From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)
---
program/lib/Net/SMTP.php | 642 ++++++++++++++++++++++++++++++++++++++++++++-------------
1 files changed, 494 insertions(+), 148 deletions(-)
diff --git a/program/lib/Net/SMTP.php b/program/lib/Net/SMTP.php
index bda1494..2c1ef5c 100644
--- a/program/lib/Net/SMTP.php
+++ b/program/lib/Net/SMTP.php
@@ -17,8 +17,6 @@
// | Jon Parise <jon@php.net> |
// | Damian Alejandro Fernandez Sosa <damlists@cnba.uba.ar> |
// +----------------------------------------------------------------------+
-//
-// $Id$
require_once 'PEAR.php';
require_once 'Net/Socket.php';
@@ -36,7 +34,6 @@
*/
class Net_SMTP
{
-
/**
* The server to connect to.
* @var string
@@ -63,7 +60,27 @@
* @var array
* @access public
*/
- var $auth_methods = array('DIGEST-MD5', 'CRAM-MD5', 'LOGIN', 'PLAIN');
+ var $auth_methods = array();
+
+ /**
+ * Use SMTP command pipelining (specified in RFC 2920) if the SMTP
+ * server supports it.
+ *
+ * When pipeling is enabled, rcptTo(), mailFrom(), sendFrom(),
+ * somlFrom() and samlFrom() do not wait for a response from the
+ * SMTP server but return immediately.
+ *
+ * @var bool
+ * @access public
+ */
+ var $pipelining = false;
+
+ /**
+ * Number of pipelined commands.
+ * @var int
+ * @access private
+ */
+ var $_pipelined_commands = 0;
/**
* Should debugging output be enabled?
@@ -73,11 +90,33 @@
var $_debug = false;
/**
+ * Debug output handler.
+ * @var callback
+ * @access private
+ */
+ var $_debug_handler = null;
+
+ /**
* The socket resource being used to connect to the SMTP server.
* @var resource
* @access private
*/
var $_socket = null;
+
+ /**
+ * Array of socket options that will be passed to Net_Socket::connect().
+ * @see stream_context_create()
+ * @var array
+ * @access private
+ */
+ var $_socket_options = null;
+
+ /**
+ * The socket I/O timeout value in seconds.
+ * @var int
+ * @access private
+ */
+ var $_timeout = 0;
/**
* The most recent server response code.
@@ -92,6 +131,13 @@
* @access private
*/
var $_arguments = array();
+
+ /**
+ * Stores the SMTP server's greeting string.
+ * @var string
+ * @access private
+ */
+ var $_greeting = null;
/**
* Stores detected features of the SMTP server.
@@ -114,28 +160,54 @@
* @param string $host The server to connect to.
* @param integer $port The port to connect to.
* @param string $localhost The value to give when sending EHLO or HELO.
+ * @param boolean $pipeling Use SMTP command pipelining
+ * @param integer $timeout Socket I/O timeout in seconds.
+ * @param array $socket_options Socket stream_context_create() options.
*
* @access public
* @since 1.0
*/
- function Net_SMTP($host = null, $port = null, $localhost = null)
+ function Net_SMTP($host = null, $port = null, $localhost = null,
+ $pipelining = false, $timeout = 0, $socket_options = null)
{
- if (isset($host)) $this->host = $host;
- if (isset($port)) $this->port = $port;
- if (isset($localhost)) $this->localhost = $localhost;
-
- $this->_socket = &new Net_Socket();
-
- /*
- * Include the Auth_SASL package. If the package is not available,
- * we disable the authentication methods that depend upon it.
