Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F773551
in-portal
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Sun, Feb 2, 3:52 PM
Size
24 KB
Mime Type
text/x-diff
Expires
Tue, Feb 4, 3:52 PM (3 h, 3 s)
Engine
blob
Format
Raw Data
Handle
556762
Attached To
rINP In-Portal
in-portal
View Options
Index: trunk/kernel/include/smtp.php
===================================================================
--- trunk/kernel/include/smtp.php (revision 1389)
+++ trunk/kernel/include/smtp.php (revision 1390)
@@ -1,818 +1,818 @@
<?php
/***************************************
** Filename.......: class.smtp.inc
** Project........: SMTP Class
** Version........: 1.00b
** Last Modified..: 30 September 2001
***************************************/
define('SMTP_STATUS_NOT_CONNECTED', 1, TRUE);
define('SMTP_STATUS_CONNECTED', 2, TRUE);
$CRLF = "\r\n";
class smtp{
var $connection;
var $recipients;
var $headers;
var $timeout;
var $errors;
var $status;
var $body;
var $from;
var $host;
var $port;
var $helo;
var $auth;
var $user;
var $pass;
var $debug;
var $buffer;
/**
* List of supported authentication methods, in preferential order.
* @var array
* @access public
*/
var $auth_methods = array('DIGEST-MD5','CRAM-MD5','LOGIN','PLAIN');
/**
* The most recent server response code.
* @var int
* @access private
*/
var $_code = -1;
/**
* The most recent server response arguments.
* @var array
* @access private
*/
var $_arguments = array();
/**
* Stores detected features of the SMTP server.
* @var array
* @access private
*/
var $_esmtp = array();
/***************************************
** Constructor function. Arguments:
** $params - An assoc array of parameters:
**
** host - The hostname of the smtp server Default: localhost
** port - The port the smtp server runs on Default: 25
** helo - What to send as the HELO command Default: localhost
** (typically the hostname of the
** machine this script runs on)
** auth - Whether to use basic authentication Default: FALSE
** user - Username for authentication Default: <blank>
** pass - Password for authentication Default: <blank>
** timeout - The timeout in seconds for the call Default: 5
** to fsockopen()
***************************************/
function smtp($params = array()){
$this->timeout = 5;
$this->status = SMTP_STATUS_NOT_CONNECTED;
$this->host = 'localhost';
$this->port = 25;
$this->helo = 'localhost';
$this->auth = FALSE;
$this->user = '';
$this->pass = '';
$this->errors = array();
$this->buffer = array();
$this->debug=0;
foreach($params as $key => $value){
$this->$key = $value;
}
}
/***************************************
** Connect function. This will, when called
** statically, create a new smtp object,
** call the connect function (ie this function)
** and return it. When not called statically,
** it will connect to the server and send
** the HELO command.
***************************************/
function connect($params = array()){
if(!isset($this->status))
{
$obj = new smtp($params);
if($obj->connect()){
$obj->status = SMTP_STATUS_CONNECTED;
}
return $obj;
}
else
{
$this->connection = @fsockopen($this->host, $this->port, $errno, $errstr, $this->timeout);
if(is_resource($this->connection))
{
socket_set_timeout($this->connection, 0, 250000);
socket_set_blocking($this->connection,TRUE);
$greeting = $this->get_data();
$this->status = SMTP_STATUS_CONNECTED;
return $this->auth ? $this->ehlo() : $this->helo();
}
else
{
$this->errors[] = 'Failed to connect to server: '.$errstr;
return FALSE;
}
}
}
function disconnect()
{
if(is_resource($this->connection))
fclose($this->connection);
unset($this->connection);
$this->status=SMTP_STATUS_NOT_CONNECTED;
