X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fimap_general.php;h=12174f51c23d279a2445587a35b558755ae4fcca;hb=b8ec18ef15e123c78598dcc5934967391de0487c;hp=d8bad0152fe63ba8ca36a465a435ca4b1e7a12cd;hpb=ea7ff11121c27c813a334e817b88579bf0694d9d;p=squirrelmail.git
diff --git a/functions/imap_general.php b/functions/imap_general.php
index d8bad015..12174f51 100755
--- a/functions/imap_general.php
+++ b/functions/imap_general.php
@@ -3,7 +3,7 @@
/**
* imap_general.php
*
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* This implements all functions that do general imap functions.
@@ -11,316 +11,388 @@
* $Id$
*/
-require_once('../functions/page_header.php');
-require_once('../functions/display_messages.php');
+require_once(SM_PATH . 'functions/page_header.php');
+require_once(SM_PATH . 'functions/auth.php');
-/**
- * Unique SessionId
- *
- * Sets an unique session id in order to avoid simultanous sessions crash.
- *
- * @return string a 4 chars unique string
- */
global $sqimap_session_id;
$sqimap_session_id = 1;
-function sqimap_session_id() {
+/* Sets an unique session id in order to avoid simultanous sessions crash. */
+function sqimap_session_id($unique_id = false) {
global $data_dir, $username, $sqimap_session_id;
-
- return( sprintf("A%03d", $sqimap_session_id++) );
+ if (!$unique_id) {
+ return( sprintf("A%03d", $sqimap_session_id++) );
+ } else {
+ return( sprintf("A%03d", $sqimap_session_id++) . ' UID' );
+ }
}
-/******************************************************************************
-** Both send a command and accept the result from the command. This is
-** to allow proper session number handling.
-******************************************************************************/
-
-function sqimap_run_command_list ($imap_stream, $query, $handle_errors, &$response, &$message) {
- $sid = sqimap_session_id();
- fputs ($imap_stream, $sid . ' ' . $query . "\r\n");
- $read = sqimap_read_data_list ($imap_stream, $sid, $handle_errors, $response, $message, $query );
- return $read;
+/*
+ * Both send a command and accept the result from the command.
+ * This is to allow proper session number handling.
+ */
+function sqimap_run_command_list ($imap_stream, $query, $handle_errors, &$response, &$message, $unique_id = false) {
+ if ($imap_stream) {
+ $sid = sqimap_session_id($unique_id);
+ fputs ($imap_stream, $sid . ' ' . $query . "\r\n");
+ $read = sqimap_read_data_list ($imap_stream, $sid, $handle_errors, $response, $message, $query );
+ return $read;
+ } else {
+ global $squirrelmail_language, $color;
+ set_up_language($squirrelmail_language);
+ require_once(SM_PATH . 'functions/display_messages.php');
+ $string = "\n" .
+ _("ERROR : No available imapstream.") .
+ "\n";
+ error_box($string,$color);
+ return false;
+ }
+
}
-function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response, &$message) {
- $sid = sqimap_session_id();
- fputs ($imap_stream, $sid . ' ' . $query . "\r\n");
- $read = sqimap_read_data ($imap_stream, $sid, $handle_errors, $response, $message, $query);
- return $read;
+function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response, &$message, $unique_id = false) {
+ if ($imap_stream) {
+ $sid = sqimap_session_id($unique_id);
+ fputs ($imap_stream, $sid . ' ' . $query . "\r\n");
+ $read = sqimap_read_data ($imap_stream, $sid, $handle_errors, $response, $message, $query);
+ return $read;
+ } else {
+ global $squirrelmail_language, $color;
+ set_up_language($squirrelmail_language);
+ require_once(SM_PATH . 'functions/display_messages.php');
+ $string = "\n" .
+ _("ERROR : No available imapstream.") .
