* * licence: CECILL http://www.cecill.info/licences/Licence_CeCILL_V2.1-fr.html * license: CECILL http://www.cecill.info/licences/Licence_CeCILL_V2.1-en.html * FRENCH | ENGLISH * ------------------------------------+-------------------------------------- * Ce logiciel est un programme | This software is a computer program * informatique servant à générer un | whose purpose is to generate an * fichier d'autoconfiguration pour | XML autoconfiguration file for * thunderbird en interrogeant un | thunderbird by querying an LDAP * annuaire LDAP. | directory. * | * Ce logiciel est régi par la licence | This software is governed by the * CeCILL soumise au droit français et | CeCILL license under French law and * respectant les principes de | abiding by the rules of * diffusion des logiciels libres. | distribution of free software. You * Vous pouvez utiliser, modifier | can use, modify and/ or * et/ou redistribuer ce programme | redistribute the software under the * sous les conditions de la licence | terms of the CeCILL license as * CeCILL telle que diffusée par le | circulated by CEA, CNRS and INRIA * CEA, le CNRS et l'INRIA sur le site | at the following URL * "http://www.cecill.info/". | "http://www.cecill.info/". * | * En contrepartie de l'accessibilité | As a counterpart to the access to * au code source et des droits de | the source code and rights to * copie, de modification et de | copy, modify and redistribute * redistribution accordés par cette | granted by the license, users are * licence, il n'est offert aux | provided only with a limited * utilisateurs qu'une garantie | warranty and the software's * limitée. Pour les mêmes raisons, | author, the holder of the economic * seule une responsabilité restreinte | rights, and the successive * pèse sur l'auteur du programme, le | licensors have only limited * titulaire des droits patrimoniaux | liability. * et les concédants successifs. | * | * A cet égard l'attention de | In this respect, the user's * l'utilisateur est attirée sur les | attention is drawn to the risks * risques associés au chargement, à | associated with loading, using, * l'utilisation, à la modification | modifying and/or developing or * et/ou au développement et à la | reproducing the software by the * reproduction du logiciel par | user in light of its specific * l'utilisateur étant donné sa | status of free software, that may * spécificité de logiciel libre, qui | mean that it is complicated to * peut le rendre complexe à manipuler | manipulate, and that also * et qui le réserve donc à des | therefore means that it is * développeurs et des professionnels | reserved for developers and * avertis possédant des | experienced professionals having * connaissances informatiques | in-depth computer knowledge. Users * approfondies. Les utilisateurs | are therefore encouraged to load * sont donc invités à charger et | and test the software's suitability * tester l'adéquation du logiciel à | as regards their requirements in * leurs besoins dans des conditions | conditions enabling the security of * permettant d'assurer la sécurité de | their systems and/or data to be * leurs systèmes et ou de leurs | ensured and, more generally, to * données et, plus généralement, à | use and operate it in the same * l'utiliser et l'exploiter dans les | conditions as regards security. * mêmes conditions de sécurité. | * | * Le fait que vous puissiez accéder à | The fact that you are presently * cet en-tête signifie que vous avez | reading this means that you have * pris connaissance de la licence | had knowledge of the CeCILL license * CeCILL, et que vous en avez accepté | and that you accept its terms. * les termes. | */ $debug=false; function meurs($s) { global $debug; if($debug) die($s); else die(); } /* * Define an array with our domains, and their respective imap and smtp servers * Must be all lower case. */ $server=array( 'example.com' => array( 'imap' => 'imap.example.com', 'smtp' => 'submission.example.com', 'displayname' => 'La compagnie de France', 'displayshort' => 'compagnie', // userhelpdoc is optional 'userhelpdoc' => 'https://example.com/docs/email/thunderbird', ), // 'more.domains' => array( 'imap' etc...), ); /* * Check params, die if params are not what we expect */ if( ! isset( $_GET['emailaddress'] )) meurs('No email address provided'); /* * just make sure that we received less than 321 bytes, see RFC. */ if( 320 < strlen( $_GET['emailaddress'] )) meurs('Email address too long'); $candidate=trim($_GET['emailaddress']); list($local,$domain)=explode('@', $candidate, 2); $domain=strtolower($domain); $domaindc=str_replace('.', ',dc=', $domain); /* * Check domain is known. */ if( ! array_key_exists( $domain, $server ) ) meurs('Unknown domain : '.$domain); /* * check local part corresponds to OUR likings. Well... this is a minimalist * test. Just make sure we only have only ASCII chars we use for email at our * site and that the length is less than 65, as per RFC 3696. */ if( ! preg_match( '/^[a-z][-_.a-z0-9]{0,63}$/i', $local ) ) meurs('Weird chars in email or local part too long'); /* * Now that we are certain that emailaddress * - is shorter than 321 bytes * - has a known domain part * - has only valid chars in its local part * - has a localpart shorter than 65 chars * let's work ! */ $email=$_GET['emailaddress']; $fmtnodoc=<<<'EOFMT' %s %s %s %s 993 SSL password-cleartext %s %s 587 STARTTLS password-cleartext %s EOFMT; $fmtdoc=<<<'EOFMT' %s %s %s %s 993 SSL password-cleartext %s %s 587 STARTTLS password-cleartext %s Thunderbird mail settings Pramètres de courriel pour Thunderbird EOFMT; require_once 'Net/LDAP2.php'; $LDAPconfig = array ( 'host' => 'annuaire.example.com', 'port' => 389, 'version' => 3, 'starttls' => false, // 'binddn' => 'cn=admin,ou=people,dc=example.dc=com', // 'bindpw' => 'password', 'basedn' => 'ou=people,dc='.$domaindc, // default basedn for queries 'options' => array(), 'filter' => '(objectclass=*)', //default search filter 'scope' => 'one', // default scope for search ); // Connecting using the configuration: $ldap = Net_LDAP2::connect($LDAPconfig); // Testing for connection error if (PEAR::isError($ldap)) { meurs('Could not connect to LDAP-server: '.$ldap->getMessage()); } $queryparam=array( 'scope' => 'one', 'sizelimit' => 0, // Number of entries returned at maximum 'timelimit' => 10, // Seconds to spent for searching 'attrsonly' => false, // If true, only attribute names are returned 'attributes' => array ( 'uid' ), // Array of attribute names, which the entry should contain. ); $search = $ldap->search( null, "(mail=$email)", $queryparam ); // Test for search errors: if (PEAR::isError($search)) { meurs($search->getMessage() . "\n"); } // if not exactly one entry, we can't tell user... if( $search->count() !== 1 ) { meurs('no answer or more than one answer. count : '.$search->count() ); } $entry=$search->shiftEntry(); $uid = $entry->getValue('uid', 'single'); if(false === $uid) { meurs('Weird ! Answer has no "uid" attribute'); } header( 'Content-type: text/xml' ); if(array_key_exists('userhelpdoc', $server[$domain]) and ! empty($server[$domain]['userhelpdoc'])) { printf($fmtdoc, $domain, $domain, $server[$domain]['displayname'], $server[$domain]['displayshort'], $server[$domain]['imap'], $uid, $server[$domain]['smtp'], $uid, $server[$domain]['userhelpdoc'] ); } else { printf($fmtnodoc, $domain, $domain, $server[$domain]['displayname'], $server[$domain]['displayshort'], $server[$domain]['imap'], $uid, $server[$domain]['smtp'], $uid ); } // vim: se ts=4 sw=4 et ai mouse= :