Changeset 5485 in subversion

Timestamp:

Nov 24, 2011 5:54:59 AM (18 months ago)

Author:

alec

Message:

• Add possibility to add SASL mechanisms for SMTP in smtp_connect hook (#1487937)

Location:

trunk/roundcubemail

Files:

• CHANGELOG (modified) (1 diff)
• program/include/rcube_smtp.php (modified) (3 diffs)
• program/lib/Net/SMTP.php (modified) (16 diffs)

trunk/roundcubemail/CHANGELOG

@@ -2 +2 @@
 ===========================
 
+- Add possibility to add SASL mechanisms for SMTP in smtp_connect hook (#1487937)
 - Mark (with different color) folders with recent messages (#1486234)
 - Fix possible infinite redirect on attachment preview (#1488199)

trunk/roundcubemail/program/include/rcube_smtp.php

@@ -51 +51 @@
   {
     $RCMAIL = rcmail::get_instance();
-  
+
     // disconnect/destroy $this->conn
     $this->disconnect();
-    
+
     // reset error/response var
     $this->error = $this->response = null;
-  
+
     // let plugins alter smtp connection config
     $CONFIG = $RCMAIL->plugins->exec_hook('smtp_connect', array(
@@ -69 +69 @@
       'smtp_helo_host' => $RCMAIL->config->get('smtp_helo_host'),
       'smtp_timeout'   => $RCMAIL->config->get('smtp_timeout'),
+      'smtp_auth_callbacks' => array(),
     ));
 
@@ -108 +109 @@
     if ($RCMAIL->config->get('smtp_debug'))
       $this->conn->setDebug(true, array($this, 'debug_handler'));
+
+    // register authentication methods
+    if (!empty($CONFIG['smtp_auth_callbacks']) && method_exists($this->conn, 'setAuthMethod')) {
+      foreach ($CONFIG['smtp_auth_callbacks'] as $callback) {
+        $this->conn->setAuthMethod($callback['name'], $callback['function'],
+          isset($callback['prepend']) ? $callback['prepend'] : true);
+      }
+    }
 
     // try to connect to server and exit on failure

trunk/roundcubemail/program/lib/Net/SMTP.php

@@ -63 +63 @@
      * @access public
      */
-    var $auth_methods = array('DIGEST-MD5', 'CRAM-MD5', 'LOGIN', 'PLAIN');
+    var $auth_methods = array();
 
     /**
@@ -188 +188 @@
         $this->_timeout = $timeout;
 
-        /* Include the Auth_SASL package.  If the package is not
-         * available, we disable the authentication methods that
-         * depend upon it. */
-        if ((@include_once 'Auth/SASL.php') === false) {
-            $pos = array_search('DIGEST-MD5', $this->auth_methods);
-            unset($this->auth_methods[$pos]);
-            $pos = array_search('CRAM-MD5', $this->auth_methods);
-            unset($this->auth_methods[$pos]);
-        }
+        /* Include the Auth_SASL package.  If the package is available, we 
+         * enable the authentication methods that depend upon it. */
+        if ((@include_once 'Auth/SASL.php') === true) {
+            $this->setAuthMethod('CRAM-MD5', array($this, '_authCram_MD5'));
+            $this->setAuthMethod('DIGEST-MD5', array($this, '_authDigest_MD5'));
+        }
+
+        /* These standard authentication methods are always available. */
+        $this->setAuthMethod('LOGIN', array($this, '_authLogin'), false);
+        $this->setAuthMethod('PLAIN', array($this, '_authPlain'), false);
     }
 
@@ -251 +252 @@
      * @param   string  $data       The string of data to send.
      *
-     * @return  mixed   True on success or a PEAR_Error object on failure.
+     * @return  mixed   The number of bytes that were actually written,
+     *                  or a PEAR_Error object on failure.
      *
      * @access  private
@@ -260 +262 @@
         $this->_debug("Send: $data");
 
-        $error = $this->_socket->write($data);
-        if ($error === false || PEAR::isError($error)) {
-            $msg = ($error) ? $error->getMessage() : "unknown error";
-            return PEAR::raiseError("Failed to write to socket: $msg");
-        }
-
-        return true;
+        $result = $this->_socket->write($data);
+        if (!$result || PEAR::isError($result)) {
+            $msg = ($result) ? $result->getMessage() : "unknown error";
+            return PEAR::raiseError("Failed to write to socket: $msg",
+                                    null, PEAR_ERROR_RETURN);
+        }
+
+        return $result;
     }
 
@@ -293 +296 @@
 
         if (strcspn($command, "\r\n") !== strlen($command)) {
-            return PEAR::raiseError('Commands cannot contain newlines');
+            return PEAR::raiseError('Commands cannot contain newlines',
+                                    null, PEAR_ERROR_RETURN);
         }
 
@@ -332 +336 @@
                 $this->_debug("Recv: $line");
 
-                /* If we receive an empty line, the connection has been closed. */
+                /* If we receive an empty line, the connection was closed. */
                 if (empty($line)) {
                     $this->disconnect();
-                    return PEAR::raiseError('Connection was unexpectedly closed');
+                    return PEAR::raiseError('Connection was closed',
+                                            null, PEAR_ERROR_RETURN);
                 }
 
@@ -367 +372 @@
 
         return PEAR::raiseError('Invalid response code received from server',
-                                $this->_code);
+                                $this->_code, PEAR_ERROR_RETURN);
+    }
+
+    /**
+     * Issue an SMTP command and verify its response.
+     *
+     * @param   string  $command    The SMTP command string or data.
+     * @param   mixed   $valid      The set of valid response codes.  These
+     *                              may be specified as an array of integer
+     *                              values or as a single integer value.
+     *
+     * @return  mixed   True on success or a PEAR_Error object on failure.
+     *
+     * @access  public
+     * @since   1.6.0
+     */
+    function command($command, $valid)
+    {
+        if (PEAR::isError($error = $this->_put($command))) {
+            return $error;
+        }
+        if (PEAR::isError($error = $this->_parseResponse($valid))) {
+            return $error;
+        }
+
+        return true;
     }
 
