extlibs updates: PEAR::Mail to 1.2.0, PEAR::Net_SMTP to 1.4.2 (need to go together as a pair)

PEAR::Mail updated to 1.2.0 from 1.1.4, fixes deprecation warnings on PHP 5.3, as well as:
1.2.0:
• QA release - stable.
• Updated minimum dependencies (Net_SMTP, PEAR, PHP)
• Doc Bug #15620 Licence change to BSD
• Bug #13659 Mail parse error in special condition
• Bug #16200 - Security hole allow to read/write Arbitrary File
_hasUnclosedQuotes() doesn't properly handle a double slash before an end quote (slusarz@curecanti.org, Bug #9137).
• Make sure Net_SMTP is defined when calling getSMTPObject() directly (slusarz@curecanti.org, Bug #13772).
• Add addServiceExtensionParameter() to the SMTP driver (slusarz@curecanti.org, Bug #13764).
• Add a method to obtain the Net_SMTP object from the SMTP driver (slusarz@curecanti.org, Bug #13766).

PEAR::Net_SMTP updated to 1.4.2 from 1.3.1, needed to support updated PEAR::Mail:
1.4.2:
• Fixing header string quoting in data(). (Bug #17199)
1.4.1:
• The auth() method now includes an optional $tls parameter that determines whether or not TLS should be attempted (if supported by the PHP runtime and the remote SMTP server). This parameter defaults to true. (Bug #16349)
• Header data can be specified separately from message body data by passing it as the optional second parameter to ``data()``. This is especially useful when an open file resource is being used to supply message data because it allows header fields (like *Subject:*) to be built dynamically at runtime. (Request #17012)
1.4.0:
• The data() method now accepts either a string or a file resource containing the message data. (Request #16962)
1.3.4:
• All Net_Socket write failures are now recognized. (Bug #16831)
1.3.3:
• Added getGreeting(), for retrieving the server's greeting string. (Request #16066) [needed for PEAR::Mail]
• We no longer attempt a TLS connection if we're already using a secure socket. (Bug #16254)
• You can now specify a debug output handler via setDebug(). (Request #16420)
1.3.2:
• TLS connection only gets started if no AUTH methods are sent. (Bug #14944)
This commit is contained in:
Brion Vibber 2010-05-03 16:49:59 -07:00
parent d55f606cf8
commit baae319aef
9 changed files with 481 additions and 197 deletions

