X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fimap_general.php;h=d02e35a84b5d5d1989087eee83756a5a2e5a9b32;hb=2b0a416283909fe6a6dc712e50ec2dc28bacd207;hp=dcb8d6122f6b99149b3f9d9b03f4c726dd14ba35;hpb=5eba0be26859c16fb008fcd3fc0647ff305dae43;p=squirrelmail.git diff --git a/functions/imap_general.php b/functions/imap_general.php index dcb8d612..d02e35a8 100755 --- a/functions/imap_general.php +++ b/functions/imap_general.php @@ -9,8 +9,10 @@ * This implements all functions that do general imap functions. * * $Id$ + * @package squirrelmail */ +/** Includes.. */ require_once(SM_PATH . 'functions/page_header.php'); require_once(SM_PATH . 'functions/auth.php'); @@ -18,7 +20,12 @@ require_once(SM_PATH . 'functions/auth.php'); global $sqimap_session_id; $sqimap_session_id = 1; -/* Sets an unique session id in order to avoid simultanous sessions crash. */ +/** + * Generates a new session ID by incrementing the last one used; + * this ensures that each command has a unique ID. + * @param bool unique_id + * @return string IMAP session id of the form 'A000'. + */ function sqimap_session_id($unique_id = false) { global $data_dir, $username, $sqimap_session_id; if (!$unique_id) { @@ -28,7 +35,7 @@ function sqimap_session_id($unique_id = false) { } } -/* +/** * Both send a command and accept the result from the command. * This is to allow proper session number handling. */ @@ -36,8 +43,13 @@ function sqimap_run_command_list ($imap_stream, $query, $handle_errors, &$respon if ($imap_stream) { $sid = sqimap_session_id($unique_id); fputs ($imap_stream, $sid . ' ' . $query . "\r\n"); - $read = sqimap_read_data_list ($imap_stream, $sid, $handle_errors, $response, $message, $query ); - return $read; + $tag_uid_a = explode(' ',trim($sid)); + $tag = $tag_uid_a[0]; + $read = sqimap_retrieve_imap_response ($imap_stream, $tag, $handle_errors, $response, $message, $query ); + /* get the response and the message */ + $message = $message[$tag]; + $response = $response[$tag]; + return $read[$tag]; } else { global $squirrelmail_language, $color; set_up_language($squirrelmail_language); @@ -48,7 +60,6 @@ function sqimap_run_command_list ($imap_stream, $query, $handle_errors, &$respon error_box($string,$color); return false; } - } function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response, @@ -56,10 +67,26 @@ function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response, $outputstream=false,$no_return=false) { if ($imap_stream) { $sid = sqimap_session_id($unique_id); - fputs ($imap_stream, $sid . ' ' . $query . "\r\n"); - $read = sqimap_read_data ($imap_stream, $sid, $handle_errors, $response, + fputs ($imap_stream, $sid . ' ' . $query . "\r\n"); + $tag_uid_a = explode(' ',trim($sid)); + $tag = $tag_uid_a[0]; + + $read = sqimap_read_data ($imap_stream, $tag, $handle_errors, $response, $message, $query,$filter,$outputstream,$no_return); - return $read; + if (empty($read)) { //Imap server dropped its connection + $response = ''; + $message = ''; + return false; + } + /* retrieve the response and the message */ + $response = $response[$tag]; + $message = $message[$tag]; + + if (!empty($read[$tag])) { + return $read[$tag][0]; + } else { + return $read[$tag]; + } } else { global $squirrelmail_language, $color; set_up_language($squirrelmail_language); @@ -69,16 +96,86 @@ function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response, "\n"; error_box($string,$color); return false; + } +} + +function sqimap_prepare_pipelined_query($new_query,&$tag,&$aQuery,$unique_id) { + $sid = sqimap_session_id($unique_id); + $tag_uid_a = explode(' ',trim($sid)); + $tag = $tag_uid_a[0]; + $query = $sid . ' '.$new_query."\r\n"; + $aQuery[$tag] = $query; +} + +function sqimap_run_pipelined_command ($imap_stream, $aQueryList, $handle_errors, + &$aServerResponse, &$aServerMessage, $unique_id = false, + $filter=false,$outputstream=false,$no_return=false) { + $aResponse = false; + + /* + Do not fire all calls at once to the imap-server but split the calls up + in portions of $iChunkSize. If we do not do that I think we misbehave as + IMAP client or should handle BYE calls if the IMAP-server drops the + connection because the number of queries is to large. This isn't tested + but a wild guess how it could work in the field. + + After testing it on Exchange 2000 we discovered that a chunksize of 32 + was quicker then when we raised it to 128. + */ + $iQueryCount = count($aQueryList); + $iChunkSize = 32; + // array_chunk would also do the job but it's supported from php > 4.2 + $aQueryChunks = array(); + $iLoops = floor($iQueryCount / $iChunkSize); + + if ($iLoops * $iChunkSize != $iQueryCount) ++$iLoops; + + if (!function_exists('array_chunk')) { // arraychunk replacement + reset($aQueryList); + for($i=0;$i<$iLoops;++$i) { + for($j=0;$j<$iChunkSize;++$j) { + $key = key($aQueryList); + $aTmp[$key] = $aQueryList[$key]; + if (next($aQueryList) === false) break; + } + $aQueryChunks[] = $aTmp; + } + } else { + $aQueryChunks = array_chunk($aQueryList,$iChunkSize,true); } + for ($i=0;$i<$iLoops;++$i) { + $aQuery = $aQueryChunks[$i]; + foreach($aQuery as $tag => $query) { + fputs($imap_stream,$query); + $aResults[$tag] = false; + } + foreach($aQuery as $tag => $query) { + if ($aResults[$tag] == false) { + $aReturnedResponse = sqimap_retrieve_imap_response ($imap_stream, $tag, + $handle_errors, $response, $message, $query, + $filter,$outputstream,$no_return); + foreach ($aReturnedResponse as $returned_tag => $aResponse) { + if (!empty($aResponse)) { + $aResults[$returned_tag] = $aResponse[0]; + } else { + $aResults[$returned_tag] = $aResponse; + } + $aServerResponse[$returned_tag] = $response[$returned_tag]; + $aServerMessage[$returned_tag] = $message[$returned_tag]; + } + } + } + } + return $aResults; } - -/* - * custom fgets function. gets a line from IMAP - * no matter how big it may be +/** + * Custom fgets function: gets a line from the IMAP-server, + * no matter how big it may be. + * @param stream imap_stream the stream to read from + * @return string a line */ - function sqimap_fgets($imap_stream) { $read = ''; $buffer = 4096; @@ -104,26 +201,47 @@ function sqimap_fread($imap_stream,$iSize,$filter=false, if (!$filter || !$outputstream) { $iBufferSize = $iSize; } else { - // FIXME This doesn't work with base64 decode, Why ? - // The idea is to use a buffersize of 32k i.e. + // see php bug 24033. They changed fread behaviour %$^&$% + $iBufferSize = 7800; // multiple of 78 in case of base64 decoding. + } + if ($iSize < $iBufferSize) { $iBufferSize = $iSize; } - $iRet = $iSize - $iBufferSize; $iRetrieved = 0; - $i = 0; $results = ''; - while (($iRetrieved < ($iSize - $iBufferSize))) { + $sRead = $sReadRem = ''; + // NB: fread can also stop at end of a packet on sockets. + while ($iRetrieved < $iSize) { $sRead = fread($imap_stream,$iBufferSize); - if ($sRead === false) { + $iLength = strlen($sRead); + $iRetrieved += $iLength ; + $iRemaining = $iSize - $iRetrieved; + if ($iRemaining < $iBufferSize) { + $iBufferSize = $iRemaining; + } + if (!$sRead) { $results = false; break; } - $iRetrieved += $iBufferSize; - if ($filter) { - + if ($sReadRem) { + $sRead = $sReadRem . $sRead; + $sReadRem = ''; + } + if (substr($sRead,-1) !== "\n") { + $i = strrpos($sRead,"\n"); + if ($i !== false && $iRetrieved<$iSize) { + ++$i; + $sReadRem = substr($sRead,$i); + $sRead = substr($sRead,0,$i); + } else if ($iLength && $iRetrieved<$iSize) { // linelength > received buffer + $sReadRem = $sRead; + $sRead = ''; + } + } + if ($filter && $sRead) { $filter($sRead); } - if ($outputstream) { + if ($outputstream && $sRead) { if (is_resource($outputstream)) { fwrite($outputstream,$sRead); } else if ($outputstream == 'php://stdout') { @@ -132,48 +250,85 @@ function sqimap_fread($imap_stream,$iSize,$filter=false, } if ($no_return) { $sRead = ''; - } - $results .= $sRead; - } - if ($results !== false) { - $sRead = fread($imap_stream,($iSize - ($iRetrieved))); - if ($filter) { - $filter($sRead); - } - if ($outputstream) { - if (is_resource($outputstream)) { - fwrite($outputstream,$sRead); - } else if ($outputstream == 'php://stdout') { // FIXME - echo $sRead; - } + } else { + $results .= $sRead; } - if ($no_return) { - $sRead = ''; - } - $results .= $sRead; } return $results; } +/** + * Obsolete function, inform plugins that use it + * @deprecated use sqimap_run_command or sqimap_run_command_list instead + */ +function sqimap_read_data_list($imap_stream, $tag, $handle_errors, + &$response, &$message, $query = '') { + global $color, $squirrelmail_language; + set_up_language($squirrelmail_language); + require_once(SM_PATH . 'functions/display_messages.php'); + $string = "\n" . + _("ERROR : Bad function call.") . + "
\n" . + _("Reason:") . ' '. + 'There is a plugin installed which make use of the
' . + 'SquirrelMail internal function sqimap_read_data_list.
