secure_login/0000755000000000000000000000000011010537647012236 5ustar rootrootsecure_login/functions.php0000644000000000000000000003041011010537640014746 0ustar rootroot * Copyright (c) 2003-2008 Paul Lesniewski * Licensed under the GNU GPL. For full terms see the file COPYING. * * @package plugins * @subpackage secure_login * */ /** * Validate that this plugin is configured correctly * * @return boolean Whether or not there was a * configuration error for this plugin. * */ function sl_check_configuration_do() { // just make sure a config file is found // if (!sl_init()) { do_err('Secure Login plugin could not find any configuration file', FALSE); return TRUE; } return FALSE; } /** * Initialize this plugin (load config values) * * @return boolean FALSE if no configuration file could be loaded, TRUE otherwise * */ function sl_init() { if (!@include_once (SM_PATH . 'plugins/secure_login/config.php')) if (!@include_once (SM_PATH . 'plugins/secure_login/config.sample.php')) return FALSE; return TRUE; } /** * Takes the current page request and parses it for the host, * path and query string. * * @return array Three element array containing, in this order, * the host string, path string and query string. * */ function parse_host_path_query() { //hmmm not used yet. concern is that the secure_login_logout thing needs more complex parsing.... so could it be combined with the login parsing too?? } /** * Makes sure login is done in HTTPS protocol * */ function secure_login_check_do() { global $secure_login_count, $plugin_secure_login_cameInUsingHttps, $sl_obey_x_forwarded_headers, $allVirtualDomainsUnderOneSSLHost, $sl_securePort, $sl_debug, $entryPointDomainPattern, $entryPointPathPattern, $entryPointQueryPattern; //TODO: remove dead code when plugin seems to be working fine w/out it for a while (NOTE that this includes some live code that still checks the value of various login counters on the login page and NOTE that it does NOT include counter stuff used on the redirect.php page request) /* sqGetGlobalVar('secure_login_count', $secure_login_count, SQ_SESSION); if (!isset($secure_login_count)) { $secure_login_count = 0; $secure_logoff_count = 0; sqsession_register($secure_login_count, 'secure_login_count'); sqsession_register($secure_logoff_count, 'secure_logoff_count'); sqsession_unregister('plugin_secure_login_cameInUnencrypted'); } */ $secure_logoff_count = 0; sqsession_register($secure_logoff_count, 'secure_logoff_count'); sqsession_unregister('plugin_secure_login_cameInUnencrypted'); sl_init(); // debug functionality // if ($sl_debug == 1) { echo "
"; sm_print_r($_SERVER); echo "
"; exit; } // grab port the user came in on // if (!sqGetGlobalVar('SERVER_PORT', $serverPort, SQ_SERVER)) $serverPort = 0; // figure out what port we should be comparing // if (isset($sl_securePort)) $targetHttpsPort = $sl_securePort; else $targetHttpsPort = '443'; if (!$sl_obey_x_forwarded_headers || !sqGetGlobalVar('HTTP_X_FORWARDED_HOST', $requestHost, SQ_SERVER)) sqGetGlobalVar('HTTP_HOST', $requestHost, SQ_SERVER); sqGetGlobalVar('REQUEST_URI', $pathURI, SQ_SERVER); sqGetGlobalVar('PHP_SELF', $php_self, SQ_SERVER); sqGetGlobalVar('QUERY_STRING', $query_string, SQ_SERVER); // Nah, let's just use PHP_SELF and QUERY_STRING... // apparently some PHP versions have a bug regarding // REQUEST_URI // $paramsURI = ''; // if (preg_match('/(.*)\?(.*)/', $pathURI, $matches)) // { // if (isset($matches[1])) $pathURI = $matches[1]; // if (isset($matches[2])) $paramsURI = $matches[2]; // } $pathURI = $php_self; $paramsURI = trim($query_string, '?&'); // Redirect browser to use https:// if the initial request was insecure // // old way: // if ( ! isset($_SERVER['HTTPS']) && // $secure_login_count == 0) if ( $serverPort != $targetHttpsPort && $secure_login_count == 0) { //TODO: remove dead code when plugin seems to be working fine w/out it for a while (NOTE that this includes some live code that still checks the value of various login counters on the login page and NOTE that it does NOT include counter stuff used on the redirect.php page request) //$secure_login_count++; //sqsession_register($secure_login_count, 'secure_login_count'); // parse out parts of original request (domain, path, query string) // if (isset($sl_securePort)) { $sl_securePort = ':' . $sl_securePort; if (strpos($requestHost, ':') !