+ "\n";
+ error_box($string,$color);
+ return false;
+ }
+
}
+/*
+ * custom fgets function. gets a line from IMAP
+ * no matter how big it may be
+ */
+
+function sqimap_fgets($imap_stream) {
+ $read = '';
+ $buffer = 4096;
+ $results = '';
+ $offset = 0;
+ while (strpos($results, "\r\n", $offset) === false) {
+ if (!($read = fgets($imap_stream, $buffer))) {
+ break;
+ }
+ if ( $results != '' ) {
+ $offset = strlen($results) - 1;
+ }
+ $results .= $read;
+ }
+ return $results;
+}
+
/*
- * Reads the output from the IMAP stream. If handle_errors is set to true,
- * this will also handle all errors that are received. If it is not set,
- * the errors will be sent back through $response and $message
+ * Reads the output from the IMAP stream. If handle_errors is set to true,
+ * this will also handle all errors that are received. If it is not set,
+ * the errors will be sent back through $response and $message
*/
-function sqimap_read_data_list ($imap_stream, $pre, $handle_errors,
- &$response, &$message, $query = '') {
+function sqimap_read_data_list ($imap_stream, $pre, $handle_errors, &$response, &$message, $query = '') {
global $color, $squirrelmail_language;
-
$read = '';
- $bufsize = 9096;
+ $pre_a = explode(' ',trim($pre));
+ $pre = $pre_a[0];
$resultlist = array();
-
- $more_msgs = true;
- while ($more_msgs) {
- $data = array();
- $total_size = 0;
-
- while (strpos($read, "\n") === false) {
- if(!($read .= fgets($imap_stream, $bufsize))) {
- break;
- }
- }
-
- // if (ereg("^\\* [0-9]+ FETCH.*\\{([0-9]+)\\}", $read, $regs)) {
- if (preg_match('/^\* [0-9]+ FETCH.*\{([0-9]+)\}/', $read, $regs)) {
- $size = $regs[1];
- } else if (ereg("^\\* [0-9]+ FETCH", $read, $regs)) {
- // Sizeless response, probably single-line
- $size = -1;
- $data[] = $read;
- $read = fgets($imap_stream, $bufsize);
- } else {
- $size = -1;
- }
- while (1) {
- while (strpos($read, "\n") === false) {
- if(!($read .= fgets($imap_stream, $bufsize))) {
- break;
+ $data = array();
+ $read = sqimap_fgets($imap_stream);
+ while (1) {
+ switch (true) {
+ case preg_match("/^$pre (OK|BAD|NO)(.*)$/", $read, $regs):
+ case preg_match('/^\* (BYE \[ALERT\])(.*)$/', $read, $regs):
+ $response = $regs[1];
+ $message = trim($regs[2]);
+ break 2;
+ case preg_match("/^\* (OK \[PARSE\])(.*)$/", $read):
+ $read = sqimap_fgets($imap_stream);
+ break 1;
+ case preg_match('/^\* ([0-9]+) FETCH.*/', $read, $regs):
+ $fetch_data = array();
+ $fetch_data[] = $read;
+ $read = sqimap_fgets($imap_stream);
+ while (!preg_match('/^\* [0-9]+ FETCH.*/', $read) &&
+ !preg_match("/^$pre (OK|BAD|NO)(.*)$/", $read)) {
+ $fetch_data[] = $read;
+ $last = $read;
+ $read = sqimap_fgets($imap_stream);
}
- }
- // If we know the size, no need to look at the end parameters
- if ($size > 0) {
- if ($total_size == $size) {
- // We've reached the end of this 'message', switch to the next one.