- */
- if ((@include_once 'Auth/SASL.php') === false) {
- $pos = array_search('DIGEST-MD5', $this->auth_methods);
- unset($this->auth_methods[$pos]);
- $pos = array_search('CRAM-MD5', $this->auth_methods);
- unset($this->auth_methods[$pos]);
+ if (isset($host)) {
+ $this->host = $host;
}
+ if (isset($port)) {
+ $this->port = $port;
+ }
+ if (isset($localhost)) {
+ $this->localhost = $localhost;
+ }
+ $this->pipelining = $pipelining;
+
+ $this->_socket = new Net_Socket();
+ $this->_socket_options = $socket_options;
+ $this->_timeout = $timeout;
+
+ /* Include the Auth_SASL package. If the package is available, we
+ * enable the authentication methods that depend upon it. */
+ if (@include_once 'Auth/SASL.php') {
+ $this->setAuthMethod('CRAM-MD5', array($this, '_authCram_MD5'));
+ $this->setAuthMethod('DIGEST-MD5', array($this, '_authDigest_MD5'));
+ }
+
+ /* These standard authentication methods are always available. */
+ $this->setAuthMethod('LOGIN', array($this, '_authLogin'), false);
+ $this->setAuthMethod('PLAIN', array($this, '_authPlain'), false);
+ }
+
+ /**
+ * Set the socket I/O timeout value in seconds plus microseconds.
+ *
+ * @param integer $seconds Timeout value in seconds.
+ * @param integer $microseconds Additional value in microseconds.
+ *
+ * @access public
+ * @since 1.5.0
+ */
+ function setTimeout($seconds, $microseconds = 0) {
+ return $this->_socket->setTimeout($seconds, $microseconds);
}
/**
@@ -146,9 +218,30 @@
* @access public
* @since 1.1.0
*/
- function setDebug($debug)
+ function setDebug($debug, $handler = null)
{
$this->_debug = $debug;
+ $this->_debug_handler = $handler;
+ }
+
+ /**
+ * Write the given debug text to the current debug output handler.
+ *
+ * @param string $message Debug mesage text.
+ *
+ * @access private
+ * @since 1.3.3
+ */
+ function _debug($message)
+ {
+ if ($this->_debug) {
+ if ($this->_debug_handler) {
+ call_user_func_array($this->_debug_handler,
+ array(&$this, $message));
+ } else {
+ echo "DEBUG: $message\n";
+ }
+ }
}
/**
@@ -156,23 +249,24 @@
*
* @param string $data The string of data to send.
*
- * @return mixed True on success or a PEAR_Error object on failure.
+ * @return mixed The number of bytes that were actually written,
+ * or a PEAR_Error object on failure.
*
* @access private
* @since 1.1.0
*/
function _send($data)
{
- if ($this->_debug) {
- echo "DEBUG: Send: $data\n";
+ $this->_debug("Send: $data");
+
+ $result = $this->_socket->write($data);
+ if (!$result || PEAR::isError($result)) {
+ $msg = ($result) ? $result->getMessage() : "unknown error";
+ return PEAR::raiseError("Failed to write to socket: $msg",
+ null, PEAR_ERROR_RETURN);
}
- if (PEAR::isError($error = $this->_socket->write($data))) {
- return PEAR::raiseError('Failed to write to socket: ' .
- $error->getMessage());
- }
-
- return true;
+ return $result;
}
/**
@@ -199,7 +293,8 @@
}
if (strcspn($command, "\r\n") !== strlen($command)) {
- return PEAR::raiseError('Commands cannot contain newlines');
+ return PEAR::raiseError('Commands cannot contain newlines',
+ null, PEAR_ERROR_RETURN);
}
return $this->_send($command . "\r\n");
@@ -212,6 +307,9 @@
* @param mixed $valid The set of valid response codes. These
* may be specified as an array of integer
* values or as a single integer value.
+ * @param bool $later Do not parse the response now, but wait
+ * until the last command in the pipelined
+ * command group
*
* @return mixed True if the server returned a valid response code or
* a PEAR_Error object is an error condition is reached.