== FALSE) list($host, $ignore) = explode(':', $requestHost); else $host = $requestHost; $newRequestHost = $host . $sl_securePort; } else $newRequestHost = $requestHost; // if user wants to override original request URI // parsing, do that now // $master_search_string = 'http://' . $requestHost . (strpos($php_self, '/') === 0 ? '' : '/') . $php_self . (empty($query_string) ? '' : (strpos($query_string, '?') === 0 ? '' : '?') . $query_string); if ($entryPointDomainPattern) { preg_match($entryPointDomainPattern, $master_search_string, $matches); $newRequestHost = $matches[1]; } if ($entryPointPathPattern) { preg_match($entryPointPathPattern, $master_search_string, $matches); $pathURI = $matches[1]; } if ($entryPointQueryPattern) { preg_match($entryPointQueryPattern, $master_search_string, $matches); $paramsURI = $matches[1]; $paramsURI = trim($paramsURI, '?&'); } // build redirect target location // $location = 'https://' . $newRequestHost . $pathURI . '?secure_login=yes'; if (!empty($paramsURI)) $location = $location . '&' . $paramsURI; // if the URI pattern is given by the config file, // forget all the above... // if ($allVirtualDomainsUnderOneSSLHost) { $location = str_replace(array('###DOMAIN###', '###PATH###', '###QUERY###'), array($requestHost, $pathURI, (strpos($paramsURI, '?') === 0 ? '' : '?') . $paramsURI), $allVirtualDomainsUnderOneSSLHost); if (strpos($location, '?') === FALSE) $location .= '?'; else $location .= '&'; $location .= 'secure_login=yes'; } // debug functionality // if ($sl_debug == 2) { echo "
REDIRECT LOCATION: $location
"; sm_print_r($_SERVER); echo "
"; exit; } header("Location: $location"); exit(); } // old way // else if (isset($_SERVER['HTTPS'])) else if ( $serverPort == $targetHttpsPort ) { if (sqGetGlobalVar('secure_login', $ignore, SQ_GET)) { $plugin_secure_login_cameInUnencrypted = 'yes'; sqsession_register($plugin_secure_login_cameInUnencrypted, 'plugin_secure_login_cameInUnencrypted'); } else if (!empty($allVirtualDomainsUnderOneSSLHost) && !$secure_login_count) { //TODO: remove dead code when plugin seems to be working fine w/out it for a while (NOTE that this includes some live code that still checks the value of various login counters on the login page and NOTE that it does NOT include counter stuff used on the redirect.php page request) //$secure_login_count++; //sqsession_register($secure_login_count, 'secure_login_count'); // if coming from logout screen or error page, we've already // adjusted the URI as needed - don't try to do it twice: // $test_pattern = str_replace(array('###DOMAIN###', '###PATH###', '###QUERY###'), '.*?', preg_quote($allVirtualDomainsUnderOneSSLHost, '/')); if (preg_match('/' . $test_pattern . '/', 'https://' . $requestHost . $pathURI . (empty($paramsURI) ? '' : (strpos($paramsURI, '?') === 0 ? '' : '?') . $paramsURI))) { return; } else { $location = str_replace(array('###DOMAIN###', '###PATH###', '###QUERY###'), array($requestHost, $pathURI, (strpos($paramsURI, '?') === 0 ? '' : '?') . $paramsURI), $allVirtualDomainsUnderOneSSLHost); } // debug functionality // if ($sl_debug == 2) { echo 'PREG MATCH:
/' . $test_pattern . '/
https://' . $requestHost . $pathURI . (empty($paramsURI) ? '' : (strpos($paramsURI, '?') === 0 ? '' : '?') . $paramsURI); echo "
REDIRECT LOCATION: $location
"; sm_print_r($_SERVER); echo "
"; exit; } header("Location: $location"); exit; } } } /** * Redirects back to HTTP protocol after login if necessary * */ function secure_login_logout_do() { global $change_back_to_http_after_login, $sl_securePort, $remain_in_https_if_logged_in_using_https, $plugin_secure_login_cameInUnencrypted, $secure_login_count; sl_init(); //TODO: remove dead code when plugin seems to be working fine w/out it for a while (NOTE that this includes some live code that still checks the value of various login counters on the login page and NOTE that it does NOT include counter stuff used on the redirect.php page request) //$secure_login_count = 0; //sqsession_register($secure_login_count, 'secure_login_count'); if (!