82
extlib/Mail.php Normal file → Executable file
View File

@ -1,22 +1,47 @@
<?php <?php
// /**
// +----------------------------------------------------------------------+ * PEAR's Mail:: interface.
// | PHP Version 4 | *
// +----------------------------------------------------------------------+ * PHP versions 4 and 5
// | Copyright (c) 1997-2003 The PHP Group | *
// +----------------------------------------------------------------------+ * LICENSE:
// | This source file is subject to version 2.02 of the PHP license, | *
// | that is bundled with this package in the file LICENSE, and is | * Copyright (c) 2002-2007, Richard Heyes
// | available at through the world-wide-web at | * All rights reserved.
// | http://www.php.net/license/2_02.txt. | *
// | If you did not receive a copy of the PHP license and are unable to | * Redistribution and use in source and binary forms, with or without
// | obtain it through the world-wide-web, please send a note to | * modification, are permitted provided that the following conditions
// | license@php.net so we can mail you a copy immediately. | * are met:
// +----------------------------------------------------------------------+ *
// | Author: Chuck Hagenbuch <chuck@horde.org> | * o Redistributions of source code must retain the above copyright
// +----------------------------------------------------------------------+ * notice, this list of conditions and the following disclaimer.
// * o Redistributions in binary form must reproduce the above copyright
// $Id: Mail.php,v 1.17 2006/09/15 03:41:18 jon Exp $ * notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* o The names of the authors may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* @category Mail
* @package Mail
* @author Chuck Hagenbuch <chuck@horde.org>
* @copyright 1997-2010 Chuck Hagenbuch
* @license http://opensource.org/licenses/bsd-license.php New BSD License
* @version CVS: $Id: Mail.php 294747 2010-02-08 08:18:33Z clockwerx $
* @link http://pear.php.net/package/Mail/
*/
require_once 'PEAR.php'; require_once 'PEAR.php';
@ -26,7 +51,7 @@ require_once 'PEAR.php';
* useful in multiple mailer backends. * useful in multiple mailer backends.
* *
* @access public * @access public
* @version $Revision: 1.17 $ * @version $Revision: 294747 $
* @package Mail * @package Mail
*/ */
class Mail class Mail
@ -82,12 +107,20 @@ class Mail
* @return mixed Returns true on success, or a PEAR_Error * @return mixed Returns true on success, or a PEAR_Error
* containing a descriptive error message on * containing a descriptive error message on
* failure. * failure.
*
* @access public * @access public
* @deprecated use Mail_mail::send instead * @deprecated use Mail_mail::send instead
*/ */
function send($recipients, $headers, $body) function send($recipients, $headers, $body)
{ {
$this->_sanitizeHeaders($headers); if (!is_array($headers)) {
return PEAR::raiseError('$headers must be an array');
}
$result = $this->_sanitizeHeaders($headers);
if (is_a($result, 'PEAR_Error')) {
return $result;
}
// if we're passed an array of recipients, implode it. // if we're passed an array of recipients, implode it.
if (is_array($recipients)) { if (is_array($recipients)) {
@ -103,10 +136,9 @@ class Mail
} }
// flatten the headers out. // flatten the headers out.
list(,$text_headers) = Mail::prepareHeaders($headers); list(, $text_headers) = Mail::prepareHeaders($headers);
return mail($recipients, $subject, $body, $text_headers); return mail($recipients, $subject, $body, $text_headers);
} }
/** /**
@ -151,9 +183,9 @@ class Mail
foreach ($headers as $key => $value) { foreach ($headers as $key => $value) {
if (strcasecmp($key, 'From') === 0) { if (strcasecmp($key, 'From') === 0) {
include_once 'Mail/RFC822.php'; include_once 'Mail/RFC822.php';
$parser = &new Mail_RFC822(); $parser = new Mail_RFC822();
$addresses = $parser->parseAddressList($value, 'localhost', false); $addresses = $parser->parseAddressList($value, 'localhost', false);
if (PEAR::isError($addresses)) { if (is_a($addresses, 'PEAR_Error')) {
return $addresses; return $addresses;
} }
@ -221,7 +253,7 @@ class Mail
$addresses = Mail_RFC822::parseAddressList($recipients, 'localhost', false); $addresses = Mail_RFC822::parseAddressList($recipients, 'localhost', false);
// If parseAddressList() returned a PEAR_Error object, just return it. // If parseAddressList() returned a PEAR_Error object, just return it.
if (PEAR::isError($addresses)) { if (is_a($addresses, 'PEAR_Error')) {
return $addresses; return $addresses;
} }

83
extlib/Mail/RFC822.php Normal file → Executable file
View File

@ -1,37 +1,48 @@
<?php <?php
// +-----------------------------------------------------------------------+ /**
// | Copyright (c) 2001-2002, Richard Heyes | * RFC 822 Email address list validation Utility
// | All rights reserved. | *
// | | * PHP versions 4 and 5
// | Redistribution and use in source and binary forms, with or without | *
// | modification, are permitted provided that the following conditions | * LICENSE:
// | are met: | *
// | | * Copyright (c) 2001-2010, Richard Heyes
// | o Redistributions of source code must retain the above copyright | * All rights reserved.
// | notice, this list of conditions and the following disclaimer. | *
// | o Redistributions in binary form must reproduce the above copyright | * Redistribution and use in source and binary forms, with or without
// | notice, this list of conditions and the following disclaimer in the | * modification, are permitted provided that the following conditions
// | documentation and/or other materials provided with the distribution.| * are met:
// | o The names of the authors may not be used to endorse or promote | *
// | products derived from this software without specific prior written | * o Redistributions of source code must retain the above copyright
// | permission. | * notice, this list of conditions and the following disclaimer.
// | | * o Redistributions in binary form must reproduce the above copyright
// | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | * notice, this list of conditions and the following disclaimer in the
// | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | * documentation and/or other materials provided with the distribution.
// | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | * o The names of the authors may not be used to endorse or promote
// | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | * products derived from this software without specific prior written
// | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | * permission.
// | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | *
// | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// | | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
// +-----------------------------------------------------------------------+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
// | Authors: Richard Heyes <richard@phpguru.org> | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
// | Chuck Hagenbuch <chuck@horde.org> | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// +-----------------------------------------------------------------------+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* @category Mail
* @package Mail
* @author Richard Heyes <richard@phpguru.org>
* @author Chuck Hagenbuch <chuck@horde.org
* @copyright 2001-2010 Richard Heyes
* @license http://opensource.org/licenses/bsd-license.php New BSD License
* @version CVS: $Id: RFC822.php 294749 2010-02-08 08:22:25Z clockwerx $
* @link http://pear.php.net/package/Mail/
*/
/** /**
* RFC 822 Email address list validation Utility * RFC 822 Email address list validation Utility
@ -52,7 +63,7 @@
* *
* @author Richard Heyes <richard@phpguru.org> * @author Richard Heyes <richard@phpguru.org>
* @author Chuck Hagenbuch <chuck@horde.org> * @author Chuck Hagenbuch <chuck@horde.org>
* @version $Revision: 1.24 $ * @version $Revision: 294749 $
* @license BSD * @license BSD
* @package Mail * @package Mail
*/ */
@ -635,8 +646,8 @@ class Mail_RFC822 {
$comment = $this->_splitCheck($parts, ')'); $comment = $this->_splitCheck($parts, ')');
$comments[] = $comment; $comments[] = $comment;
// +1 is for the trailing ) // +2 is for the brackets
$_mailbox = substr($_mailbox, strpos($_mailbox, $comment)+strlen($comment)+1); $_mailbox = substr($_mailbox, strpos($_mailbox, '('.$comment)+strlen($comment)+2);
} else { } else {
break; break;
} }