@@ -221,55 +319,82 @@
*
* @see getResponse
*/
- function _parseResponse($valid)
+ function _parseResponse($valid, $later = false)
{
$this->_code = -1;
$this->_arguments = array();
- while ($line = $this->_socket->readLine()) {
- if ($this->_debug) {
- echo "DEBUG: Recv: $line\n";
- }
-
- /* If we receive an empty line, the connection has been closed. */
- if (empty($line)) {
- $this->disconnect();
- return PEAR::raiseError('Connection was unexpectedly closed');
- }
-
- /* Read the code and store the rest in the arguments array. */
- $code = substr($line, 0, 3);
- $this->_arguments[] = trim(substr($line, 4));
-
- /* Check the syntax of the response code. */
- if (is_numeric($code)) {
- $this->_code = (int)$code;
- } else {
- $this->_code = -1;
- break;
- }
-
- /* If this is not a multiline response, we're done. */
- if (substr($line, 3, 1) != '-') {
- break;
- }
- }
-
- /* Compare the server's response code with the valid code. */
- if (is_int($valid) && ($this->_code === $valid)) {
+ if ($later) {
+ $this->_pipelined_commands++;
return true;
}
- /* If we were given an array of valid response codes, check each one. */
- if (is_array($valid)) {
- foreach ($valid as $valid_code) {
- if ($this->_code === $valid_code) {
- return true;
+ for ($i = 0; $i <= $this->_pipelined_commands; $i++) {
+ while ($line = $this->_socket->readLine()) {
+ $this->_debug("Recv: $line");
+
+ /* If we receive an empty line, the connection was closed. */
+ if (empty($line)) {
+ $this->disconnect();
+ return PEAR::raiseError('Connection was closed',
+ null, PEAR_ERROR_RETURN);
+ }
+
+ /* Read the code and store the rest in the arguments array. */
+ $code = substr($line, 0, 3);
+ $this->_arguments[] = trim(substr($line, 4));
+
+ /* Check the syntax of the response code. */
+ if (is_numeric($code)) {
+ $this->_code = (int)$code;
+ } else {
+ $this->_code = -1;
+ break;
+ }
+
+ /* If this is not a multiline response, we're done. */
+ if (substr($line, 3, 1) != '-') {
+ break;
}
}
}
- return PEAR::raiseError('Invalid response code received from server');
+ $this->_pipelined_commands = 0;
+
+ /* Compare the server's response code with the valid code/codes. */
+ if (is_int($valid) && ($this->_code === $valid)) {
+ return true;
+ } elseif (is_array($valid) && in_array($this->_code, $valid, true)) {
+ return true;
+ }
+
+ return PEAR::raiseError('Invalid response code received from server',
+ $this->_code, PEAR_ERROR_RETURN);
+ }
+
+ /**
+ * Issue an SMTP command and verify its response.
+ *
+ * @param string $command The SMTP command string or data.
+ * @param mixed $valid The set of valid response codes. These
+ * may be specified as an array of integer
+ * values or as a single integer value.
+ *
+ * @return mixed True on success or a PEAR_Error object on failure.
+ *
+ * @access public
+ * @since 1.6.0
+ */
+ function command($command, $valid)
+ {
+ if (PEAR::isError($error = $this->_put($command))) {
+ return $error;
+ }
+ if (PEAR::isError($error = $this->_parseResponse($valid))) {
+ return $error;
+ }
+
+ return true;
}
/**
@@ -288,10 +413,24 @@
}
/**
+ * Return the SMTP server's greeting string.
+ *
+ * @return string A string containing the greeting string, or null if a
+ * greeting has not been received.
+ *
+ * @access public
+ * @since 1.3.3
+ */
+ function getGreeting()
+ {
+ return $this->_greeting;
+ }
+
+ /**
* Attempt to connect to the SMTP server.
*
* @param int $timeout The timeout value (in seconds) for the
- * socket connection.
+ * socket connection attempt.
* @param bool $persistent Should a persistent socket connection
* be used?