}
/***************************************
** Function which handles sending the mail.
** Arguments:
** $params - Optional assoc array of parameters.
** Can contain:
** recipients - Indexed array of recipients
** from - The from address. (used in MAIL FROM:),
** this will be the return path
** headers - Indexed array of headers, one header per array entry
** body - The body of the email
** It can also contain any of the parameters from the connect()
** function
***************************************/
function send($params = array()){
global $CRLF;
foreach($params as $key => $value){
$this->set($key, $value);
}
if($this->is_connected()){
// Do we auth or not? Note the distinction between the auth variable and auth() function
if($this->auth){
if(!$this->auth())
return FALSE;
}
$this->mail($this->from);
if(is_array($this->recipients))
foreach($this->recipients as $value)
$this->rcpt($value);
else
$this->rcpt($this->recipients);
if(!$this->data())
return FALSE;
// Transparency
$headers = str_replace($CRLF.'.', $CRLF.'..', trim(implode($CRLF, $this->headers)));
$body = str_replace($CRLF.'.', $CRLF.'..', $this->body);
$body = $body[0] == '.' ? '.'.$body : $body;
$this->send_data($headers);
$this->send_data('');
$this->send_data($body);
$this->send_data($CRLF.".");
return (substr(trim($this->get_data()), 0, 3) === '250');
}else{
$this->errors[] = 'Not connected!';
return FALSE;
}
}
/***************************************
** Function to implement HELO cmd
***************************************/
function helo(){
if(is_resource($this->connection)
AND $this->send_data('HELO '.$this->helo)
AND substr(trim($error = $this->get_data()), 0, 3) === '250' ){
return TRUE;
}else{
$this->errors[] = 'HELO command failed, output: ' . trim(substr(trim($error),3));
return FALSE;
}
}
/***************************************
** Function to implement EHLO cmd
***************************************/
function ehlo()
{
$ret_status=is_resource($this->connection) AND $this->send_data('EHLO '.$this->helo);
$success=$this->_parseResponse(250);
if(!$ret_status && $success !== true)
{
$this->errors[] = 'EHLO command failed, output: ' . trim(substr(trim($error),3));
return FALSE;
}
foreach ($this->_arguments as $argument) {
$verb = strtok($argument, ' ');
$arguments = substr($argument, strlen($verb) + 1,
strlen($argument) - strlen($verb) - 1);
$this->_esmtp[$verb] = $arguments;
}
return TRUE;
}
/***************************************
** Function to implement AUTH cmd
***************************************/
function _getBestAuthMethod()
{
$available_methods = explode(' ', $this->_esmtp['AUTH']);
foreach ($this->auth_methods as $method)
{
if (in_array($method, $available_methods)) return $method;
}
return false;
}
function auth(){
if(is_resource($this->connection))
{
$method=$this->_getBestAuthMethod();
switch ($method) {
case 'DIGEST-MD5':
$result = $this->_authDigest_MD5($this->user, $this->pass);
break;
case 'CRAM-MD5':
$result = $this->_authCRAM_MD5($this->user, $this->pass);
break;
case 'LOGIN':
$result = $this->_authLogin($this->user, $this->pass);
break;
case 'PLAIN':
$result = $this->_authPlain($this->user, $this->pass);
break;
default:
$this->errors[] = 'AUTH command failed: no supported authentication methods';
return false;
break;
}
if($result!==true)
{
$this->errors[] = 'AUTH command failed: '.$result;
return FALSE;
}
return true;
}else{
$this->errors[] = 'AUTH command failed: ' . trim(substr(trim($error),3));
return FALSE;
}
}
// ============= AUTH METHODS: BEGIN ==========================
/**
* Authenticates the user using the DIGEST-MD5 method.
*
* @param string The userid to authenticate as.
* @param string The password to authenticate with.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access private
* @since 1.1.0
*/
function _authDigest_MD5($uid, $pwd)
{
$this->send_data('AUTH DIGEST-MD5');
/* 334: Continue authentication request */
if(($error=$this->_parseResponse(334)) !== true)
{
/* 503: Error: already authenticated */
if ($this->_code === 503) {
return true;
}
return $error;
}
$challenge = base64_decode($this->_arguments[0]);
$auth_str = base64_encode($this->get_digestMD5Auth($uid, $pwd, $challenge,
$this->host, "smtp"));
$this->send_data($auth_str);
/* 334: Continue authentication request */
if(($error=$this->_parseResponse(334)) !== true) return $error;
/*
* We don't use the protocol's third step because SMTP doesn't allow
* subsequent authentication, so we just silently ignore it.