63
extlib/Mail/mail.php Normal file → Executable file
View File

@ -1,27 +1,52 @@
<?php <?php
// /**
// +----------------------------------------------------------------------+ * internal PHP-mail() implementation of the PEAR Mail:: interface.
// | PHP Version 4 | *
// +----------------------------------------------------------------------+ * PHP versions 4 and 5
// | Copyright (c) 1997-2003 The PHP Group | *
// +----------------------------------------------------------------------+ * LICENSE:
// | This source file is subject to version 2.02 of the PHP license, | *
// | that is bundled with this package in the file LICENSE, and is | * Copyright (c) 2010 Chuck Hagenbuch
// | available at through the world-wide-web at | * All rights reserved.
// | http://www.php.net/license/2_02.txt. | *
// | If you did not receive a copy of the PHP license and are unable to | * Redistribution and use in source and binary forms, with or without
// | obtain it through the world-wide-web, please send a note to | * modification, are permitted provided that the following conditions
// | license@php.net so we can mail you a copy immediately. | * are met:
// +----------------------------------------------------------------------+ *
// | Author: Chuck Hagenbuch <chuck@horde.org> | * o Redistributions of source code must retain the above copyright
// +----------------------------------------------------------------------+ * notice, this list of conditions and the following disclaimer.
// * o Redistributions in binary form must reproduce the above copyright
// $Id: mail.php,v 1.20 2007/10/06 17:00:00 chagenbu Exp $ * notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* o The names of the authors may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* @category Mail
* @package Mail
* @author Chuck Hagenbuch <chuck@horde.org>
* @copyright 2010 Chuck Hagenbuch
* @license http://opensource.org/licenses/bsd-license.php New BSD License
* @version CVS: $Id: mail.php 294747 2010-02-08 08:18:33Z clockwerx $
* @link http://pear.php.net/package/Mail/
*/
/** /**
* internal PHP-mail() implementation of the PEAR Mail:: interface. * internal PHP-mail() implementation of the PEAR Mail:: interface.
* @package Mail * @package Mail
* @version $Revision: 1.20 $ * @version $Revision: 294747 $
*/ */
class Mail_mail extends Mail { class Mail_mail extends Mail {