*
@@ -302,16 +441,34 @@
*/
function connect($timeout = null, $persistent = false)
{
+ $this->_greeting = null;
$result = $this->_socket->connect($this->host, $this->port,
- $persistent, $timeout);
+ $persistent, $timeout,
+ $this->_socket_options);
if (PEAR::isError($result)) {
return PEAR::raiseError('Failed to connect socket: ' .
$result->getMessage());
}
+ /*
+ * Now that we're connected, reset the socket's timeout value for
+ * future I/O operations. This allows us to have different socket
+ * timeout values for the initial connection (our $timeout parameter)
+ * and all other socket operations.
+ */
+ if ($this->_timeout > 0) {
+ if (PEAR::isError($error = $this->setTimeout($this->_timeout))) {
+ return $error;
+ }
+ }
+
if (PEAR::isError($error = $this->_parseResponse(220))) {
return $error;
}
+
+ /* Extract and store a copy of the server's greeting string. */
+ list(, $this->_greeting) = $this->getResponse();
+
if (PEAR::isError($error = $this->_negotiate())) {
return $error;
}
@@ -370,7 +527,8 @@
return $error;
}
if (PEAR::isError($this->_parseResponse(250))) {
- return PEAR::raiseError('HELO was not accepted: ', $this->_code);
+ return PEAR::raiseError('HELO was not accepted: ', $this->_code,
+ PEAR_ERROR_RETURN);
}
return true;
@@ -381,6 +539,10 @@
$arguments = substr($argument, strlen($verb) + 1,
strlen($argument) - strlen($verb) - 1);
$this->_esmtp[$verb] = $arguments;
+ }
+
+ if (!isset($this->_esmtp['PIPELINING'])) {
+ $this->pipelining = false;
}
return true;
@@ -400,13 +562,14 @@
{
$available_methods = explode(' ', $this->_esmtp['AUTH']);
- foreach ($this->auth_methods as $method) {
+ foreach ($this->auth_methods as $method => $callback) {
if (in_array($method, $available_methods)) {
return $method;
}
}
- return PEAR::raiseError('No supported authentication methods');
+ return PEAR::raiseError('No supported authentication methods',
+ null, PEAR_ERROR_RETURN);
}
/**
@@ -416,16 +579,45 @@
* @param string The password to authenticate with.
* @param string The requested authentication method. If none is
* specified, the best supported method will be used.
+ * @param bool Flag indicating whether or not TLS should be attempted.
+ * @param string An optional authorization identifier. If specified, this
+ * identifier will be used as the authorization proxy.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access public
* @since 1.0
*/
- function auth($uid, $pwd , $method = '')
+ function auth($uid, $pwd , $method = '', $tls = true, $authz = '')
{
+ /* We can only attempt a TLS connection if one has been requested,
+ * we're running PHP 5.1.0 or later, have access to the OpenSSL
+ * extension, are connected to an SMTP server which supports the
+ * STARTTLS extension, and aren't already connected over a secure
+ * (SSL) socket connection. */
+ if ($tls && version_compare(PHP_VERSION, '5.1.0', '>=') &&
+ extension_loaded('openssl') && isset($this->_esmtp['STARTTLS']) &&
+ strncasecmp($this->host, 'ssl://', 6) !== 0) {
+ /* Start the TLS connection attempt. */
+ if (PEAR::isError($result = $this->_put('STARTTLS'))) {
+ return $result;
+ }
+ if (PEAR::isError($result = $this->_parseResponse(220))) {
+ return $result;
+ }
+ if (PEAR::isError($result = $this->_socket->enableCrypto(true, STREAM_CRYPTO_METHOD_TLS_CLIENT))) {
+ return $result;
+ } elseif ($result !== true) {
+ return PEAR::raiseError('STARTTLS failed');
+ }
+
+ /* Send EHLO again to recieve the AUTH string from the
+ * SMTP server. */
+ $this->_negotiate();
+ }
+
if (empty($this->_esmtp['AUTH'])) {
- return PEAR::raiseError('SMTP server does no support authentication');
+ return PEAR::raiseError('SMTP server does not support authentication');
}