- $data[] = $read;
- break;
- } else if ($total_size > $size) {
- $difference = $total_size - $size;
- $total_size = $total_size - strlen($read);
- $data[] = substr ($read, 0, strlen($read)-$difference);
- $read = substr ($read, strlen($read)-$difference, strlen($read));
- break;
- } else {
- $data[] = $read;
- $read = fgets($imap_stream, $bufsize);
- while (strpos($read, "\n") === false) {
- $read .= fgets($imap_stream, $bufsize);
- }
+ if (isset($last) && preg_match('/^\)/', $last)) {
+ array_pop($fetch_data);
}
- $total_size += strlen($read);
- } else {
- if (preg_match("/^$pre (OK|BAD|NO)(.*)/", $read, $regs) ||
- // if (ereg("^$pre (OK|BAD|NO)(.*)", $read, $regs) ||
- (($size == -1) && ereg("^\\* [0-9]+ FETCH.*", $read, $regs))) {
- break;
- } else if ( preg_match("/^\* OK \[PARSE.*/", $read, $regs ) ) {
- /*
- This block has been added in order to avoid the problem
- caused by the * OK [PARSE] Missing parameter answer
- Please, replace it with a better parsing if you know how.
- */
- $read = fgets ($imap_stream, $bufsize);
- $data[] = $read;
- $read = fgets ($imap_stream, $bufsize);
- } else if (preg_match("/^\* BYE \[ALERT\](.*)/", $read, $regs)) {
- /*
- It seems that the IMAP server has coughed a lung up
- and hung up the connection. Print any info we have
- and abort.
- */
- echo _("Please contact your system administrator and report the following error:") . "
\n";
- echo "$regs[1]";
- exit(0);
- } else {
- $data[] = $read;
- $read = fgets ($imap_stream, $bufsize);
- }
- }
- }
-
- // while (($more_msgs = !ereg("^$pre (OK|BAD|NO)(.*)$", $read, $regs)) &&
- // !ereg("^\\* [0-9]+ FETCH.*", $read, $regs)) {
- while (($more_msgs = !preg_match("/^$pre (OK|BAD|NO)(.*)$/", $read, $regs)) &&
- !preg_match('/^\* [0-9]+ FETCH.*/', $read, $regs)) {
- $read = fgets($imap_stream, $bufsize);
+ $resultlist[] = $fetch_data;
+ break 1;
+ default:
+ $data[] = $read;
+ $read = sqimap_fgets($imap_stream);
+ break 1;
}
+ }
+ if (!empty($data)) {
$resultlist[] = $data;
}
-
- $response = $regs[1];
- $message = trim($regs[2]);
-
+ elseif (empty($resultlist)) {
+ $resultlist[] = array();
+ }
if ($handle_errors == false) {
return( $resultlist );
- } else if ($response == 'NO') {
- // ignore this error from m$ exchange, it is not fatal (aka bug)
+ }
+ elseif ($response == 'NO') {
+ /* ignore this error from M$ exchange, it is not fatal (aka bug) */
if (strstr($message, 'command resulted in') === false) {
set_up_language($squirrelmail_language);
- echo "
\n" .
- _("ERROR : Could not complete request.") .
- "
\n" .
- _("Query:") .
- $query . '
' .
- _("Reason Given: ") .
- $message . "
\n";
+ require_once(SM_PATH . 'functions/display_messages.php');
+ $string = "\n" .
+ _("ERROR : Could not complete request.") .
+ "
\n" .
+ _("Query:") . ' ' .
+ htmlspecialchars($query) . '
' .
+ _("Reason Given: ") .
+ htmlspecialchars($message) . "
\n";
+ error_box($string,$color);
exit;
}
- } else if ($response == 'BAD') {
+ }
+ elseif ($response == 'BAD') {
set_up_language($squirrelmail_language);
- echo "
\n" .
- _("ERROR : Bad or malformed request.") .
- "
\n" .
- _("Query:") .
- $query . '
' .
- _("Server responded: ") .
- $message . "
\n";
+ require_once(SM_PATH . 'functions/display_messages.php');
+ $string = "\n" .
+ _("ERROR : Bad or malformed request.") .
+ "
\n" .
+ _("Query:") . ' '.
+ htmlspecialchars($query) . '
' .
+ _("Server responded: ") .