$change_back_to_http_after_login) return; if (!sqsession_is_registered('plugin_secure_login_cameInUnencrypted') && $remain_in_https_if_logged_in_using_https) return; global $secure_logoff_count; sqGetGlobalVar('secure_logoff_count', $secure_logoff_count, SQ_SESSION); if (!isset($secure_logoff_count)) { $secure_logoff_count = 0; sqsession_register($secure_logoff_count, 'secure_logoff_count'); } // need to fix the sq_base_url session varible, since // it is put in the session in redirect.php with // the https protocol before we get here // global $sq_base_url, $nonStandardHttpPort; sqGetGlobalVar('sq_base_url', $sq_base_url, SQ_SESSION); $sq_base_url = str_replace('https://', 'http://', $sq_base_url); if (isset($nonStandardHttpPort) && !empty($nonStandardHttpPort)) $sq_base_url = preg_replace('/:\d\//', ":$nonStandardHttpPort/", $sq_base_url); else $sq_base_url = preg_replace('/:\d\//', '', $sq_base_url); sqsession_register($sq_base_url, 'sq_base_url'); // grab port the user came in on // if (!sqGetGlobalVar('SERVER_PORT', $serverPort, SQ_SERVER)) $serverPort = 0; // figure out what port we should be comparing // if (isset($sl_securePort)) $targetHttpsPort = $sl_securePort; else $targetHttpsPort = '443'; if ( $serverPort == $targetHttpsPort && $secure_logoff_count == 0) // old way... // if ( ! isset($_SERVER['HTTP']) && $secure_logoff_count == 0) { $secure_logoff_count++; sqsession_register($secure_logoff_count, 'secure_logoff_count'); if (!sqGetGlobalVar('HTTP_X_FORWARDED_HOST', $requestHost, SQ_SERVER) || empty($requestHost)) sqGetGlobalVar('HTTP_HOST', $requestHost, SQ_SERVER); sqGetGlobalVar('PHP_SELF', $phpSelf, SQ_SERVER); sqGetGlobalVar('QUERY_STRING', $query_string, SQ_SERVER); $location = 'http://' . $requestHost . $phpSelf . (empty($query_string) ? '' : (strpos($query_string, '?') === 0 ? '' : '?') . $query_string); displayHtmlHeader('', "\n\n"); // note that this causes a pop-up in some browsers (such as IE) // that notifies you you are leaving a secure site // //header("Location: $location"); exit; } } secure_login/index.php0000644000000000000000000000072510555322774014070 0ustar rootroot * Copyright (c) 2003-2008 Paul Lesniewski * Licensed under the GNU GPL. For full terms see the file COPYING. * * @package plugins * @subpackage secure_login * */ global $change_back_to_http_after_login, $remain_in_https_if_logged_in_using_https, $allVirtualDomainsUnderOneSSLHost, $sl_securePort, $nonStandardHttpPort, $sl_debug, $entryPointDomainPattern, $entryPointPathPattern, $entryPointQueryPattern, $sl_obey_x_forwarded_headers; // if you want user sessions to remain in SSL for their entire duration, // set the following to zero: // $change_back_to_http_after_login = 1; // if you want user sessions to remain in SSL only if they originally came // in thru SSL (this plugin didn't need to redirect them), set the following // to one: // $remain_in_https_if_logged_in_using_https = 0; // for sites that host all SSL requests for virtual domains // off of a single host URI (commonly used for SSL implementations // using just one certificate for all hosts), where the correct // URIs to the SquirrelMail login page look like: // // https://www.onedomain.com/virtualdomain.com/mail/src/login.php // // or: // // https://www.onedomain.com/mail/src/login.php?domain=virtualdomain.com // // set this value to the pattern that will reproduce the correct // SSL URI to the Squirrelmail login page. Substitutions you can use: // // ###DOMAIN### -- The full domain from the original http request, // such as virtualdomain.com // ###PATH### -- The pah/directory information from the original // http request, such as /mail or /mail/src/login.php // ###QUERY### -- The query string from the original http request, // such as ?mynameis=pavel&color=green // // The two examples below construct URI patterns just like // the URIs given above. // // $allVirtualDomainsUnderOneSSLHost = 'https://www.onedomain.com/###DOMAIN######PATH###'; // $allVirtualDomainsUnderOneSSLHost = 'https://www.onedomain.com/mail/src/login.php?domain=###DOMAIN###'; // // NOTE that this setting can also be useful in scenarios where you // need fine-grained control over the encrypted URI, even when the // URI is different for any virtual hosts you may have. For example: // // $allVirtualDomainsUnderOneSSLHost = 'https://secret.###DOMAIN###/secret_mail/src/login.php###QUERY###'; // $allVirtualDomainsUnderOneSSLHost = ''; // the above $allVirtualDomainsUnderOneSSLHost setting assumes that the // original plain (unencrypted) http request comes from a URI such as: // // http://virutaldomain.com/mail/src/login.php // // however, if your entry point will also be in a similar format, such as: // // http://www.onedomain.com/virtualdomain.com/mail/src/login.php // // or: // // http://www.onedomain.com/mail/src/login.php?domain=virtualdomain.com // // set these values each to a regular expression that will capture: // // the domain portion of the URI in the first group (set of parenthesis) // the path portion of the URI in the first group (set of parenthesis) // the query portion of the URI in the first group (set of parenthesis) // // otherwise, leave these all set to empty strings. // // The two examples below pick the domain, path and query string out of // the sample URIs given above. // // $entryPointDomainPattern = '/[\/]+.