/* If no method has been specified, get the name of the best
@@ -437,28 +629,26 @@
}
} else {
$method = strtoupper($method);
- if (!in_array($method, $this->auth_methods)) {
+ if (!array_key_exists($method, $this->auth_methods)) {
return PEAR::raiseError("$method is not a supported authentication method");
}
}
- switch ($method) {
- case 'DIGEST-MD5':
- $result = $this->_authDigest_MD5($uid, $pwd);
- break;
- case 'CRAM-MD5':
- $result = $this->_authCRAM_MD5($uid, $pwd);
- break;
- case 'LOGIN':
- $result = $this->_authLogin($uid, $pwd);
- break;
- case 'PLAIN':
- $result = $this->_authPlain($uid, $pwd);
- break;
- default:
- $result = PEAR::raiseError("$method is not a supported authentication method");
- break;
+ if (!isset($this->auth_methods[$method])) {
+ return PEAR::raiseError("$method is not a supported authentication method");
}
+
+ if (!is_callable($this->auth_methods[$method], false)) {
+ return PEAR::raiseError("$method authentication method cannot be called");
+ }
+
+ if (is_array($this->auth_methods[$method])) {
+ list($object, $method) = $this->auth_methods[$method];
+ $result = $object->{$method}($uid, $pwd, $authz, $this);
+ } else {
+ $func = $this->auth_methods[$method];
+ $result = $func($uid, $pwd, $authz, $this);
+ }
/* If an error was encountered, return the PEAR_Error object. */
if (PEAR::isError($result)) {
@@ -469,17 +659,58 @@
}
/**
+ * Add a new authentication method.
+ *
+ * @param string The authentication method name (e.g. 'PLAIN')
+ * @param mixed The authentication callback (given as the name of a
+ * function or as an (object, method name) array).
+ * @param bool Should the new method be prepended to the list of
+ * available methods? This is the default behavior,
+ * giving the new method the highest priority.
+ *
+ * @return mixed True on success or a PEAR_Error object on failure.
+ *
+ * @access public
+ * @since 1.6.0
+ */
+ function setAuthMethod($name, $callback, $prepend = true)
+ {
+ if (!is_string($name)) {
+ return PEAR::raiseError('Method name is not a string');
+ }
+
+ if (!is_string($callback) && !is_array($callback)) {
+ return PEAR::raiseError('Method callback must be string or array');
+ }
+
+ if (is_array($callback)) {
+ if (!is_object($callback[0]) || !is_string($callback[1]))
+ return PEAR::raiseError('Bad mMethod callback array');
+ }
+
+ if ($prepend) {
+ $this->auth_methods = array_merge(array($name => $callback),
+ $this->auth_methods);
+ } else {
+ $this->auth_methods[$name] = $callback;
+ }
+
+ return true;
+ }
+
+ /**
* Authenticates the user using the DIGEST-MD5 method.
*
* @param string The userid to authenticate as.
* @param string The password to authenticate with.
+ * @param string The optional authorization proxy identifier.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access private
* @since 1.1.0
*/
- function _authDigest_MD5($uid, $pwd)
+ function _authDigest_MD5($uid, $pwd, $authz = '')
{
if (PEAR::isError($error = $this->_put('AUTH', 'DIGEST-MD5'))) {
return $error;
@@ -494,9 +725,10 @@
}
$challenge = base64_decode($this->_arguments[0]);
- $digest = &Auth_SASL::factory('digestmd5');
+ $digest = &Auth_SASL::factory('digest-md5');
$auth_str = base64_encode($digest->getResponse($uid, $pwd, $challenge,
- $this->host, "smtp"));
+ $this->host, "smtp",
+ $authz));
if (PEAR::isError($error = $this->_put($auth_str))) {
return $error;
@@ -509,7 +741,7 @@
/* We don't use the protocol's third step because SMTP doesn't
* allow subsequent authentication, so we just silently ignore
* it. */
- if (PEAR::isError($error = $this->_put(' '))) {
+ if (PEAR::isError($error = $this->_put(''))) {
return $error;
}
/* 235: Authentication successful */
@@ -523,13 +755,14 @@
*
* @param string The userid to authenticate as.