64
extlib/Mail/mock.php Normal file → Executable file
View File

@ -1,29 +1,53 @@
<?php <?php
// /**
// +----------------------------------------------------------------------+ * Mock implementation
// | PHP Version 4 | *
// +----------------------------------------------------------------------+ * PHP versions 4 and 5
// | Copyright (c) 1997-2003 The PHP Group | *
// +----------------------------------------------------------------------+ * LICENSE:
// | This source file is subject to version 2.02 of the PHP license, | *
// | that is bundled with this package in the file LICENSE, and is | * Copyright (c) 2010 Chuck Hagenbuch
// | available at through the world-wide-web at | * All rights reserved.
// | http://www.php.net/license/2_02.txt. | *
// | If you did not receive a copy of the PHP license and are unable to | * Redistribution and use in source and binary forms, with or without
// | obtain it through the world-wide-web, please send a note to | * modification, are permitted provided that the following conditions
// | license@php.net so we can mail you a copy immediately. | * are met:
// +----------------------------------------------------------------------+ *
// | Author: Chuck Hagenbuch <chuck@horde.org> | * o Redistributions of source code must retain the above copyright
// +----------------------------------------------------------------------+ * notice, this list of conditions and the following disclaimer.
// * o Redistributions in binary form must reproduce the above copyright
// $Id: mock.php,v 1.1 2007/12/08 17:57:54 chagenbu Exp $ * notice, this list of conditions and the following disclaimer in the
// * documentation and/or other materials provided with the distribution.
* o The names of the authors may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* @category Mail
* @package Mail
* @author Chuck Hagenbuch <chuck@horde.org>
* @copyright 2010 Chuck Hagenbuch
* @license http://opensource.org/licenses/bsd-license.php New BSD License
* @version CVS: $Id: mock.php 294747 2010-02-08 08:18:33Z clockwerx $
* @link http://pear.php.net/package/Mail/
*/
/** /**
* Mock implementation of the PEAR Mail:: interface for testing. * Mock implementation of the PEAR Mail:: interface for testing.
* @access public * @access public
* @package Mail * @package Mail
* @version $Revision: 1.1 $ * @version $Revision: 294747 $
*/ */
class Mail_mock extends Mail { class Mail_mock extends Mail {

64
extlib/Mail/null.php Normal file → Executable file
View File

@ -1,29 +1,53 @@
<?php <?php
// /**
// +----------------------------------------------------------------------+ * Null implementation of the PEAR Mail interface
// | PHP Version 4 | *
// +----------------------------------------------------------------------+ * PHP versions 4 and 5
// | Copyright (c) 1997-2003 The PHP Group | *
// +----------------------------------------------------------------------+ * LICENSE:
// | This source file is subject to version 2.02 of the PHP license, | *
// | that is bundled with this package in the file LICENSE, and is | * Copyright (c) 2010 Phil Kernick
// | available at through the world-wide-web at | * All rights reserved.
// | http://www.php.net/license/2_02.txt. | *
// | If you did not receive a copy of the PHP license and are unable to | * Redistribution and use in source and binary forms, with or without
// | obtain it through the world-wide-web, please send a note to | * modification, are permitted provided that the following conditions
// | license@php.net so we can mail you a copy immediately. | * are met:
// +----------------------------------------------------------------------+ *
// | Author: Phil Kernick <philk@rotfl.com.au> | * o Redistributions of source code must retain the above copyright
// +----------------------------------------------------------------------+ * notice, this list of conditions and the following disclaimer.
// * o Redistributions in binary form must reproduce the above copyright
// $Id: null.php,v 1.2 2004/04/06 05:19:03 jon Exp $ * notice, this list of conditions and the following disclaimer in the
// * documentation and/or other materials provided with the distribution.
* o The names of the authors may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* @category Mail
* @package Mail
* @author Phil Kernick <philk@rotfl.com.au>
* @copyright 2010 Phil Kernick
* @license http://opensource.org/licenses/bsd-license.php New BSD License
* @version CVS: $Id: null.php 294747 2010-02-08 08:18:33Z clockwerx $
* @link http://pear.php.net/package/Mail/
*/
/** /**
* Null implementation of the PEAR Mail:: interface. * Null implementation of the PEAR Mail:: interface.
* @access public * @access public
* @package Mail * @package Mail
* @version $Revision: 1.2 $ * @version $Revision: 294747 $
*/ */
class Mail_null extends Mail { class Mail_null extends Mail {

