From 848e204ef9bdaf989e7e48025d4ea6ee21e7678e Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sat, 13 Sep 2014 06:36:54 -0400
Subject: [PATCH] Fix validation of email addresses with IDNA domains (#1490067)

---
 program/steps/utils/modcss.inc |  102 +++++++++++++++++++++------------------------------
 1 files changed, 42 insertions(+), 60 deletions(-)

diff --git a/program/steps/utils/modcss.inc b/program/steps/utils/modcss.inc
index d635f97..f3d8d89 100644
--- a/program/steps/utils/modcss.inc
+++ b/program/steps/utils/modcss.inc
@@ -5,7 +5,7 @@
  | program/steps/utils/modcss.inc                                        |
  |                                                                       |
  | This file is part of the Roundcube Webmail client                     |
- | Copyright (C) 2007-2011, The Roundcube Dev Team                       |
+ | Copyright (C) 2007-2014, The Roundcube Dev Team                       |
  |                                                                       |
  | Licensed under the GNU General Public License version 3 or            |
  | any later version with exceptions for skins & plugins.                |
@@ -16,86 +16,68 @@
  |                                                                       |
  +-----------------------------------------------------------------------+
  | Author: Thomas Bruederli <roundcube@gmail.com>                        |
+ | Author: Aleksander Machniak <alec@alec.pl>                            |
  +-----------------------------------------------------------------------+
-
- $Id$
-
 */
 
-$source = '';
-
 $url = preg_replace('![^a-z0-9.-]!i', '', $_GET['_u']);
+
 if ($url === null || !($realurl = $_SESSION['modcssurls'][$url])) {
     header('HTTP/1.1 403 Forbidden');
-    echo "Unauthorized request";
-    exit;
+    exit("Unauthorized request");
 }
-
-$a_uri = parse_url($realurl);
-$port  = $a_uri['port'] ? $a_uri['port'] : 80;
-$host  = $a_uri['host'];
-$path  = $a_uri['path'] . ($a_uri['query'] ? '?'.$a_uri['query'] : '');
 
 // don't allow any other connections than http(s)
-if (strtolower(substr($a_uri['scheme'], 0, 4)) != 'http') {
+if (!preg_match('~^(https?)://~i', $realurl, $matches)) {
     header('HTTP/1.1 403 Forbidden');
-    echo "Invalid URL";
-    exit;
+    exit("Invalid URL");
 }
 
-// try to open socket connection
-if (!($fp = fsockopen($host, $port, $errno, $error, 15))) {
-    header('HTTP/1.1 500 Internal Server Error');
-    echo $error;
-    exit;
+if (ini_get('allow_url_fopen')) {
+    $scheme  = strtolower($matches[1]);
+    $options = array(
+        $scheme => array(
+            'method' => 'GET',
+            'timeout' => 15,
+        )
+    );
+
+    $context = stream_context_create($options);
+    $source  = @file_get_contents($realurl, false, $context);
+
+    // php.net/manual/en/reserved.variables.httpresponseheader.php
+    $headers = implode("\n", (array) $http_response_header);
 }
+else if (function_exists('curl_init')) {
+    $curl = curl_init($realurl);
+    curl_setopt($curl, CURLOPT_TIMEOUT, 15);
+    curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 15);
+    curl_setopt($curl, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
+    curl_setopt($curl, CURLOPT_ENCODING, '');
+    curl_setopt($curl, CURLOPT_HEADER, true);
+    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+    $data = curl_exec($curl);
 
-// set timeout for socket
-stream_set_timeout($fp, 30);
-
-// send request
-$out  = "GET $path HTTP/1.0\r\n";
-$out .= "Host: $host\r\n";
-$out .= "Connection: Close\r\n\r\n";
-fwrite($fp, $out);
-
-// read response
-$header = true;
-$headers = array();
-while (!feof($fp)) {
-    $line = trim(fgets($fp, 4048));
-
-    if ($header) {
-        if (preg_match('/^HTTP\/1\..\s+(\d+)/', $line, $regs)
-            && intval($regs[1]) != 200) {
-            break;
-        }
-        else if (empty($line)) {
-            $header = false;
-        }
-        else {
-            list($key, $value) = explode(': ', $line);
-            $headers[strtolower($key)] = $value;
-        }
+    if ($data !== false) {
+        list($headers, $source) = explode("\r\n\r\n", $data, 2);
     }
     else {
-        $source .= "$line\n";
+        $headers = false;
+        $source  = false;
     }
 }
-fclose($fp);
+else {
+    header('HTTP/1.1 403 Forbidden');
+    exit("HTTP connections disabled");
+}
 
-// check content-type header and mod styles
-$mimetype = strtolower($headers['content-type']);
-if (!empty($source) && in_array($mimetype, array('text/css','text/plain'))) {
+$ctype_regexp = '~Content-Type:\s+text/(css|plain)~i';
+
+if ($source !== false && preg_match($ctype_regexp, $headers)) {
     header('Content-Type: text/css');
-    echo rcmail_mod_css_styles($source, preg_replace('/[^a-z0-9]/i', '', $_GET['_c']));
+    echo rcube_utils::mod_css_styles($source, preg_replace('/[^a-z0-9]/i', '', $_GET['_c']));
     exit;
 }
-else
-    $error = "Invalid response returned by server";
 
 header('HTTP/1.0 404 Not Found');
-echo $error;
-exit;
-
-
+exit("Invalid response returned by server");

--
Gitblit v1.9.1