- Add 'login_lc' config option for case-insensitive authentication (#1487113)

- Make username comparison case sensitive on MySQL


git-svn-id: https://svn.roundcube.net/trunk@4290 208e9e7b-5314-0410-a742-e7e81cd9613c

1 files changed, 17 insertions, 5 deletions

diff --git a/roundcubemail/program/include/rcmail.php b/roundcubemail/program/include/rcmail.php
index d376e98bf..0eecd8ddb 100644
--- a/roundcubemail/program/include/rcmail.php
+++ b/roundcubemail/program/include/rcmail.php
@@ -678,10 +678,16 @@ class rcmail
         $username .= '@'.rcube_parse_host($config['username_domain']);
     }
 
+    // Convert username to lowercase. If IMAP backend
+    // is case-insensitive we need to store always the same username (#1487113)
+    if ($config['login_lc']) {
+      $username = mb_strtolower($username);
+    }
+
     // try to resolve email address from virtuser table
-    if (strpos($username, '@'))
-      if ($virtuser = rcube_user::email2user($username))
-        $username = $virtuser;
+    if (strpos($username, '@') && ($virtuser = rcube_user::email2user($username))) {
+      $username = $virtuser;
+    }
 
     // Here we need IDNA ASCII
     // Only rcube_contacts class is using domain names in Unicode
@@ -704,8 +710,14 @@ class rcmail
     if (!($imap_login = $this->imap->connect($host, $username, $pass, $imap_port, $imap_ssl))) {
       // try with lowercase
       $username_lc = mb_strtolower($username);
-      if ($username_lc != $username && ($imap_login = $this->imap->connect($host, $username_lc, $pass, $imap_port, $imap_ssl)))
-        $username = $username_lc;
+      if ($username_lc != $username) {
+        // try to find user record again -> overwrite username
+        if (!$user && ($user = rcube_user::query($username_lc, $host)))
+          $username_lc = $user->data['username'];
+
+        if ($imap_login = $this->imap->connect($host, $username_lc, $pass, $imap_port, $imap_ssl))
+          $username = $username_lc;
+      }
     }
 
     // exit if IMAP login failed