7
extlib/Mail/sendmail.php Normal file → Executable file
View File

@ -20,7 +20,7 @@
* Sendmail implementation of the PEAR Mail:: interface. * Sendmail implementation of the PEAR Mail:: interface.
* @access public * @access public
* @package Mail * @package Mail
* @version $Revision: 1.19 $ * @version $Revision: 294744 $
*/ */
class Mail_sendmail extends Mail { class Mail_sendmail extends Mail {
@ -117,7 +117,7 @@ class Mail_sendmail extends Mail {
if (is_a($recipients, 'PEAR_Error')) { if (is_a($recipients, 'PEAR_Error')) {
return $recipients; return $recipients;
} }
$recipients = escapeShellCmd(implode(' ', $recipients)); $recipients = implode(' ', array_map('escapeshellarg', $recipients));
$headerElements = $this->prepareHeaders($headers); $headerElements = $this->prepareHeaders($headers);
if (is_a($headerElements, 'PEAR_Error')) { if (is_a($headerElements, 'PEAR_Error')) {
@ -141,7 +141,8 @@ class Mail_sendmail extends Mail {
return PEAR::raiseError('From address specified with dangerous characters.'); return PEAR::raiseError('From address specified with dangerous characters.');
} }
$from = escapeShellCmd($from); $from = escapeshellarg($from); // Security bug #16200
$mail = @popen($this->sendmail_path . (!empty($this->sendmail_args) ? ' ' . $this->sendmail_args : '') . " -f$from -- $recipients", 'w'); $mail = @popen($this->sendmail_path . (!empty($this->sendmail_args) ? ' ' . $this->sendmail_args : '') . " -f$from -- $recipients", 'w');
if (!$mail) { if (!$mail) {
return PEAR::raiseError('Failed to open sendmail [' . $this->sendmail_path . '] for execution.'); return PEAR::raiseError('Failed to open sendmail [' . $this->sendmail_path . '] for execution.');

73
extlib/Mail/smtp.php Normal file → Executable file
View File

@ -1,21 +1,48 @@
<?php <?php
// /**
// +----------------------------------------------------------------------+ * SMTP implementation of the PEAR Mail interface. Requires the Net_SMTP class.
// | PHP Version 4 | *
// +----------------------------------------------------------------------+ * PHP versions 4 and 5
// | Copyright (c) 1997-2003 The PHP Group | *
// +----------------------------------------------------------------------+ * LICENSE:
// | This source file is subject to version 2.02 of the PHP license, | *
// | that is bundled with this package in the file LICENSE, and is | * Copyright (c) 2010, Chuck Hagenbuch
// | available at through the world-wide-web at | * All rights reserved.
// | http://www.php.net/license/2_02.txt. | *
// | If you did not receive a copy of the PHP license and are unable to | * Redistribution and use in source and binary forms, with or without
// | obtain it through the world-wide-web, please send a note to | * modification, are permitted provided that the following conditions
// | license@php.net so we can mail you a copy immediately. | * are met:
// +----------------------------------------------------------------------+ *
// | Authors: Chuck Hagenbuch <chuck@horde.org> | * o Redistributions of source code must retain the above copyright
// | Jon Parise <jon@php.net> | * notice, this list of conditions and the following disclaimer.
// +----------------------------------------------------------------------+ * o Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* o The names of the authors may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* @category HTTP
* @package HTTP_Request
* @author Jon Parise <jon@php.net>
* @author Chuck Hagenbuch <chuck@horde.org>
* @copyright 2010 Chuck Hagenbuch
* @license http://opensource.org/licenses/bsd-license.php New BSD License
* @version CVS: $Id: smtp.php 294747 2010-02-08 08:18:33Z clockwerx $
* @link http://pear.php.net/package/Mail/
*/
/** Error: Failed to create a Net_SMTP object */ /** Error: Failed to create a Net_SMTP object */
define('PEAR_MAIL_SMTP_ERROR_CREATE', 10000); define('PEAR_MAIL_SMTP_ERROR_CREATE', 10000);
@ -42,7 +69,7 @@ define('PEAR_MAIL_SMTP_ERROR_DATA', 10006);
* SMTP implementation of the PEAR Mail interface. Requires the Net_SMTP class. * SMTP implementation of the PEAR Mail interface. Requires the Net_SMTP class.
* @access public * @access public
* @package Mail * @package Mail
* @version $Revision: 1.33 $ * @version $Revision: 294747 $
*/ */
class Mail_smtp extends Mail { class Mail_smtp extends Mail {
@ -278,6 +305,16 @@ class Mail_smtp extends Mail {
/* Send the message's headers and the body as SMTP data. */ /* Send the message's headers and the body as SMTP data. */
$res = $this->_smtp->data($textHeaders . "\r\n\r\n" . $body); $res = $this->_smtp->data($textHeaders . "\r\n\r\n" . $body);
list(,$args) = $this->_smtp->getResponse();
if (preg_match("/Ok: queued as (.*)/", $args, $queued)) {
$this->queued_as = $queued[1];
}
/* we need the greeting; from it we can extract the authorative name of the mail server we've really connected to.
* ideal if we're connecting to a round-robin of relay servers and need to track which exact one took the email */
$this->greeting = $this->_smtp->getGreeting();
if (is_a($res, 'PEAR_Error')) { if (is_a($res, 'PEAR_Error')) {
$error = $this->_error('Failed to send data', $res); $error = $this->_error('Failed to send data', $res);
$this->_smtp->rset(); $this->_smtp->rset();