+?\/(.+?)(\/|$)/'; // $entryPointPathPattern = '/[\/]+.+?\/.+?(\/.*?)(\?|$)/'; // $entryPointQueryPattern = '/(\?.*)/'; // // $entryPointDomainPattern = '/domain=(.+?)(&|$)/'; // $entryPointPathPattern = '/[\/]+.+?(\/.*?)(\?|$)/'; // $entryPointQueryPattern = '/(\&.*)/'; // // NOTE that these settings can also be useful in scenarios where you // need better control over the domain parsing of the original entry // URI. This should only be used if the auto-sensing behavior of the // plugin will not work. For example: // $entryPointDomainPattern = ''; $entryPointPathPattern = ''; $entryPointQueryPattern = ''; // by default, https requests are made without explicitly defining the // port number. if you use a non-standard port for serving http requests, // that port will be preserved for the https redirection, which may break // your squirrelmail. // // if your server listens for https requests on a non-standard port or // the above situation applies to you (non-standard http port), you can // specify a non-standard https port number here (or remove it, forcing // the browser use the default port (443)). // // if you use this setting, remember to remove the slashes in front of it // // $sl_securePort = ''; // $sl_securePort = '888'; // if you are running regular HTTP requests on a non-standard port // (anything besides port 80), please specify that value here // if you are using port 80, then you should leave this value empty // //$nonStandardHttpPort = '80'; $nonStandardHttpPort = ''; // If you run SquirrelMail behind a proxy server, where the // client domain information is in X_FORWARDED_* headers, // enable this setting (set it to 1), otherwise, leave this // off (zero) to reduce the chance that someone can try to // forge the hostname in their request headers. // // $sl_obey_x_forwarded_headers = 1; $sl_obey_x_forwarded_headers = 0; // turn this on for debugging purposes only // // 1 = show server environment upon entry // 2 = show redirect URI and server environment // $sl_debug = 0; secure_login/setup.php0000644000000000000000000000542711010537647014117 0ustar rootroot * Copyright (c) 2003-2008 Paul Lesniewski * Licensed under the GNU GPL. For full terms see the file COPYING. * * @package plugins * @subpackage secure_login * */ /** * Register this plugin with SquirrelMail * */ function squirrelmail_plugin_init_secure_login() { global $squirrelmail_plugin_hooks; $squirrelmail_plugin_hooks['login_cookie']['secure_login'] = 'secure_login_check'; $squirrelmail_plugin_hooks['webmail_top']['secure_login'] = 'secure_login_logout'; $squirrelmail_plugin_hooks['configtest']['secure_login'] = 'sl_check_configuration'; } /** * Returns info about this plugin * */ function secure_login_info() { return array( 'english_name' => 'Secure Login', 'authors' => array( 'Paul Lesniewski' => array( 'email' => 'paul@squirrelmail.org', 'sm_site_username' => 'pdontthink', ), ), 'version' => '1.4', 'required_sm_version' => '1.2.8', 'requires_configuration' => 0, 'requires_source_patch' => 0, 'required_plugins' => array(), 'summary' => 'Ensures SSL security is enabled during login (at least).', 'details' => 'This plugin automatically enables a secure HTTPS/SSL-encrypted connection for the SquirrelMail login page if it hasn\'t already been requested by the referring hyperlink or bookmark. Optionally, the secure connection can be turned off again after successful login. This utility is intended to prevent passwords and email contents being transmitted over the Internet in the clear after people browse to the login page without including https:// in its address.', ); } /** * Returns version info about this plugin * */ function secure_login_version() { $info = secure_login_info(); return $info['version']; } /** * Validate that this plugin is configured correctly * * @return boolean Whether or not there was a * configuration error for this plugin. * */ function sl_check_configuration() { include_once(SM_PATH . 