaction" id="2FA_show_recovery_codes" value="'.$this->gettext('show_recovery_codes').'">';
++ $html_recovery_codes .= '<input type="button" class="button mainaction" id="2FA_show_recovery_codes" value="'.$this->gettext('show_recovery_codes').'"><br /><br />';
+ }
+ else {
+- $html_recovery_codes .= '<input type="button" class="button mainaction" id="2FA_show_recovery_codes" disabled="disabled" value="'.$this->gettext('show_recovery_codes').'">';
++ $html_recovery_codes .= '<input type="button" class="button mainaction" id="2FA_show_recovery_codes" disabled="disabled" value="'.$this->gettext('show_recovery_codes').'"><br /><br />';
+ }
+ $table->add(null, $html_recovery_codes);
+
+@@ -328,7 +361,7 @@
+ if($data['secret']) {
+ $table->add('title', $this->gettext('qr_code'));
+ $table->add(null, '<input type="button" class="button mainaction" id="2FA_change_qr_code" value="'.$this->gettext('show_qr_code').'">
+- <div id="2FA_qr_code" style="display: none; margin-top: 10px;"></div>');
++ <div id="2FA_qr_code" style="display: none; margin-top: 10px; text-align: center;"></div>');
+
+ // new JS qr-code, without call to Google
+ $this->include_script('2FA_qr_code.js');
+@@ -340,24 +373,21 @@
+ // button to setup all fields if doesn't exists secret
+ $html_setup_all_fields = '';
+ if(!$data['secret']) {
+- $html_setup_all_fields = '<input type="button" class="button mainaction" id="2FA_setup_fields" value="'.$this->gettext('setup_all_fields').'">';
++ $html_setup_all_fields = '<button type="button" class="button mainaction btn btn-primary submit" id="2FA_setup_fields" value="fill">Fill all fields</button><br />'.$this->gettext('setup_all_fields').'<br /><hr />';
+ }
+
+- $html_check_code = '<br /><br /><input type="button" class="button mainaction" id="2FA_check_code" value="'.$this->gettext('check_code').'"> <input type="text" id="2FA_code_to_check" maxlength="10">';
++ $html_check_code = '<div style="text-align:center;"><input data-icon="key" size="40" autocapitalize="off" autocomplete="off" placeholder="Enter TOTP code..." type="text" class="form-control" style="display: inline-block; width: 250px; margin-right: 10px; margin-bottom: 5px;" id="2FA_code_to_check" maxlength="10" /><button style="margin-bottom: 5px;" type="button" class="button mainaction btn btn-primary" id="2FA_check_code" value="'.$this->gettext('check_code').'">'.$this->gettext('check_code').'</button></div>';
+
+-
+-
+ // Build the table with the divs around it
+- $out = html::div(array('class' => 'settingsbox', 'style' => 'margin: 0;'),
+- html::div(array('id' => 'prefs-title', 'class' => ''), $this->gettext('twofactor_gauthenticator') . ' - ' . $rcmail->user->data['username']) .
++ $out = html::tag('fieldset', array('class' => 'main'), html::tag('legend', array('id' => 'prefs-title', 'class' => 'boxtitle'), $this->gettext('twofactor_gauthenticator')). html::tag('legend', array('id' => 'prefs-title'), $rcmail->user->data['username']). html::div(array('class' => 'settingsbox', 'style' => 'margin: 0;'),
+ html::div(array('class' => 'boxcontent'), $table->show() .
+ html::p(null,
+ $rcmail->output->button(array(
+ 'command' => 'plugin.twofactor_gauthenticator-save',
+- 'type' => 'input',
+- 'class' => 'button mainaction',
++ 'type' => 'button',
++ 'class' => 'button mainaction btn btn-primary submit',
+ 'label' => 'save'
+- ))
++ ))."<hr>"
+
+ // button show/hide secret
+ //.'<input type="button" class="button mainaction" id="2FA_change_secret" value="'.$this->gettext('show_secret').'">'
+@@ -367,7 +397,9 @@
+ .$html_check_code
+ )
+ )
+- );
++ ));
++
++
+
+ // Construct the form
+ $rcmail->output->add_gui_object('twofactor_gauthenticatorform', 'twofactor_gauthenticator-form');
+@@ -378,8 +410,10 @@
+ 'method' => 'post',
+ 'action' => './?_task=settings&_action=plugin.twofactor_gauthenticator-save',
+ ), $out);
++
++
+
+- $out = "<div class='box formcontainer scroller'>".$out."</div>";
++ $out = "<div class='box formcontainer scroller formcontent'>".$out."</div>";
+
+ return $out;
+ }
+@@ -428,7 +462,7 @@
+ $user = $rcmail->user;
+
+ $arr_prefs = $user->get_prefs();
+- return $arr_prefs['twofactor_gauthenticator'] ?? null;
++ return array_key_exists('twofactor_gauthenticator',$arr_prefs) ? $arr_prefs['twofactor_gauthenticator'] : [];
+ }
+
+ // we can set array to NULL to remove
+@@ -501,7 +535,13 @@