44
extlib/Mail/smtpmx.php Normal file → Executable file
View File

@ -8,19 +8,43 @@
* *
* PHP versions 4 and 5 * PHP versions 4 and 5
* *
* LICENSE: This source file is subject to version 3.0 of the PHP license * LICENSE:
* that is available through the world-wide-web at the following URI: *
* http://www.php.net/license/3_0.txt. If you did not receive a copy of * Copyright (c) 2010, gERD Schaufelberger
* the PHP License and are unable to obtain it through the web, please * All rights reserved.
* send a note to license@php.net so we can mail you a copy immediately. *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* o Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* o Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* o The names of the authors may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* *
* @category Mail * @category Mail
* @package Mail_smtpmx * @package Mail_smtpmx
* @author gERD Schaufelberger <gerd@php-tools.net> * @author gERD Schaufelberger <gerd@php-tools.net>
* @copyright 1997-2005 The PHP Group * @copyright 2010 gERD Schaufelberger
* @license http://www.php.net/license/3_0.txt PHP License 3.0 * @license http://opensource.org/licenses/bsd-license.php New BSD License
* @version CVS: $Id: smtpmx.php,v 1.2 2007/10/06 17:00:00 chagenbu Exp $ * @version CVS: $Id: smtpmx.php 294747 2010-02-08 08:18:33Z clockwerx $
* @see Mail * @link http://pear.php.net/package/Mail/
*/ */
require_once 'Net/SMTP.php'; require_once 'Net/SMTP.php';
@ -32,7 +56,7 @@ require_once 'Net/SMTP.php';
* @access public * @access public
* @author gERD Schaufelberger <gerd@php-tools.net> * @author gERD Schaufelberger <gerd@php-tools.net>
* @package Mail * @package Mail
* @version $Revision: 1.2 $ * @version $Revision: 294747 $
*/ */
class Mail_smtpmx extends Mail { class Mail_smtpmx extends Mail {