+ htmlspecialchars($message) . "
\n";
+ error_box($string,$color);
exit;
- } else {
- return( $resultlist );
+ }
+ else {
+ return $resultlist;
}
}
function sqimap_read_data ($imap_stream, $pre, $handle_errors, &$response, &$message, $query = '') {
-
$res = sqimap_read_data_list($imap_stream, $pre, $handle_errors, $response, $message, $query);
- return $res[0];
+
+ /* sqimap_read_data should be called for one response
+ but since it just calls sqimap_read_data_list which
+ handles multiple responses we need to check for that
+ and merge the $res array IF they are seperated and
+ IF it was a FETCH response. */
+
+ if (isset($res[1]) && is_array($res[1]) && isset($res[1][0])
+ && preg_match('/^\* \d+ FETCH/', $res[1][0])) {
+ $result = array();
+ foreach($res as $index=>$value) {
+ $result = array_merge($result, $res["$index"]);
+ }
+ }
+ if (isset($result)) {
+ return $result;
+ }
+ else {
+ return $res[0];
+ }
}
-/******************************************************************************
-** Logs the user into the imap server. If $hide is set, no error messages
-** will be displayed. This function returns the imap connection handle.
-******************************************************************************/
+/*
+ * Logs the user into the imap server. If $hide is set, no error messages
+ * will be displayed. This function returns the imap connection handle.
+ */
function sqimap_login ($username, $password, $imap_server_address, $imap_port, $hide) {
+ global $color, $squirrelmail_language, $onetimepad, $use_imap_tls, $imap_auth_mech;
- global $color, $squirrelmail_language, $HTTP_ACCEPT_LANGUAGE, $onetimepad;
-
- $imap_stream = fsockopen ( $imap_server_address, $imap_port,
- $error_number, $error_string, 15);
- if ( !$imap_stream ) {
- return FALSE;
+ if (!isset($onetimepad) || empty($onetimepad)) {
+ sqgetglobalvar('onetimepad' , $onetimepad , SQ_SESSION );
}
- $server_info = fgets ($imap_stream, 1024);
-
- // Decrypt the password
- $password = OneTimePadDecrypt($password, $onetimepad);
+ $imap_server_address = sqimap_get_user_server($imap_server_address, $username);
+ $host=$imap_server_address;
+
+ if (($use_imap_tls == true) and (check_php_version(4,3)) and (extension_loaded('openssl'))) {
+ /* Use TLS by prefixing "tls://" to the hostname */
+ $imap_server_address = 'tls://' . $imap_server_address;
+ }
- /** Do some error correction **/
+ $imap_stream = fsockopen ( $imap_server_address, $imap_port, $error_number, $error_string, 15);
+
+ /* Do some error correction */
if (!$imap_stream) {
if (!$hide) {
set_up_language($squirrelmail_language, true);
- printf (_("Error connecting to IMAP server: %s.")."
\r\n", $imap_server_address);
- echo "$error_number : $error_string
\r\n";
+ require_once(SM_PATH . 'functions/display_messages.php');
+ $string = sprintf (_("Error connecting to IMAP server: %s.") .
+ "
\r\n", $imap_server_address) .