* @param string The password to authenticate with.
+ * @param string The optional authorization proxy identifier.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access private
* @since 1.1.0
*/
- function _authCRAM_MD5($uid, $pwd)
+ function _authCRAM_MD5($uid, $pwd, $authz = '')
{
if (PEAR::isError($error = $this->_put('AUTH', 'CRAM-MD5'))) {
return $error;
@@ -544,7 +777,7 @@
}
$challenge = base64_decode($this->_arguments[0]);
- $cram = &Auth_SASL::factory('crammd5');
+ $cram = &Auth_SASL::factory('cram-md5');
$auth_str = base64_encode($cram->getResponse($uid, $pwd, $challenge));
if (PEAR::isError($error = $this->_put($auth_str))) {
@@ -562,13 +795,14 @@
*
* @param string The userid to authenticate as.
* @param string The password to authenticate with.
+ * @param string The optional authorization proxy identifier.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access private
* @since 1.1.0
*/
- function _authLogin($uid, $pwd)
+ function _authLogin($uid, $pwd, $authz = '')
{
if (PEAR::isError($error = $this->_put('AUTH', 'LOGIN'))) {
return $error;
@@ -607,13 +841,14 @@
*
* @param string The userid to authenticate as.
* @param string The password to authenticate with.
+ * @param string The optional authorization proxy identifier.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access private
* @since 1.1.0
*/
- function _authPlain($uid, $pwd)
+ function _authPlain($uid, $pwd, $authz = '')
{
if (PEAR::isError($error = $this->_put('AUTH', 'PLAIN'))) {
return $error;
@@ -627,7 +862,7 @@
return $error;
}
- $auth_str = base64_encode(chr(0) . $uid . chr(0) . $pwd);
+ $auth_str = base64_encode($authz . chr(0) . $uid . chr(0) . $pwd);
if (PEAR::isError($error = $this->_put($auth_str))) {
return $error;
@@ -664,39 +899,58 @@
}
/**
+ * Return the list of SMTP service extensions advertised by the server.
+ *
+ * @return array The list of SMTP service extensions.
+ * @access public
+ * @since 1.3
+ */
+ function getServiceExtensions()
+ {
+ return $this->_esmtp;
+ }
+
+ /**
* Send the MAIL FROM: command.
*
- * @param string The sender (reverse path) to set.
+ * @param string $sender The sender (reverse path) to set.
+ * @param string $params String containing additional MAIL parameters,
+ * such as the NOTIFY flags defined by RFC 1891
+ * or the VERP protocol.
*
- * @param array optional arguments. Currently supported:
- * verp boolean or string. If true or string
- * verp is enabled. If string the characters
- * are considered verp separators.
+ * If $params is an array, only the 'verp' option
+ * is supported. If 'verp' is true, the XVERP
+ * parameter is appended to the MAIL command. If
+ * the 'verp' value is a string, the full
+ * XVERP=value parameter is appended.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access public
* @since 1.0
*/
- function mailFrom($sender, $args = array())
+ function mailFrom($sender, $params = null)
{
- $argstr = '';
+ $args = "FROM:<$sender>";
- if (isset($args['verp'])) {
+ /* Support the deprecated array form of $params. */
+ if (is_array($params) && isset($params['verp'])) {
/* XVERP */
- if ($args['verp'] === true) {
- $argstr .= ' XVERP';
+ if ($params['verp'] === true) {
+ $args .= ' XVERP';
/* XVERP=something */
- } elseif (trim($args['verp'])) {
- $argstr .= ' XVERP=' . $args['verp'];
+ } elseif (trim($params['verp'])) {
+ $args .= ' XVERP=' . $params['verp'];
}
+ } elseif (is_string($params) && !empty($params)) {
+ $args .= ' ' . $params;
}
- if (PEAR::isError($error = $this->_put('MAIL', "FROM:<$sender>$argstr"))) {
+ if (PEAR::isError($error = $this->_put('MAIL', $args))) {
return $error;
}
- if (PEAR::isError($error = $this->_parseResponse(250))) {
+ if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) {
return $error;
}
@@ -706,19 +960,27 @@
/**
* Send the RCPT TO: command.