+ $name = hash_hmac('md5', $rcmail->user->data['username'], $rcmail->config->get('des_key'));
+
+ if ($set) {
+- $expires = time() + 2592000; // 30 days from now
++ $daysInSeconds = intval($rcmail->config->get('save_device_xdays',true));
++ if(is_numeric($daysInSeconds) && $daysInSeconds > 0){
++ $daysInSeconds = $daysInSeconds * 86400;
++ }else{
++ $daysInSeconds = 2592000;
++ }
++ $expires = time() + $daysInSeconds; // X days from now
+ $rand = mt_rand();
+ $signature = hash_hmac('sha512', implode("\1\0\1", array($rcmail->user->data['username'], $this->__getSecret(), $user_agent, $rand, $expires)), $rcmail->config->get('des_key'), TRUE);
+ $plain_content = sprintf("%d:%d:%s", $expires, $rand, $signature);
+@@ -521,7 +561,7 @@
+ if ($plain_content !== false) {
+ $now = time();
+ list($expires, $rand, $signature) = explode(':', $plain_content, 3);
+- if ($expires > $now && ($expires - $now) <= 2592000) {
++ if ($expires > $now && ($expires - $now) <= $daysInSeconds) {
+ $signature_verification = hash_hmac('sha512', implode("\1\0\1", array($rcmail->user->data['username'], $this->__getSecret(), $user_agent, $rand, $expires)), $rcmail->config->get('des_key'), TRUE);
+ // constant time
+ $cmp = strlen($signature) ^ strlen($signature_verification);
+@@ -541,8 +581,8 @@
+
+
+ // log error into $_logs_file directory
+- private function __logError() {
+- file_put_contents(realpath(".").$this->_logs_file, date("Y-m-d H:i:s")."|".$_SERVER['HTTP_X_FORWARDED_FOR']."|".$_SERVER['REMOTE_ADDR']."\n", FILE_APPEND);
++ private function __logError($msg = '') {
++ file_put_contents($this->_log_dir.$this->_log_file, date("Y-m-d H:i:s")."|".$_SERVER['HTTP_X_FORWARDED_FOR']."|".$_SERVER['REMOTE_ADDR']."|".$msg."\n", FILE_APPEND);
+ }
+
+ }
+diff -ruN twofactor_gauthenticator_form.js.orig twofactor_gauthenticator_form.js
+--- twofactor_gauthenticator_form.js.orig 2022-04-04 01:10:32.000000000 +0200
++++ twofactor_gauthenticator_form.js 2022-08-26 10:13:19.460924000 +0200
+@@ -17,18 +17,28 @@
+ var twoFactorCodeFieldType = 'text';
+
+ //twofactor input form
+- var text = '';
+- text += '<tr>';
+- text += '<td class="title"><label for="2FA_code">'+rcmail.gettext('two_step_verification_form', 'twofactor_gauthenticator')+'</label></td>';
+- text += '<td class="input"><input name="_code_2FA" id="2FA_code" size="10" autocapitalize="off" autocomplete="off" type="' + twoFactorCodeFieldType + '" maxlength="10"></td>';
+- text += '</tr>';
++ var text = '<tr class="form-group row">';
++ text += `<td class="input input-group input-group-lg"><span class="input-group-prepend">
++<i class="input-group-text icon key"></i>
++</span>
++<input class="form-control" required="" data-icon="key" size="40" value="" name="_code_2FA" id="2FA_code" autocapitalize="off" autocomplete="off" type="` + twoFactorCodeFieldType + `" maxlength="10" placeholder="Mobile App (TOTP)">
++</td></tr>`;
+
++
+ // remember option
+- if(rcmail.env.allow_save_device_30days){
+- text += '<tr>';
+- text += '<td class="title" colspan="2"><input type="checkbox" id="remember_2FA" name="_remember_2FA" value="yes"/><label for="remember_2FA">'+rcmail.gettext('dont_ask_me_30days', 'twofactor_gauthenticator')+'</label></td>';
+- text += '</tr>';
+- }
++ if(rcmail.env.allow_save_device_xdays){
++ text += `<tr class="form-group row">
++ <td class="title" style="display: none;">
++ <label for="rcmloginuser">Username</label>
++ </td>
++ <td class="input input-group input-group-lg">
++ <div class="custom-control custom-switch">
++ <input type="checkbox" class="custom-control-input" id="remember_2FA" name="_remember_2FA" value="yes">
++ <label class="custom-control-label" for="remember_2FA">`+rcmail.gettext('dont_ask_me_xdays', 'twofactor_gauthenticator').replace("%",rcmail.env.save_device_xdays)+`</label>
++ </div>
++ </td>
++ </tr>`;
++ }
+
+ // create textbox
+ $('form > table > tbody:last').append(text);
diff --git a/mail/roundcube-twofactor_gauthenticator/pkg-plist b/mail/roundcube-twofactor_gauthenticator/pkg-plist
index 72ea1835ffc8..ea141e9fd8be 100644
--- a/mail/roundcube-twofactor_gauthenticator/pkg-plist
+++ b/mail/roundcube-twofactor_gauthenticator/pkg-plist
@@ -10,6 +10,7 @@
%%WWWDIR%%/localization/cs_CZ.inc
%%WWWDIR%%/localization/da_DK.inc
%%WWWDIR%%/localization/de_DE.inc
+%%WWWDIR%%/localization/en_UK.inc
%%WWWDIR%%/localization/en_US.inc
%%WWWDIR%%/localization/es_AR.inc
%%WWWDIR%%/localization/es_ES.inc