'plugins/secure_login/functions.php'); return sl_check_configuration_do(); } /** * Makes sure login is done in HTTPS protocol * */ function secure_login_check() { include_once(SM_PATH . 'plugins/secure_login/functions.php'); secure_login_check_do(); } /** * Redirects back to HTTP protocol after login if necessary * */ function secure_login_logout() { include_once(SM_PATH . 'plugins/secure_login/functions.php'); secure_login_logout_do(); } secure_login/README0000644000000000000000000002156411010537645013124 0ustar rootrootSecure Login plugin for SquirrelMail ==================================== Ver 1.4, 2008/05/12 Copyright (c) 2002 Graham Norbury Copyright (c) 2002-2008 Paul Lesniewski Description =========== This plugin automatically enables a secure HTTPS/SSL-encrypted connection for the SquirrelMail login page if it hasn't already been requested by the referring hyperlink or bookmark. Optionally, the secure connection can be turned off again after successful login. This utility is intended to prevent passwords and email contents being transmitted over the Internet in the clear after people browse to the login page without including https:// in its address. License ======= This plugin is released under the GNU General Public License (see the file COPYING for details). Donations ========= If you or your company make regular use of this software, please consider supporting Open Source development by donating to the authors or inquire about hiring them to consult on other projects. Donation links for the author(s) are as follows: Paul Lesniewski: https://sourceforge.net/donate/index.php?user_id=508228 Requirements ============ * SquirrelMail version 1.2.8 or above * HTTPS/SSL-capable web server with encryption already working on your SquirrelMail installation Hosting Multiple Sites With One Certificate =========================================== One instance of the Apache web server listening on a single IP address can currently only serve up one SSL certificate. If you host more than one domain on a single server, you can serve this one certificate for all sites (users will get a warning about mismatched host names which can be accepted by the user), or you can play tricks with URIs, depending on how important it is to you not to cause the warning to be displayed to users. One common tactic is to host your secure pages for all hosts on top of your main domain (to which the certificate officially belongs). URIs would look like this: https://www.maindomain.com/www.virtualdomain.com/webmail/src/login.php https://www.maindomain.com/webmail/src/login.php?domain=www.virtualdomain.com This plugin can support such URIs if you use the $allVirtualDomainsUnderOneSSLHost configuration setting. If you take this approach, you will need to include an Alias similar to the following in the directive for the SSL (MAKE SURE it's the SSL virtual host directive and *not* the regular, non-SSL directive): Alias /www.virtualdomain.com /var/www/html/maindomain/squirrelmail You'll want to adjust the path in the Alias to point to your SquirrelMail installation, of course. See config.php.sample for more information about configuring this plugin to use such URIs. Troubleshooting =============== Your web server is assumed to be running Apache 1.3.x or 2.x with OpenSSL support (or similar). Before enabling this plugin, you should ALREADY be able to browse to your SquirrelMail installation by using https://, so if not, please take care of your web server configuration before complicating matters with this plugin. If you turn on $change_back_to_http_after_login under SquirrelMail 1.5.2 and above, you will be unable to log in because by default, SquirrelMail 1.5 will only transmit cookies securely if the user's session started under https://. If you really want to revert to an unencrypted connection after user login, you need to run the SquirrelMail configuration utility and change the "Only secure cookies if poss." setting (under "General Options") to "false". Help Requests ============= Before looking for help elsewhere, please try to help yourself: * Read the Troubleshooting section herein. * Look to see if others have already asked about the same issue. There are tips and links for the best places to do this in the SquirrelMail mailing list posting guidelines: http://squirrelmail.org/wiki/MailingListPostingGuidelines You should also try Google or some other search engine. * If you cannot find any information about your issue, please