Happy New Year

[squirrelmail.git] / class / deliver / Deliver_SMTP.class.php

diff --git a/class/deliver/Deliver_SMTP.class.php b/class/deliver/Deliver_SMTP.class.php
index ac3db6a7b687acde28f5c5795a0670f19a199f74..a9fc3687eae831cc4a438b2bff5c25c8f1720299 100644 (file)
--- a/class/deliver/Deliver_SMTP.class.php
+++ b/class/deliver/Deliver_SMTP.class.php
@@ -5,7 +5,7 @@
  *
  * SMTP delivery backend for the Deliver class.
  *
- * @copyright 1999-2011 The SquirrelMail Project Team
+ * @copyright 1999-2020 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
@@ -62,7 +62,7 @@ class Deliver_SMTP extends Deliver {
         }
     }
 
-    function initStream($message, $domain, $length=0, $host='', $port='', $user='', $pass='', $authpop=false, $pop_host='') {
+    function initStream($message, $domain, $length=0, $host='', $port='', $user='', $pass='', $authpop=false, $pop_host='', $stream_options=array()) {
         global $use_smtp_tls,$smtp_auth_mech;
 
         if ($authpop) {
@@ -90,9 +90,23 @@ class Deliver_SMTP extends Deliver {
             $from->mailbox = '';
         }
 
+        // NB: Using "ssl://" ensures the highest possible TLS version
+        // will be negotiated with the server (whereas "tls://" only
+        // uses TLS version 1.0)
+        //
         if ($use_smtp_tls == 1) {
             if ((check_php_version(4,3)) && (extension_loaded('openssl'))) {
-                $stream = @fsockopen('tls://' . $host, $port, $errorNumber, $errorString);
+                if (function_exists('stream_socket_client')) {
+                    $server_address = 'ssl://' . $host . ':' . $port;
+                    $ssl_context = @stream_context_create($stream_options);
+                    $connect_timeout = ini_get('default_socket_timeout');
+                    // null timeout is broken
+                    if ($connect_timeout == 0)
+                        $connect_timeout = 30;
+                    $stream = @stream_socket_client($server_address, $errorNumber, $errorString, $connect_timeout, STREAM_CLIENT_CONNECT, $ssl_context);
+                } else {
+                    $stream = @fsockopen('ssl://' . $host, $port, $errorNumber, $errorString);
+                }
                 $this->tls_enabled = true;
             } else {
                 /**
@@ -140,6 +154,9 @@ class Deliver_SMTP extends Deliver {
         if (preg_match('/^\d+\.\d+\.\d+\.\d+$/', $helohost))
             $helohost = '[' . $helohost . ']';
 
+        $hook_result = do_hook('smtp_helo_override', $helohost);
+        if (!empty($hook_result)) $helohost = $hook_result;
+
         /* Lets introduce ourselves */
         fputs($stream, "EHLO $helohost\r\n");
         // Read ehlo response
@@ -212,6 +229,12 @@ class Deliver_SMTP extends Deliver {
         // FIXME: check ehlo response before using authentication
 
         // Try authentication by a plugin
+        //
+        // NOTE: there is another hook in functions/auth.php called "smtp_auth" 
+        // that allows a plugin to specify a different set of login credentials 
+        // (so is slightly mis-named, but is too old to change), so be careful 
+        // that you do not confuse your hook names.
+        //
         $smtp_auth_args = array(
             'auth_mech' => $smtp_auth_mech,
             'user' => $user,
@@ -220,7 +243,7 @@ class Deliver_SMTP extends Deliver {
             'port' => $port,
             'stream' => $stream,
         );
-        if (boolean_hook_function('smtp_auth', $smtp_auth_args, 1)) {
+        if (boolean_hook_function('smtp_authenticate', $smtp_auth_args, 1)) {
             // authentication succeeded
         } else if (( $smtp_auth_mech == 'cram-md5') or ( $smtp_auth_mech == 'digest-md5' )) {
             // Doing some form of non-plain auth