View File

@ -18,7 +18,7 @@
// | Damian Alejandro Fernandez Sosa <damlists@cnba.uba.ar> | // | Damian Alejandro Fernandez Sosa <damlists@cnba.uba.ar> |
// +----------------------------------------------------------------------+ // +----------------------------------------------------------------------+
// //
// $Id: SMTP.php,v 1.63 2008/06/10 05:39:12 jon Exp $ // $Id: SMTP.php 293948 2010-01-24 21:46:00Z jon $
require_once 'PEAR.php'; require_once 'PEAR.php';
require_once 'Net/Socket.php'; require_once 'Net/Socket.php';
@ -91,6 +91,13 @@ class Net_SMTP
*/ */
var $_debug = false; var $_debug = false;
/**
* Debug output handler.
* @var callback
* @access private
*/
var $_debug_handler = null;
/** /**
* The socket resource being used to connect to the SMTP server. * The socket resource being used to connect to the SMTP server.
* @var resource * @var resource
@ -112,6 +119,13 @@ class Net_SMTP
*/ */
var $_arguments = array(); var $_arguments = array();
/**
* Stores the SMTP server's greeting string.
* @var string
* @access private
*/
var $_greeting = null;
/** /**
* Stores detected features of the SMTP server. * Stores detected features of the SMTP server.
* @var array * @var array
@ -172,9 +186,30 @@ class Net_SMTP
* @access public * @access public
* @since 1.1.0 * @since 1.1.0
*/ */
function setDebug($debug) function setDebug($debug, $handler = null)
{ {
$this->_debug = $debug; $this->_debug = $debug;
$this->_debug_handler = $handler;
}
/**
* Write the given debug text to the current debug output handler.
*
* @param string $message Debug mesage text.
*
* @access private
* @since 1.3.3
*/
function _debug($message)
{
if ($this->_debug) {
if ($this->_debug_handler) {
call_user_func_array($this->_debug_handler,
array(&$this, $message));
} else {
echo "DEBUG: $message\n";
}
}
} }
/** /**
@ -189,13 +224,12 @@ class Net_SMTP
*/ */
function _send($data) function _send($data)
{ {
if ($this->_debug) { $this->_debug("Send: $data");
echo "DEBUG: Send: $data\n";
}
if (PEAR::isError($error = $this->_socket->write($data))) { $error = $this->_socket->write($data);
return PEAR::raiseError('Failed to write to socket: ' . if ($error === false || PEAR::isError($error)) {
$error->getMessage()); $msg = ($error) ? $error->getMessage() : "unknown error";
return PEAR::raiseError("Failed to write to socket: $msg");
} }
return true; return true;
@ -262,9 +296,7 @@ class Net_SMTP
for ($i = 0; $i <= $this->_pipelined_commands; $i++) { for ($i = 0; $i <= $this->_pipelined_commands; $i++) {
while ($line = $this->_socket->readLine()) { while ($line = $this->_socket->readLine()) {
if ($this->_debug) { $this->_debug("Recv: $line");
echo "DEBUG: Recv: $line\n";
}
/* If we receive an empty line, the connection has been closed. */ /* If we receive an empty line, the connection has been closed. */
if (empty($line)) { if (empty($line)) {
@ -319,6 +351,20 @@ class Net_SMTP
return array($this->_code, join("\n", $this->_arguments)); return array($this->_code, join("\n", $this->_arguments));
} }
/**
* Return the SMTP server's greeting string.
*
* @return string A string containing the greeting string, or null if a
* greeting has not been received.
*
* @access public
* @since 1.3.3
*/
function getGreeting()
{
return $this->_greeting;
}
/** /**
* Attempt to connect to the SMTP server. * Attempt to connect to the SMTP server.
* *
@ -334,6 +380,7 @@ class Net_SMTP
*/ */
function connect($timeout = null, $persistent = false) function connect($timeout = null, $persistent = false)
{ {
$this->_greeting = null;
$result = $this->_socket->connect($this->host, $this->port, $result = $this->_socket->connect($this->host, $this->port,
$persistent, $timeout); $persistent, $timeout);
if (PEAR::isError($result)) { if (PEAR::isError($result)) {
@ -344,6 +391,10 @@ class Net_SMTP
if (PEAR::isError($error = $this->_parseResponse(220))) { if (PEAR::isError($error = $this->_parseResponse(220))) {
return $error; return $error;
} }
/* Extract and store a copy of the server's greeting string. */
list(, $this->_greeting) = $this->getResponse();
if (PEAR::isError($error = $this->_negotiate())) { if (PEAR::isError($error = $this->_negotiate())) {
return $error; return $error;
} }
@ -452,40 +503,43 @@ class Net_SMTP
* @param string The password to authenticate with. * @param string The password to authenticate with.
* @param string The requested authentication method. If none is * @param string The requested authentication method. If none is
* specified, the best supported method will be used. * specified, the best supported method will be used.
* @param bool Flag indicating whether or not TLS should be attempted.
* *
* @return mixed Returns a PEAR_Error with an error message on any * @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success. * kind of failure, or true on success.
* @access public * @access public
* @since 1.0 * @since 1.0
*/ */
function auth($uid, $pwd , $method = '') function auth($uid, $pwd , $method = '', $tls = true)
{ {
if (empty($this->_esmtp['AUTH'])) { /* We can only attempt a TLS connection if one has been requested,
if (version_compare(PHP_VERSION, '5.1.0', '>=')) { * we're running PHP 5.1.0 or later, have access to the OpenSSL
if (!isset($this->_esmtp['STARTTLS'])) { * extension, are connected to an SMTP server which supports the
