diff options
Diffstat (limited to 'emailproxy-ui.py')
| -rw-r--r-- | emailproxy-ui.py | 490 |
1 files changed, 490 insertions, 0 deletions
diff --git a/emailproxy-ui.py b/emailproxy-ui.py new file mode 100644 index 0000000..aa72c09 --- /dev/null +++ b/emailproxy-ui.py @@ -0,0 +1,490 @@ +#!/usr/bin/env python3 +import os +import sys +import subprocess +import tempfile +import shutil +import time +import socket +import json +import re + +# load le config file (edit this to your needs) +CONFIG_FILE = "/home/crt/helper-emailproxy/config/config.env" + +def load_config(): + """Load configuration from the environment file.""" + config = {} + with open(CONFIG_FILE, "r") as f: + for line in f: + # dont read comments or empty lines perhaps + if line.strip().startswith("#") or "=" not in line: + continue + key, value = line.strip().split("=", 1) + config[key.strip()] = value.strip() + return config + +def create_temp_config(auth_base_config, imap_port, smtp_port): + """Create a temporary configuration file for the session.""" + temp_dir = tempfile.mkdtemp() + temp_config_path = os.path.join(temp_dir, "emailproxy-auth-temp.config") + + with open(auth_base_config, "r") as base_config, open(temp_config_path, "w") as temp_config: + for line in base_config: + temp_config.write( + line.replace("IMAP-2993", f"IMAP-{imap_port}") + .replace("SMTP-2465", f"SMTP-{smtp_port}") + ) + + return temp_config_path, temp_dir + +def launch_emailproxy(temp_config_path, emailproxy_exec): + """Launch the emailproxy with the temporary configuration.""" + # launch a temporary emailproxy process for getting 2fa piss token + config = load_config() + log_file = config.get("EMAILPROXY_LOG_FILE", "/tmp/emailproxy.log") + + print(f"[+] Starting temporary emailproxy, writing output to {log_file}") + + working_dir = os.path.dirname(emailproxy_exec) if "/" in emailproxy_exec else os.getcwd() + cmd = f"stdbuf -oL {emailproxy_exec} --config-file '{temp_config_path}' --no-gui --external-auth" + + # this is a security risk, but we need to write the piss token to one file for php to read it because i am dumb + with open(log_file, "a") as lf: + proc = subprocess.Popen( + cmd, + shell=True, + cwd=working_dir, + stdin=subprocess.PIPE, + stdout=lf, # thanks ai for fixing my crap + stderr=lf, # same here + text=True + ) + + # return the process + return proc + +def validate_new_user(temp_config_path, email): + """Check if a new user was successfully added to the temporary config.""" + if not os.path.exists(temp_config_path): + return False + + with open(temp_config_path, "r") as temp_config: + return f"[{email}]" in temp_config.read() + +def merge_configs(main_config_path, temp_config_path): + """Merge the new user configuration into the main config.""" + with open(main_config_path, "r") as main_config: + main_config_content = main_config.read() + + # ocd newline check + ensure_newline = "" if main_config_content.endswith("\n") else "\n" + + with open(temp_config_path, "r") as temp_config: + temp_config_content = temp_config.read() + + # get new successful users from temp config + user_sections = [] + current_section = [] + in_user_section = False + + for line in temp_config_content.splitlines(): + if line.startswith("[") and "@" in line: + if current_section: # i am bad at python + user_sections.append("\n".join(current_section)) + current_section = [] + in_user_section = True + current_section.append(line) + elif line.startswith("["): + in_user_section = False + current_section = [] + elif in_user_section: + current_section.append(line) + + # add the last user section because thats 99% of the time what we want + if current_section and in_user_section: + user_sections.append("\n".join(current_section)) + + # maybe dont create conflicts yk (send help) + merged_any = False + for user_section in user_sections: + user_email = user_section.split("[", 1)[1].split("]", 1)[0] + if f"[{user_email}]" in main_config_content: + print(f"[!] User {user_email} already exists