*
- * @param string The recipient (forward path) to add.
+ * @param string $recipient The recipient (forward path) to add.
+ * @param string $params String containing additional RCPT parameters,
+ * such as the NOTIFY flags defined by RFC 1891.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
+ *
* @access public
* @since 1.0
*/
- function rcptTo($recipient)
+ function rcptTo($recipient, $params = null)
{
- if (PEAR::isError($error = $this->_put('RCPT', "TO:<$recipient>"))) {
+ $args = "TO:<$recipient>";
+ if (is_string($params)) {
+ $args .= ' ' . $params;
+ }
+
+ if (PEAR::isError($error = $this->_put('RCPT', $args))) {
return $error;
}
- if (PEAR::isError($error = $this->_parseResponse(array(250, 251)))) {
+ if (PEAR::isError($error = $this->_parseResponse(array(250, 251), $this->pipelining))) {
return $error;
}
@@ -740,43 +1002,60 @@
*/
function quotedata(&$data)
{
- /* Change Unix (\n) and Mac (\r) linefeeds into
- * Internet-standard CRLF (\r\n) linefeeds. */
- $data = preg_replace(array('/(?<!\r)\n/','/\r(?!\n)/'), "\r\n", $data);
-
/* Because a single leading period (.) signifies an end to the
- * data, legitimate leading periods need to be "doubled"
- * (e.g. '..'). */
- $data = str_replace("\n.", "\n..", $data);
+ * data, legitimate leading periods need to be "doubled" ('..'). */
+ $data = preg_replace('/^\./m', '..', $data);
+
+ /* Change Unix (\n) and Mac (\r) linefeeds into CRLF's (\r\n). */
+ $data = preg_replace('/(?:\r\n|\n|\r(?!\n))/', "\r\n", $data);
}
/**
* Send the DATA command.
*
- * @param string $data The message body to send.
+ * @param mixed $data The message data, either as a string or an open
+ * file resource.
+ * @param string $headers The message headers. If $headers is provided,
+ * $data is assumed to contain only body data.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access public
* @since 1.0
*/
- function data(&$data)
+ function data($data, $headers = null)
{
- /* RFC 1870, section 3, subsection 3 states "a value of zero
- * indicates that no fixed maximum message size is in force".
- * Furthermore, it says that if "the parameter is omitted no
- * information is conveyed about the server's fixed maximum
- * message size". */
- if (isset($this->_esmtp['SIZE']) && ($this->_esmtp['SIZE'] > 0)) {
- if (strlen($data) >= $this->_esmtp['SIZE']) {
- $this->disconnect();
- return PEAR::raiseError('Message size excedes the server limit');
- }
+ /* Verify that $data is a supported type. */
+ if (!is_string($data) && !is_resource($data)) {
+ return PEAR::raiseError('Expected a string or file resource');
}
- /* Quote the data based on the SMTP standards. */
- $this->quotedata($data);
+ /* Start by considering the size of the optional headers string. We
+ * also account for the addition 4 character "\r\n\r\n" separator
+ * sequence. */
+ $size = (is_null($headers)) ? 0 : strlen($headers) + 4;
+ if (is_resource($data)) {
+ $stat = fstat($data);
+ if ($stat === false) {
+ return PEAR::raiseError('Failed to get file size');
+ }
+ $size += $stat['size'];
+ } else {
+ $size += strlen($data);
+ }
+
+ /* RFC 1870, section 3, subsection 3 states "a value of zero indicates
+ * that no fixed maximum message size is in force". Furthermore, it
+ * says that if "the parameter is omitted no information is conveyed
+ * about the server's fixed maximum message size". */
+ $limit = (isset($this->_esmtp['SIZE'])) ? $this->_esmtp['SIZE'] : 0;