*/
$this->send_data(' ');
/* 235: Authentication successful */
if(($error=$this->_parseResponse(235)) !== true) return $error;
}
/**
* Provides the (main) client response for DIGEST-MD5
* requires a few extra parameters than the other
* mechanisms, which are unavoidable.
*
* @param string $authcid Authentication id (username)
* @param string $pass Password
* @param string $challenge The digest challenge sent by the server
* @param string $hostname The hostname of the machine you're connecting to
* @param string $service The servicename (eg. imap, pop, acap etc)
* @param string $authzid Authorization id (username to proxy as)
* @return string The digest response (NOT base64 encoded)
* @access public
*/
function get_digestMD5Auth($authcid, $pass, $challenge, $hostname, $service, $authzid = '')
{
$challenge = $this->_parseChallenge($challenge);
$authzid_string = '';
if ($authzid != '') {
$authzid_string = ',authzid="' . $authzid . '"';
}
if (!empty($challenge)) {
$cnonce = $this->_getCnonce();
$digest_uri = sprintf('%s/%s', $service, $hostname);
$response_value = $this->_getResponseValue($authcid, $pass, $challenge['realm'], $challenge['nonce'], $cnonce, $digest_uri, $authzid);
return sprintf('username="%s",realm="%s"' . $authzid_string . ',nonce="%s",cnonce="%s",nc="00000001",qop=auth,digest-uri="%s",response=%s,%d', $authcid, $challenge['realm'], $challenge['nonce'], $cnonce, $digest_uri, $response_value, $challenge['maxbuf']);
} else {
return PEAR::raiseError('Invalid digest challenge');
}
}
/**
* Parses and verifies the digest challenge*
*
* @param string $challenge The digest challenge
* @return array The parsed challenge as an assoc
* array in the form "directive => value".
* @access private
*/
function _parseChallenge($challenge)
{
$tokens = array();
while (preg_match('/^([a-z-]+)=("[^"]+(?<!\\\)"|[^,]+)/i', $challenge, $matches)) {
// Ignore these as per rfc2831
if ($matches[1] == 'opaque' OR $matches[1] == 'domain') {
$challenge = substr($challenge, strlen($matches[0]) + 1);
continue;
}
// Allowed multiple "realm" and "auth-param"
if (!empty($tokens[$matches[1]]) AND ($matches[1] == 'realm' OR $matches[1] == 'auth-param')) {
if (is_array($tokens[$matches[1]])) {
$tokens[$matches[1]][] = preg_replace('/^"(.*)"$/', '\\1', $matches[2]);
} else {
$tokens[$matches[1]] = array($tokens[$matches[1]], preg_replace('/^"(.*)"$/', '\\1', $matches[2]));
}
// Any other multiple instance = failure
} elseif (!empty($tokens[$matches[1]])) {
$tokens = array();
break;
} else {
$tokens[$matches[1]] = preg_replace('/^"(.*)"$/', '\\1', $matches[2]);
}
// Remove the just parsed directive from the challenge
$challenge = substr($challenge, strlen($matches[0]) + 1);
}
/**
* Defaults and required directives
*/
// Realm
if (empty($tokens['realm'])) {
$uname = posix_uname();
$tokens['realm'] = $uname['nodename'];
}
// Maxbuf
if (empty($tokens['maxbuf'])) {
$tokens['maxbuf'] = 65536;
}
// Required: nonce, algorithm
if (empty($tokens['nonce']) OR empty($tokens['algorithm'])) {
return array();
}
return $tokens;
}
/**
* Creates the response= part of the digest response
*
* @param string $authcid Authentication id (username)
* @param string $pass Password
* @param string $realm Realm as provided by the server
* @param string $nonce Nonce as provided by the server
* @param string $cnonce Client nonce
* @param string $digest_uri The digest-uri= value part of the response
* @param string $authzid Authorization id
* @return string The response= part of the digest response
* @access private
*/
function _getResponseValue($authcid, $pass, $realm, $nonce, $cnonce, $digest_uri, $authzid = '')
{
if ($authzid == '') {
$A1 = sprintf('%s:%s:%s', pack('H32', md5(sprintf('%s:%s:%s', $authcid, $realm, $pass))), $nonce, $cnonce);
} else {
$A1 = sprintf('%s:%s:%s:%s', pack('H32', md5(sprintf('%s:%s:%s', $authcid, $realm, $pass))), $nonce, $cnonce, $authzid);
}
$A2 = 'AUTHENTICATE:' . $digest_uri;
return md5(sprintf('%s:%s:00000001:%s:auth:%s', md5($A1), $nonce, $cnonce, md5($A2)));
}
/**
* Creates the client nonce for the response
*
* @return string The cnonce value
* @access private
*/
function _getCnonce()
{
if (file_exists('/dev/urandom')) {
return base64_encode(fread(fopen('/dev/urandom', 'r'), 32));
} elseif (file_exists('/dev/random')) {
return base64_encode(fread(fopen('/dev/random', 'r'), 32));
} else {
$str = '';
mt_srand((double)microtime()*10000000);
for ($i=0; $i<32; $i++) {
$str .= chr(mt_rand(0, 255));
}
return base64_encode($str);
}
}
/**
* Authenticates the user using the CRAM-MD5 method.