in the main config. Skipping merge.") + continue + + # append new user and ENSURE NEW LINE I HATE GRUSSIGI CONFIG !!! + with open(main_config_path, "a") as main_config: + main_config.write(f"{ensure_newline}\n{user_section}\n") + + # mmm emailproxy deletes config and replaces with its cached one when stopped so uhm yeah this is here for that + main_config.flush() + os.fsync(main_config.fileno()) + + print(f"[+] Successfully added {user_email} to the main config.") + merged_any = True + + return merged_any + +def restart_main_proxy(emailproxy_exec, emailproxy_config, working_dir, log_file, debug): + """Restart the main emailproxy process.""" + print("[+] Stopping the current emailproxy process...") + + # kill it with fire + kill_cmd = f"pkill -f '{emailproxy_exec} --config-file {emailproxy_config}'" + subprocess.run(kill_cmd, shell=True) + + # make sure the process burnt alive and died + time.sleep(2) + + # return before starting the new one + return working_dir, log_file, debug + +# thenks ai for fixing ! +def handle_new_user(email, imap_port, smtp_port, emailproxy_exec, auth_base_config): + """Handle a new user authentication request.""" + temp_config_path, temp_dir = create_temp_config(auth_base_config, imap_port, smtp_port) + + try: + # launch temp emailproxy + print(f"[+] Launching temporary emailproxy for {email} on ports IMAP:{imap_port}, SMTP:{smtp_port}") + temp_proxy_proc = launch_emailproxy(temp_config_path, emailproxy_exec) + + # gibs returned values for php + return temp_config_path, temp_dir, temp_proxy_proc + + except Exception as e: + print(f"[!] Error launching temporary emailproxy: {e}") + shutil.rmtree(temp_dir) + return None, None, None + +def start_command_server(): + """Start a socket server to receive commands from PHP.""" + server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) + server_socket.bind(('localhost', COMMAND_PORT)) + server_socket.listen(5) + return server_socket + +# security risk most likely <3 i love it +def remove_user_from_config(config_file, email): + """Remove a user section from the config file.""" + if not os.path.exists(config_file): + return False + + with open(config_file, "r") as f: + content = f.read() + + # thanks ai for the regex + pattern = r'\[' + re.escape(email) + r'\].*?(?=\n\[|\Z)' + new_content = re.sub(pattern, '', content, flags=re.DOTALL) + + # ICH HASSE GRUSSIGI CONFIG + new_content = re.sub(r'\n\n\n+', '\n\n', new_content) + + # updaten das filet + with open(config_file, "w") as f: + f.write(new_content) + f.flush() + os.fsync(f.fileno()) + + print(f"[+] Successfully removed user {email} from the config.") + return True + +def main(): + """Main function to handle the authentication process.""" + config = load_config() + + # load em vars yehea boi + emailproxy_exec = config.get("EMAILPROXY_EXECUTABLE", "emailproxy") + main_config = config.get("EMAILPROXY_CONFIG_FILE", "/home/crt/helper-emailproxy/config/emailproxy.config") + auth_base_config = config.get("EMAILPROXY_AUTH_CONFIG", "/home/crt/helper-emailproxy/config/emailproxy-auth.config") + log_file = config.get("EMAILPROXY_LOG_FILE", "/tmp/emailproxy.log") + command_port = int(config.get("COMMAND_PORT", "8765")) + + # get da working dir + working_dir = os.path.dirname(emailproxy_exec) if "/" in emailproxy_exec else os.getcwd() + + # launch main proxii + print("[+] Launching the main emailproxy process...") + cmd = f"stdbuf -oL {emailproxy_exec} --config-file '{main_config}' --no-gui" + + # commadn line debug (sorry for the mess below emailproxy was acting weird) + debug = "--debug" in sys.argv + + if debug: + main_proxy_proc = subprocess.Popen( + cmd, + shell=True, + cwd=working_dir, + stdin=subprocess.PIPE, + stdout=sys.stdout, + stderr=sys.stderr, + text=True + ) + else: + with open(log_file, "a") as lf: + main_proxy_proc = subprocess.Popen( + cmd, + shell=True, + cwd=working_dir, + stdin=subprocess.PIPE, + stdout=lf, + stderr=lf, + text=True + ) + + print(f"[+] emailproxy started with