+ "$error_number : $error_string
\r\n";
+ logout_error($string,$color);
}
exit;
}
- $query = 'LOGIN "' . quoteIMAP($username) . '" "' . quoteIMAP($password) . '"';
- $read = sqimap_run_command ($imap_stream, $query, false, $response, $message);
+ $server_info = fgets ($imap_stream, 1024);
- /** If the connection was not successful, lets see why **/
+ /* Decrypt the password */
+ $password = OneTimePadDecrypt($password, $onetimepad);
+
+ if (($imap_auth_mech == 'cram-md5') OR ($imap_auth_mech == 'digest-md5')) {
+ // We're using some sort of authentication OTHER than plain or login
+ $tag=sqimap_session_id(false);
+ if ($imap_auth_mech == 'digest-md5') {
+ $query = $tag . " AUTHENTICATE DIGEST-MD5\r\n";
+ } elseif ($imap_auth_mech == 'cram-md5') {
+ $query = $tag . " AUTHENTICATE CRAM-MD5\r\n";
+ }
+ fputs($imap_stream,$query);
+ $answer=sqimap_fgets($imap_stream);
+ // Trim the "+ " off the front
+ $response=explode(" ",$answer,3);
+ if ($response[0] == '+') {
+ // Got a challenge back
+ $challenge=$response[1];
+ if ($imap_auth_mech == 'digest-md5') {
+ $reply = digest_md5_response($username,$password,$challenge,'imap',$host);
+ } elseif ($imap_auth_mech == 'cram-md5') {
+ $reply = cram_md5_response($username,$password,$challenge);
+ }
+ fputs($imap_stream,$reply);
+ $read=sqimap_fgets($imap_stream);
+ if ($imap_auth_mech == 'digest-md5') {
+ // DIGEST-MD5 has an extra step..
+ if (substr($read,0,1) == '+') { // OK so far..
+ fputs($imap_stream,"\r\n");
+ $read=sqimap_fgets($imap_stream);
+ }
+ }
+ $results=explode(" ",$read,3);
+ $response=$results[1];
+ $message=$results[2];
+ } else {
+ // Fake the response, so the error trap at the bottom will work
+ $response="BAD";
+ $message='IMAP server does not appear to support the authentication method selected.';
+ $message .= ' Please contact your system administrator.';
+ }
+ } elseif ($imap_auth_mech == 'login') {
+ // Original IMAP login code
+ $query = 'LOGIN "' . quoteIMAP($username) . '" "' . quoteIMAP($password) . '"';
+ $read = sqimap_run_command ($imap_stream, $query, false, $response, $message);
+ } elseif ($imap_auth_mech == 'plain') {
+ /* Replace this with SASL PLAIN if it ever gets implemented */
+ $response="BAD";
+ $message='SquirrelMail does not support SASL PLAIN yet. Rerun conf.pl and use login instead.';
+ } else {
+ $response="BAD";
+ $message="Internal SquirrelMail error - unknown IMAP authentication method chosen. Please contact the developers.";
+ }
+
+ /* If the connection was not successful, lets see why */
if ($response != 'OK') {
if (!$hide) {
if ($response != 'NO') {
- // "BAD" and anything else gets reported here.
+ /* "BAD" and anything else gets reported here. */
+ $message = htmlspecialchars($message);
set_up_language($squirrelmail_language, true);
+ require_once(SM_PATH . 'functions/display_messages.php');
if ($response == 'BAD') {
- printf (_("Bad request: %s")."
\r\n", $message);
+ $string = sprintf (_("Bad request: %s")."
\r\n", $message);
} else {
- printf (_("Unknown error: %s") . "
\n", $message);
+ $string = sprintf (_("Unknown error: %s") . "
\n", $message);
}
- echo '
' . _("Read data:") . "
\n";
- if (is_array($read)) {
+ if (isset($read) && is_array($read)) {
+ $string .= '
' . _("Read data:") . "
\n";
foreach ($read as $line) {
- echo htmlspecialchars($line) . "
\n";
+ $string .= htmlspecialchars($line) . "
\n";
}
}
+ error_box($string,$color);
exit;
} else {
- /* If the user does not log in with the correct
+ /*
+ * If the user does not log in with the correct
* username and password it is not possible to get the
* correct locale from the user's preferences.
* Therefore, apply the same hack as on the login
* screen.
- */
-
- /* $squirrelmail_language is set by a cookie when
+ *
+ * $squirrelmail_language is set by a cookie when
* the user selects language and logs out
*/
set_up_language($squirrelmail_language, true);
-
- displayHtmlHeader( _("Unknown user or password incorrect.") );
- echo "