*
* @param string The userid to authenticate as.
* @param string The password to authenticate with.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access private
* @since 1.1.0
*/
function _authCRAM_MD5($uid, $pwd)
{
$this->send_data('AUTH CRAM-MD5');
/* 334: Continue authentication request */
if(($error=$this->_parseResponse(334)) !== true)
{
/* 503: Error: already authenticated */
if ($this->_code === 503) {
return true;
}
return $error;
}
$challenge = base64_decode($this->_arguments[0]);
$auth_str = base64_encode($uid . ' ' . $this->_HMAC_MD5($pwd, $challenge));
$this->send_data($auth_str);
/* 235: Authentication successful */
if ( ($error = $this->_parseResponse(235)) ) {
return $error;
}
}
/**
* Authenticates the user using the LOGIN method.
*
* @param string The userid to authenticate as.
* @param string The password to authenticate with.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access private
* @since 1.1.0
*/
function _authLogin($uid, $pwd)
{
$this->send_data('AUTH LOGIN');
/* 334: Continue authentication request */
if(($error=$this->_parseResponse(334)) !== true)
{
/* 503: Error: already authenticated */
if ($this->_code === 503) {
return true;
}
return $error;
}
$this->send_data( base64_encode($uid) );
/* 334: Continue authentication request */
if(($error=$this->_parseResponse(334)) !== true) return $error;
$this->send_data( base64_encode($pwd) );
/* 235: Authentication successful */
if (($error=$this->_parseResponse(235)) !== true) return $error;
return true;
}
/**
* Authenticates the user using the PLAIN method.
*
* @param string The userid to authenticate as.
* @param string The password to authenticate with.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access private
* @since 1.1.0
*/
function _authPlain($uid, $pwd)
{
$this->send_data('AUTH PLAIN');
/* 334: Continue authentication request */
if(($error=$this->_parseResponse(334)) !== true)
{
/* 503: Error: already authenticated */
if ($this->_code === 503) {
return true;
}
return $error;
}
$auth_str = base64_encode(chr(0) . $uid . chr(0) . $pwd);
$this->send_data($auth_str);
/* 235: Authentication successful */
if (($error=$this->_parseResponse(235)) !== true) return $error;
return true;
}
// ============= AUTH METHODS: END ==========================
/**
* Function which implements HMAC MD5 digest
*
* @param string $key The secret key
* @param string $data The data to protect
* @return string The HMAC MD5 digest
*/
function _HMAC_MD5($key, $data)
{
if (strlen($key) > 64) {
$key = pack('H32', md5($key));
}
if (strlen($key) < 64) {
$key = str_pad($key, 64, chr(0));
}
$k_ipad = substr($key, 0, 64) ^ str_repeat(chr(0x36), 64);
$k_opad = substr($key, 0, 64) ^ str_repeat(chr(0x5C), 64);
$inner = pack('H32', md5($k_ipad . $data));
$digest = md5($k_opad . $inner);
return $digest;
}
/**
* Read a reply from the SMTP server. The reply consists of a response
* code and a response message.