return PEAR::raiseError('SMTP server does not support authentication'); * STARTTLS extension, and aren't already connected over a secure
} * (SSL) socket connection. */
if (PEAR::isError($result = $this->_put('STARTTLS'))) { if ($tls && version_compare(PHP_VERSION, '5.1.0', '>=') &&
return $result; extension_loaded('openssl') && isset($this->_esmtp['STARTTLS']) &&
} strncasecmp($this->host, 'ssl://', 6) !== 0) {
if (PEAR::isError($result = $this->_parseResponse(220))) { /* Start the TLS connection attempt. */
return $result; if (PEAR::isError($result = $this->_put('STARTTLS'))) {
} return $result;
if (PEAR::isError($result = $this->_socket->enableCrypto(true, STREAM_CRYPTO_METHOD_TLS_CLIENT))) {
return $result;
} elseif ($result !== true) {
return PEAR::raiseError('STARTTLS failed');
}
/* Send EHLO again to recieve the AUTH string from the
* SMTP server. */
$this->_negotiate();
if (empty($this->_esmtp['AUTH'])) {
return PEAR::raiseError('SMTP server does not support authentication');
}
} else {
return PEAR::raiseError('SMTP server does not support authentication');
} }
if (PEAR::isError($result = $this->_parseResponse(220))) {
return $result;
}
if (PEAR::isError($result = $this->_socket->enableCrypto(true, STREAM_CRYPTO_METHOD_TLS_CLIENT))) {
return $result;
} elseif ($result !== true) {
return PEAR::raiseError('STARTTLS failed');
}
/* Send EHLO again to recieve the AUTH string from the
* SMTP server. */
$this->_negotiate();
}
if (empty($this->_esmtp['AUTH'])) {
return PEAR::raiseError('SMTP server does not support authentication');
} }
/* If no method has been specified, get the name of the best /* If no method has been specified, get the name of the best
@ -844,30 +898,51 @@ class Net_SMTP
/** /**
* Send the DATA command. * Send the DATA command.
* *
* @param string $data The message body to send. * @param mixed $data The message data, either as a string or an open
* file resource.
* @param string $headers The message headers. If $headers is provided,
* $data is assumed to contain only body data.
* *
* @return mixed Returns a PEAR_Error with an error message on any * @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success. * kind of failure, or true on success.
* @access public * @access public
* @since 1.0 * @since 1.0
*/ */
function data($data) function data($data, $headers = null)
{ {
/* Verify that $data is a supported type. */
if (!is_string($data) && !is_resource($data)) {
return PEAR::raiseError('Expected a string or file resource');
}
/* RFC 1870, section 3, subsection 3 states "a value of zero /* RFC 1870, section 3, subsection 3 states "a value of zero
* indicates that no fixed maximum message size is in force". * indicates that no fixed maximum message size is in force".
* Furthermore, it says that if "the parameter is omitted no * Furthermore, it says that if "the parameter is omitted no
* information is conveyed about the server's fixed maximum * information is conveyed about the server's fixed maximum
* message size". */ * message size". */
if (isset($this->_esmtp['SIZE']) && ($this->_esmtp['SIZE'] > 0)) { if (isset($this->_esmtp['SIZE']) && ($this->_esmtp['SIZE'] > 0)) {
if (strlen($data) >= $this->_esmtp['SIZE']) { /* Start by considering the size of the optional headers string.
* We also account for the addition 4 character "\r\n\r\n"
* separator sequence. */
$size = (is_null($headers)) ? 0 : strlen($headers) + 4;
if (is_resource($data)) {
$stat = fstat($data);
if ($stat === false) {
return PEAR::raiseError('Failed to get file size');
}
$size += $stat['size'];
} else {
$size += strlen($data);
}
if ($size >= $this->_esmtp['SIZE']) {
$this->disconnect(); $this->disconnect();
return PEAR::raiseError('Message size excedes the server limit'); return PEAR::raiseError('Message size exceeds server limit');
} }
} }
/* Quote the data based on the SMTP standards. */ /* Initiate the DATA command. */
$this->quotedata($data);
if (PEAR::isError($error = $this->_put('DATA'))) { if (PEAR::isError($error = $this->_put('DATA'))) {
return $error; return $error;
} }
@ -875,9 +950,40 @@ class Net_SMTP
return $error; return $error;
} }
if (PEAR::isError($result = $this->_send($data . "\r\n.\r\n"))) { /* If we have a separate headers string, send it first. */
return $result; if (!is_null($headers)) {
$this->quotedata($headers);
if (PEAR::isError($result = $this->_send($headers . "\r\n\r\n"))) {
return $result;
}
} }
/* Now we can send the message body data. */
if (is_resource($data)) {
/* Stream the contents of the file resource out over our socket
* connection, line by line. Each line must be run through the
* quoting routine. */
while ($line = fgets($data, 1024)) {
$this->quotedata($line);
if (PEAR::isError($result = $this->_send($line))) {
return $result;
}
}
/* Finally, send the DATA terminator sequence. */
if (PEAR::isError($result = $this->_send("\r\n.\r\n"))) {
return $result;
}
} else {
/* Just send the entire quoted string followed by the DATA
* terminator. */
$this->quotedata($data);
if (PEAR::isError($result = $this->_send($data . "\r\n.\r\n"))) {
return $result;
}
}
/* Verify that the data was successfully received by the server. */
if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) { if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) {
return $error; return $error;
} }