+ if ($limit > 0 && $size >= $limit) {
+ $this->disconnect();
+ return PEAR::raiseError('Message size exceeds server limit');
+ }
+
+ /* Initiate the DATA command. */
if (PEAR::isError($error = $this->_put('DATA'))) {
return $error;
}
@@ -784,11 +1063,78 @@
return $error;
}
- $data .= "\r\n.\r\n";
- if (PEAR::isError($result = $this->_send($data))) {
+ /* If we have a separate headers string, send it first. */
+ if (!is_null($headers)) {
+ $this->quotedata($headers);
+ if (PEAR::isError($result = $this->_send($headers . "\r\n\r\n"))) {
+ return $result;
+ }
+ }
+
+ /* Now we can send the message body data. */
+ if (is_resource($data)) {
+ /* Stream the contents of the file resource out over our socket
+ * connection, line by line. Each line must be run through the
+ * quoting routine. */
+ while (strlen($line = fread($data, 8192)) > 0) {
+ /* If the last character is an newline, we need to grab the
+ * next character to check to see if it is a period. */
+ while (!feof($data)) {
+ $char = fread($data, 1);
+ $line .= $char;
+ if ($char != "\n") {
+ break;
+ }
+ }
+ $this->quotedata($line);
+ if (PEAR::isError($result = $this->_send($line))) {
+ return $result;
+ }
+ }
+ } else {
+ /*
+ * Break up the data by sending one chunk (up to 512k) at a time.
+ * This approach reduces our peak memory usage.
+ */
+ for ($offset = 0; $offset < $size;) {
+ $end = $offset + 512000;
+
+ /*
+ * Ensure we don't read beyond our data size or span multiple
+ * lines. quotedata() can't properly handle character data
+ * that's split across two line break boundaries.
+ */
+ if ($end >= $size) {
+ $end = $size;
+ } else {
+ for (; $end < $size; $end++) {
+ if ($data[$end] != "\n") {
+ break;
+ }
+ }
+ }
+
+ /* Extract our chunk and run it through the quoting routine. */
+ $chunk = substr($data, $offset, $end - $offset);
+ $this->quotedata($chunk);
+
+ /* If we run into a problem along the way, abort. */
+ if (PEAR::isError($result = $this->_send($chunk))) {
+ return $result;
+ }
+
+ /* Advance the offset to the end of this chunk. */
+ $offset = $end;
+ }
+ }
+
+ /* Finally, send the DATA terminator sequence. */
+ if (PEAR::isError($result = $this->_send("\r\n.\r\n"))) {
return $result;
}
- if (PEAR::isError($error = $this->_parseResponse(250))) {
+
+ /* Verify that the data was successfully received by the server. */
+ if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) {
return $error;
}
@@ -810,7 +1156,7 @@
if (PEAR::isError($error = $this->_put('SEND', "FROM:<$path>"))) {
return $error;
}
- if (PEAR::isError($error = $this->_parseResponse(250))) {
+ if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) {
return $error;
}
@@ -849,7 +1195,7 @@
if (PEAR::isError($error = $this->_put('SOML', "FROM:<$path>"))) {
return $error;
}
- if (PEAR::isError($error = $this->_parseResponse(250))) {
+ if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) {
return $error;
}
@@ -888,7 +1234,7 @@
if (PEAR::isError($error = $this->_put('SAML', "FROM:<$path>"))) {
return $error;
}
- if (PEAR::isError($error = $this->_parseResponse(250))) {
+ if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) {
return $error;
}
@@ -925,7 +1271,7 @@
if (PEAR::isError($error = $this->_put('RSET'))) {
return $error;
}
- if (PEAR::isError($error = $this->_parseResponse(250))) {
+ if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) {
return $error;
}
--
Gitblit v1.9.1