first mail your help request to the squirrelmail-plugins mailing list. Information about it can be found here: http://lists.sourceforge.net/mailman/listinfo/squirrelmail-plugins You MUST read the mailing list posting guidelines (see above) and include as much information about your issue (and your system) as possible. Including configtest output, any debug output, the plugin configuration settings you've made and anything else you can think of to make it easier to diagnose your problem will get you the most useful responses. Inquiries that do not comply with the posting guidelines are liable to be ignored. * If you don't get any replies on the mailing list, you are welcome to send a help request to the authors' personal address(es), but please be patient with the mailing list. Change Log ========== v1.4 2008/05/12 Paul Lesniewski * When using $allVirtualDomainsUnderOneSSLHost and coming back from the signout page or a login error page, the URI was wrongly constructed - fixed thanks to Brett Johnson * Minor bug fixes and updates v1.3 2007/01/23 Paul Lesniewski * Fix for problem with session variables sticking around between logins, such that SSL connection would be forced only every other login. * Updated documentation. * Added configtest hook. * Updated for compatibility with SquirrelMail 1.5.x * Removed specific requirement for Compatibility plugin. * Updated to stop accessing superglobal arrays directly. * Removed configuration file requirement. * Added debug flag. * Added more flexible "multiple domains under one SSL certificate" configuration. * Added more fine-grained controls over URI parsing (not recommended unless default behavior won't work). * NOTE that configuration variable names have changed - please review your config file if upgrading from an earlier release! v1.2 2003/07/15 Paul Lesniewski * Changed plugin logic to detect HTTP and HTTPS connections based on port number instead of environment variables that in some cases may not be provided by the web server (Thanks to Tony Geerts ) * If user comes to login page with a URI that has any GET variables appended to it, they are automatically added to the secure redirection URI (Thanks to Alex Lemaresquier ). v1.1 2003/07/12 Paul Lesniewski * Fix for when going back to HTTP from HTTPS login that would cause javascript errors after sending at least one message - the right frame was getting redirected back to HTTPS. But not any more. ;> * This is only a fix applicable for SM 1.4 and up. * Updated for latest version reporting API. * Removed config.php from distribution, replaced with config.php.sample for hassle-free upgrades. v1.0 2003/03/03 Paul Lesniewski * Added compatibility with SquirrelMail v1.4. * New setup.php format for better overall SquirrelMail performance. * In combination with more recent versions of SquirrelMail, (and probably older ones, thanks to the Compatibility plugin) a bug that allowed users to log in without SSL in a browser session that had already logged in once before has been removed. v0.7 2003/02/26 Paul Lesniewski * Added config setting for servers running https or http on non-standard ports. v0.6 2002/12/07 Paul Lesniewski * Sites that host all their virtual domains off of a single SSL URL can now specify that URL in setup.php and users will be redirected as appropriate * PHP version checking fixed (for all locales) v0.5 2002/11/05 Paul Lesniewski * Updated for compatibility with Plugin Updates plugin. v0.4 2002/10/07 Paul Lesniewski * Added flag that allows users who came to the login page using an encrypted connection to stay in an encrypted session (while others only get encryption just for the login, assuming that flag is enabled) v0.3 2002/08/14 Paul Lesniewski * Added functionality that sends user back to a non-encrypted connection after logging in (it may be turned off at will). v0.2 2002/01/04 Graham Norbury * Eliminated use of SCRIPT_URI server variable which (apparently) is only available when Apache mod_rewrite has been enabled * Added loop counter to prevent endless redirects if for some reason we end up back at the same page without HTTPS being set. v0.1 2002/01/03 Graham Norbury * Initial version secure_login/make_release.sh0000744000000000000000000001204311010316620015172 0ustar rootroot#!