PID {main_proxy_proc.pid}") + + # maybe benutzi machi das richtigi porti + server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) + server_socket.bind(('localhost', command_port)) + server_socket.listen(5) + print(f"[+] Command server started on port {command_port}, waiting for commands...") + + active_sessions = {} # store active sessions for cleanup so no mess and stinky + + try: + while True: + # accept le connections from PHP <3 + client_socket, address = server_socket.accept() + data = client_socket.recv(4096).decode('utf-8') + + try: + command = json.loads(data) + cmd_type = command.get("type") + + if cmd_type == "new_user": + # thanks ai for fixing my crap + email = command.get("email", "") + imap_port = int(command.get("imap_port", 2993)) + smtp_port = int(command.get("smtp_port", 2465)) + session_id = command.get("session_id") + + temp_config_path, temp_dir, temp_proc = handle_new_user( + email, imap_port, smtp_port, emailproxy_exec, auth_base_config + ) + + if temp_config_path: + active_sessions[session_id] = (temp_config_path, temp_dir, temp_proc) + client_socket.send(json.dumps({"success": True}).encode('utf-8')) + else: + client_socket.send(json.dumps({"success": False, "error": "Failed to start temporary proxy"}).encode('utf-8')) + + elif cmd_type == "check_auth": + # check if the user was successfully added to the temporary config + session_id = command.get("session_id") + email = command.get("email") + + if session_id in active_sessions: + temp_config_path, _, _ = active_sessions[session_id] + success = validate_new_user(temp_config_path, email) + client_socket.send(json.dumps({"success": success}).encode('utf-8')) + else: + client_socket.send(json.dumps({"success": False, "error": "Invalid session"}).encode('utf-8')) + + elif cmd_type == "merge_config": + # merge the config and brutally restart the proxy (bad bad bad but works so so yeah uhm idk) + session_id = command.get("session_id") + + if session_id in active_sessions: + temp_config_path, temp_dir, temp_proc = active_sessions[session_id] + + # murder temp + if temp_proc and temp_proc.poll() is None: + temp_proc.terminate() + temp_proc.wait(timeout=5) + + # stop main proxy + working_dir, log_file, debug = restart_main_proxy(emailproxy_exec, main_config, working_dir, log_file, debug) + + # merge while stopped + print("[+] Merging configuration files...") + merge_success = merge_configs(main_config, temp_config_path) + + # revive again + print("[+] Starting a new emailproxy process...") + cmd = f"stdbuf -oL {emailproxy_exec} --config-file '{main_config}' --no-gui" + + if debug: + main_proxy_proc = subprocess.Popen( + cmd, + shell=True, + cwd=working_dir, + stdin=subprocess.PIPE, + stdout=sys.stdout, + stderr=sys.stderr, + text=True + ) + else: + with open(log_file, "a") as lf: + main_proxy_proc = subprocess.Popen( + cmd, + shell=True, + cwd=working_dir, + stdin=subprocess.PIPE, + stdout=lf, + stderr=lf, + text=True + ) + + print(f"[+] New emailproxy process started with PID {main_proxy_proc.pid}") + + # no more temp + shutil.rmtree(temp_dir) + del active_sessions[session_id] + + client_socket.send(json.dumps({"success": merge_success}).encode('utf-8')) + else: + client_socket.send(json.dumps({"success": False, "error": "Invalid session"}).encode('utf-8')) + + elif cmd_type == "cleanup": + # clean up abandoned fatherless session (sad violin) + session_id = command.get("session_id") + + if session_id in active_sessions: + _, temp_dir, temp_proc = active_sessions[session_id] + + # more murdering of the orphans + if temp_proc and temp_proc.poll() is None: + temp_proc.terminate() + temp_proc.wait(timeout=5) + + # hide the bodies + shutil.rmtree(temp_dir) + del active_sessions[session_id] + + client_socket.send(json.dumps({"success": True}).encode('utf-8')) + else: + client_socket.send(json.dumps({"success": False, "error": "Invalid session"}).encode('utf-8')) + + elif cmd_type == "redirect_url": + # process the actual redirect url + session_id = command.get("session_id") + email = command.get("email") + redirect_url = command.get("redirect_url") + + if session_id in active_sessions: + temp_config_path, temp_dir, temp_proc = active_sessions[session_id] + print(f"[+] Received redirect URL for {email}") + + if temp_proc and temp_proc.poll() is None: + try: + # canz we haz writez? + if temp_proc.stdin: + temp_proc.stdin.write(redirect_url + "\n") + temp_proc.stdin.flush() + time.sleep(5) # oop wait a bit for the process + + # ignoring the problems just like irl and trying again + success = False + for _ in range(3): + if validate_new_user(temp_config_path, email): + success = True + break + time.sleep(2) + + client_socket.send(json.dumps({"success": success}).encode('utf-8')) + else: + client_socket.send(json.dumps({"success": False, "error": "Process stdin not available"}).encode('utf-8')) + except Exception as e: + print(f"[!] Error sending redirect URL: {e}") + client_socket.send(json.dumps({"success": False, "error": str(e)}).encode('utf-8')) + else: + client_socket.send(json.dumps({"success": False, "error": "Temporary process not running"}).encode('utf-8')) + else: + client_socket.send(json.dumps({"success": False, "error": "Invalid session"}).encode('utf-8')) + + elif cmd_type == "remove_user": + # remove a user from the main config + email = command.get("email") + + if not email: + client_socket.send(json.dumps({"success": False, "error": "Email address required"}).encode('utf-8')) + continue + + # stop the main proxy before removing the user + working_dir, log_file, debug = restart_main_proxy(emailproxy_exec, main_config, working_dir, log_file, debug) + + # tschau tschau user + print(f"[+] Removing user {email} from configuration...") + remove_success = remove_user_from_config(main_config, email) + + # prxi is back + print("[+] Starting a new emailproxy process...") + cmd = f"stdbuf -oL {emailproxy_exec} --config-file '{main_config}' --no-gui" + + if debug: + main_proxy_proc = subprocess.Popen( + cmd, + shell=True, + cwd=working_dir, + stdin=subprocess.PIPE, + stdout=sys.stdout, + stderr=sys.stderr, + text=True + ) + else: + with open(log_file, "a") as lf: + main_proxy_proc = subprocess.Popen( + cmd, + shell=True, + cwd=working_dir, + stdin=subprocess.PIPE, + stdout=lf, + stderr=lf, + text=True + ) + + print(f"[+] New emailproxy process started with PID {main_proxy_proc.pid}") + client_socket.send(json.dumps({"success": remove_success}).encode('utf-8')) + + else: + client_socket.send(json.dumps({"success": False, "error": "Unknown command"}).encode('utf-8')) + + except json.JSONDecodeError: + client_socket.send(json.dumps({"success": False, "error": "Invalid JSON"}).encode('utf-8')) + except Exception as e: + client_socket.send(json.dumps({"success": False, "error": str(e)}).encode('utf-8')) + finally: + client_socket.close() + + # apparently we need to clean up the mess (thanks ai) + current_time = time.time() + timed_out_sessions = [] + + for session_id, (_, temp_dir, temp_proc) in active_sessions.items(): + session_time = int(session_id.split('_')[0]) + if current_time - session_time > 300: # 5 mins + if temp_proc and temp_proc.poll() is None: + temp_proc.terminate() + temp_proc.wait(timeout=5) + + shutil.rmtree(temp_dir) + timed_out_sessions.append(session_id) + + for session_id in timed_out_sessions: + del active_sessions[session_id] + print(f"[!] Session {session_id} timed out and was cleaned up.") + + except KeyboardInterrupt: + print("[!] Shutting down...") + finally: + # bye bye sessions + for session_id, (_, temp_dir, temp_proc) in active_sessions.items(): + if temp_proc and temp_proc.poll() is None: + temp_proc.terminate() + temp_proc.wait(timeout=5) + + shutil.rmtree(temp_dir) + + # bye bye main proxy + if main_proxy_proc.poll() is None: + main_proxy_proc.terminate() + main_proxy_proc.wait(timeout=5) + + print("[+] All processes terminated and temporary files probably cleaned up.") + +if __name__ == "__main__": + main() |