@@ -500 +530 @@
             }
             if (PEAR::isError($this->_parseResponse(250))) {
-                return PEAR::raiseError('HELO was not accepted: ', $this->_code);
+                return PEAR::raiseError('HELO was not accepted: ', $this->_code,
+                                        PEAR_ERROR_RETURN);
             }
 
@@ -534 +565 @@
         $available_methods = explode(' ', $this->_esmtp['AUTH']);
 
-        foreach ($this->auth_methods as $method) {
+        foreach ($this->auth_methods as $method => $callback) {
             if (in_array($method, $available_methods)) {
                 return $method;
@@ -540 +571 @@
         }
 
-        return PEAR::raiseError('No supported authentication methods');
+        return PEAR::raiseError('No supported authentication methods',
+                                null, PEAR_ERROR_RETURN);
     }
 
@@ -600 +632 @@
         } else {
             $method = strtoupper($method);
-            if (!in_array($method, $this->auth_methods)) {
+            if (!array_key_exists($method, $this->auth_methods)) {
                 return PEAR::raiseError("$method is not a supported authentication method");
             }
         }
 
-        switch ($method) {
-        case 'DIGEST-MD5':
-            $result = $this->_authDigest_MD5($uid, $pwd, $authz);
-            break;
-
-        case 'CRAM-MD5':
-            $result = $this->_authCRAM_MD5($uid, $pwd);
-            break;
-
-        case 'LOGIN':
-            $result = $this->_authLogin($uid, $pwd);
-            break;
-
-        case 'PLAIN':
-            $result = $this->_authPlain($uid, $pwd, $authz);
-            break;
-
-        default:
-            $result = PEAR::raiseError("$method is not a supported authentication method");
-            break;
-        }
+        if (!isset($this->auth_methods[$method])) {
+            return PEAR::raiseError("$method is not a supported authentication method");
+        }
+
+        if (!is_callable($this->auth_methods[$method], false)) {
+            return PEAR::raiseError("$method authentication method cannot be called");
+        }
+
+        if (is_array($this->auth_methods[$method])) {
+            list($object, $method) = $this->auth_methods[$method];
+            $result = $object->{$method}($uid, $pwd, $authz, $this);
+        } else {
+            $func =  $this->auth_methods[$method];
+            $result = $func($uid, $pwd, $authz, $this);
+         }
 
         /* If an error was encountered, return the PEAR_Error object. */
         if (PEAR::isError($result)) {
             return $result;
+        }
+
+        return true;
+    }
+
+    /**
+     * Add a new authentication method.
+     *
+     * @param string    The authentication method name (e.g. 'PLAIN')
+     * @param mixed     The authentication callback (given as the name of a 
+     *                  function or as an (object, method name) array).
+     * @param bool      Should the new method be prepended to the list of 
+     *                  available methods?  This is the default behavior, 
+     *                  giving the new method the highest priority.
+     *
+     * @return  mixed   True on success or a PEAR_Error object on failure.
+     *
+     * @access public
+     * @since  1.6.0
+     */
+    function setAuthMethod($name, $callback, $prepend = true)
+    {
+        if (!is_string($name)) {
+            return PEAR::raiseError('Method name is not a string');
+        }
+
+        if (!is_string($callback) && !is_array($callback)) {
+            return PEAR::raiseError('Method callback must be string or array');
+        }
+
+        if (is_array($callback)) {
+            if (!is_object($callback[0]) || !is_string($callback[1]))
+                return PEAR::raiseError('Bad mMethod callback array');
+        }
+
+        if ($prepend) {
+            $this->auth_methods = array_merge(array($name => $callback),
+                                              $this->auth_methods);
+        } else {
+            $this->auth_methods[$name] = $callback;
         }
 
@@ -692 +758 @@
      * @param string The userid to authenticate as.
      * @param string The password to authenticate with.
+     * @param string The optional authorization proxy identifier.
      *
      * @return mixed Returns a PEAR_Error with an error message on any
@@ -698 +765 @@
      * @since  1.1.0
      */
-    function _authCRAM_MD5($uid, $pwd)
+    function _authCRAM_MD5($uid, $pwd, $authz = '')
     {
         if (PEAR::isError($error = $this->_put('AUTH', 'CRAM-MD5'))) {
@@ -731 +798 @@
      * @param string The userid to authenticate as.
      * @param string The password to authenticate with.
+     * @param string The optional authorization proxy identifier.
      *
      * @return mixed Returns a PEAR_Error with an error message on any
@@ -737 +805 @@
      * @since  1.1.0
      */
-    function _authLogin($uid, $pwd)
+    function _authLogin($uid, $pwd, $authz = '')
     {
         if (PEAR::isError($error = $this->_put('AUTH', 'LOGIN'))) {
@@ -1013 +1081 @@
              * connection, line by line.  Each line must be run through the 
              * quoting routine. */
-            while ($line = fgets($data, 1024)) {
+            while (strlen($line = fread($data, 8192)) > 0) {
+                /* If the last character is an newline, we need to grab the
+                 * next character to check to see if it is a period. */
+                while (!feof($data)) {
+                    $char = fread($data, 1);
+                    $line .= $char;
+                    if ($char != "\n") {
+                        break;
+                    }
+                }
                 $this->quotedata($line);
                 if (PEAR::isError($result = $this->_send($line))) {