/bin/sh # Generic shell script for building SquirrelMail plugin release # # Copyright (c) 2004-2008 Paul Lesniewski # Licensed under the GNU GPL. For full terms see the file COPYING. # ####################################################### # # CONFIGURATION # # Relative paths to any and all configuration files # for this plugin: these files will NOT be included # in the release package built by this script; they # should be given as relative paths and filenames from # the plugin's own directory - for example, if you # have a config.php file in the main plugin directory # and a special_config.php file in a "data" subdirectory, # this should be set as follows: # # CONFIG_FILES=( config.php data/special_config.php ) # # Note that you can also use this setting to exclude # entire subdirectories while creating the release # package. Here is an example that skips any files # inside a subdirectory called "cache_files" and # completely removes a subdirectory called "tmp", as # well as the standard config.php file: # # CONFIG_FILES=( config.php tmp cache_files/* ) # # CONFIG_FILES=( config.php ) # # END CONFIGURATION # ####################################################### # avoid all kinds of potential problems; only allow # this to be run from directory where it resides # if [ "$0" != "./make_release.sh" ]; then echo echo "Please do not run from remote directory" echo exit 1 fi # grab name of package being built from directory name # # PACKAGE=`echo "$PWD" | sed s/.*\\\///` # get "pretty name" from version file # if [ ! -e version ]; then echo echo "No version file found. Please create before making release" echo exit 2 fi PRETTY_NAME=`head -1 version` # announce ourselves # echo echo "Creating Release Package for $PRETTY_NAME" echo # grab old version number straight from the php code # OLD_VERSION=`echo "" | php -q` REQ_SM_VERSION=`echo "" | php -q` # check for the standard files... # if [ ! -e README ]; then echo echo "No README file found. Please create before making release" echo exit 3 fi if [ ! -e INSTALL ]; then echo echo "No INSTALL file found. Please create before making release" echo exit 4 fi #if [ ! -e getpot ]; then # echo # echo "No getpot file found. Please create before making release" # echo # exit 5 #fi #if [ ! -e $PACKAGE.pot ]; then # echo # echo "No $PACKAGE.pot file found. Please create before making release" # echo # exit 5 #fi # just copy index.php and COPYING automatically if not found # if [ ! -e COPYING ]; then echo "No COPYING file found. Grabbing one from ../../" cp ../../COPYING . fi if [ ! -e index.php ]; then echo "No index.php file found. Grabbing one from ../" cp ../index.php . fi # remove any previous tarballs # while test 1; do echo echo -n "Remove all .tar.gz files? (y/[n]): " read REPLY if test -z $REPLY; then REPLY="n" break fi if test $REPLY = "y"; then break fi if test $REPLY = "n"; then break fi done if [ "$REPLY" = "y" ]; then rm -f *.tar.gz fi # get new version number if needed # if [ ! -z "$REQ_SM_VERSION" ] ; then OLD_FULL_VERSION=$OLD_VERSION-$REQ_SM_VERSION else OLD_FULL_VERSION=$OLD_VERSION fi echo read -p "Enter Version Number [$OLD_VERSION]: " VERSION if [ -z "$VERSION" ] ; then VERSION=$OLD_VERSION; # VERSION=$OLD_FULL_VERSION; fi PURE_VERSION=`echo "$VERSION" | sed 's/-.*//'` if [ ! -z "$REQ_SM_VERSION" ] ; then FINAL_VERSION="$PURE_VERSION-$REQ_SM_VERSION" else FINAL_VERSION="$PURE_VERSION" fi # remove tarball we are building if present # echo echo "Removing $PACKAGE-$FINAL_VERSION.tar.gz" rm -f $PACKAGE-$FINAL_VERSION.tar.gz # replace version number in info function in setup.php # NOTE that this requires specific syntax in setup.php # for the _info() function which should be # a line that looks like: # 'version' => '', # if test -e setup.php; then echo "Replacing version in setup.php (info function)" sed -e "s/'version' => '$OLD_VERSION',/'version' => '$PURE_VERSION',/" setup.php > setup.php.tmp mv setup.php.tmp setup.php fi # update version number in version file too # echo "Replacing version in version file" echo "$PRETTY_NAME" > version echo $PURE_VERSION >> version # Build tar command; exclude config and other irrelevant files # TAR_COMMAND="tar -c -z -v --exclude CVS" J=0 while [ "$J" -lt ${#CONFIG_FILES[@]} ]; do echo "Excluding ${CONFIG_FILES[$J]}" TAR_COMMAND="$TAR_COMMAND --exclude ${CONFIG_FILES[$J]}" J=`expr $J + 1` done TAR_COMMAND="$TAR_COMMAND -f $PACKAGE-$FINAL_VERSION.tar.gz $PACKAGE" # make tarball # echo "Creating $PACKAGE-$FINAL_VERSION.tar.gz" cd ../ $TAR_COMMAND mv $PACKAGE-$FINAL_VERSION.tar.gz $PACKAGE cd $PACKAGE echo echo "Finished" echo