*
* @param mixed $valid The set of valid response codes. These
* may be specified as an array of integer
* values or as a single integer value.
*
* @return mixed True if the server returned a valid response code or
* a PEAR_Error object is an error condition is reached.
*
* @access private
* @since 1.1.0
*
* @see getResponse
*/
function _parseResponse($valid)
{
global $CRLF;
$this->_code = -1;
$this->_arguments = array();
if(!is_resource($this->connection)) return false;
while ($line = fgets($this->connection, 512)) {
if ($this->debug) {
- echo "DEBUG: Recv: $line\n";
+ echo "DEBUG: Recv: $line<br>\n";
}
/* If we receive an empty line, the connection has been closed. */
if (empty($line)) {
$this->disconnect();
return 'Connection was unexpectedly closed';
}
/* Read the code and store the rest in the arguments array. */
$code = substr($line, 0, 3);
$this->_arguments[] = trim(substr($line, 4));
/* Check the syntax of the response code. */
if (is_numeric($code)) {
$this->_code = (int)$code;
} else {
$this->_code = -1;
break;
}
/* If this is not a multiline response, we're done. */
if (substr($line, 3, 1) != '-') {
break;
}
}
/* Compare the server's response code with the valid code. */
if (is_int($valid) && ($this->_code === $valid)) {
return true;
}
/* If we were given an array of valid response codes, check each one. */
if (is_array($valid)) {
foreach ($valid as $valid_code) {
if ($this->_code === $valid_code) {
return true;
}
}
}
return 'Invalid response code received from server';
}
/***************************************
** Function that handles the MAIL FROM: cmd
***************************************/
function mail($from){
if($this->is_connected()
AND $this->send_data('MAIL FROM:'.$from.'')
AND substr(trim($this->get_data()), 0, 2) === '250' ){
return TRUE;
}else
return FALSE;
}
/***************************************
** Function that handles the RCPT TO: cmd
***************************************/
function rcpt($to){
if($this->is_connected()
AND $this->send_data('RCPT TO:'.$to.'')
AND substr(trim($error = $this->get_data()), 0, 2) === '25' ){
return TRUE;
}else{
$this->errors[] = trim(substr(trim($error), 3));
return FALSE;
}
}
/***************************************
** Function that sends the DATA cmd
***************************************/
function data(){
if($this->is_connected()
AND $this->send_data('DATA')
AND substr(trim($error = $this->get_data()), 0, 3) === '354' ){
return TRUE;
}else{
$this->errors[] = trim(substr(trim($error), 3));
return FALSE;
}
}
/***************************************
** Function to determine if this object
** is connected to the server or not.
***************************************/
function is_connected(){
return (is_resource($this->connection) AND ($this->status === SMTP_STATUS_CONNECTED));
}
/***************************************
** Function to send a bit of data
***************************************/
function send_data($data){
global $CRLF;
if($this->debug)
{
- $this->buffer[] = "SEND: $data\n";
+ $this->buffer[] = "SEND: $data<br>\n";
}
if(is_resource($this->connection)){
return fwrite($this->connection, $data.$CRLF, strlen($data)+2);
}else
return FALSE;
}
function bytes_left($fp)
{
$status = socket_get_status ($fp);
//print_r($status);
$bytes = $status["unread_bytes"];
return $bytes;
}
/***************************************
** Function to get data.
***************************************/
function &get_data(){
global $CRLF;
$return = '';
$line = '';
if(is_resource($this->connection))
{
while(strpos($return, $CRLF) === FALSE OR substr($line,3,1) !== ' ')
{
$line = fgets($this->connection, 512);
$return .= $line;
}
if($this->debug)
{
- $this->buffer[] = "GET: ".$return."\n";
+ $this->buffer[] = "GET: ".$return."<br>\n";
}
return $return;
}else
return FALSE;
}
/***************************************
** Sets a variable
***************************************/
function set($var, $value){
$this->$var = $value;
return TRUE;
}
} // End of class
?>
Property changes on: trunk/kernel/include/smtp.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.3
\ No newline at end of property
+1.4
\ No newline at end of property
Event Timeline
Log In to Comment