'. + 'Please adapt the installed plugin and let it use
'. + 'sqimap_run_command or sqimap_run_command_list instead

'. + 'The following query was issued:
'. + htmlspecialchars($query) . '
' . "
\n"; + error_box($string,$color); + echo ''; + exit; +} +/** + * Function to display an error related to an IMAP-query. + * @param string title the caption of the error box + * @param string query the query that went wrong + * @param string message_title optional message title + * @param string message optional error message + * @param string $link an optional link to try again + * @return void + */ +function sqimap_error_box($title, $query = '', $message_title = '', $message = '', $link = '') +{ + global $color, $squirrelmail_language; -/* + set_up_language($squirrelmail_language); + require_once(SM_PATH . 'functions/display_messages.php'); + $string = "\n" . $title . "
\n"; + $cmd = explode(' ',$query); + $cmd= strtolower($cmd[0]); + + if ($query != '' && $cmd != 'login') + $string .= _("Query:") . ' ' . htmlspecialchars($query) . '
'; + if ($message_title != '') + $string .= $message_title; + if ($message != '') + $string .= htmlspecialchars($message); + $string .= "
\n"; + if ($link != '') + $string .= $link; + error_box($string,$color); +} + +/** * Reads the output from the IMAP stream. If handle_errors is set to true, * this will also handle all errors that are received. If it is not set, - * the errors will be sent back through $response and $message + * the errors will be sent back through $response and $message. */ - -function sqimap_read_data_list ($imap_stream, $tag_uid, $handle_errors, +function sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors, &$response, &$message, $query = '', $filter = false, $outputstream = false, $no_return = false) { global $color, $squirrelmail_language; $read = ''; - $tag_uid_a = explode(' ',trim($tag_uid)); - $tag = $tag_uid_a[0]; + if (!is_array($message)) $message = array(); + if (!is_array($response)) $response = array(); + $aResponse = ''; $resultlist = array(); $data = array(); $read = sqimap_fgets($imap_stream); - $i = 0; + $i = $k = 0; while ($read) { $char = $read{0}; switch ($char) @@ -193,7 +348,7 @@ function sqimap_read_data_list ($imap_stream, $tag_uid, $handle_errors, $arg = substr($s,0,$j); } $found_tag = substr($read,0,$i-1); - if ($arg && $found_tag==$tag) { + if ($found_tag) { switch ($arg) { case 'OK': @@ -201,21 +356,36 @@ function sqimap_read_data_list ($imap_stream, $tag_uid, $handle_errors, case 'NO': case 'BYE': case 'PREAUTH': - $response = $arg; - $message = trim(substr($read,$i+strlen($arg))); - break 3; /* switch switch while */ + $response[$found_tag] = $arg; + $message[$found_tag] = trim(substr($read,$i+strlen($arg))); + if (!empty($data)) { + $resultlist[] = $data; + } + $aResponse[$found_tag] = $resultlist; + $data = $resultlist = array(); + if ($found_tag == $tag) { + break 3; /* switch switch while */ + } + break; default: /* this shouldn't happen */ - $response = $arg; - $message = trim(substr($read,$i+strlen($arg))); - break 3; /* switch switch while */ + $response[$found_tag] = $arg; + $message[$found_tag] = trim(substr($read,$i+strlen($arg))); + if (!empty($data)) { + $resultlist[] = $data; + } + $aResponse[$found_tag] = $resultlist; + $data = $resultlist = array(); + if ($found_tag == $tag) { + break 3; /* switch switch while */ + } } - } elseif($found_tag !== $tag) { - /* reset data array because we do not need this reponse */ - $data = array(); - $read = sqimap_fgets($imap_stream); - break; } + $read = sqimap_fgets($imap_stream); + if ($read === false) { /* error */ + break 3; /* switch switch while */ + } + break; } // end case $tag{0} case '*': @@ -287,7 +457,7 @@ function sqimap_read_data_list ($imap_stream, $tag_uid, $handle_errors, break 3; /* while switch while */ } $data[] = $sLiteral; - $fetch_data[] = sqimap_fgets($imap_stream); + $data[] = sqimap_fgets($imap_stream); } else { $data[] = $read; } @@ -300,7 +470,7 @@ function sqimap_read_data_list ($imap_stream, $tag_uid, $handle_errors, $s = substr($read,-3); } while ($s === "}\r\n"); break 1; - } + } break; } // end case '*' } // end switch @@ -309,20 +479,15 @@ function sqimap_read_data_list ($imap_stream, $tag_uid, $handle_errors, /* error processing in case $read is false */ if ($read === false) { unset($data); - set_up_language($squirrelmail_language); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = "\n" . - _("ERROR : Connection dropped by imap-server.") . - "
\n" . - _("Query:") . ' '. - htmlspecialchars($query) . '
' . "
\n"; - error_box($string,$color); - exit; + if ($handle_errors) { + sqimap_error_box(_("ERROR : Connection dropped by imap-server."), $query); + exit; + } } /* Set $resultlist array */ if (!empty($data)) { - $resultlist[] = $data; + //$resultlist[] = $data; } elseif (empty($resultlist)) { $resultlist[] = array(); @@ -330,70 +495,33 @@ function sqimap_read_data_list ($imap_stream, $tag_uid, $handle_errors, /* Return result or handle errors */ if ($handle_errors == false) { - return( $resultlist ); + return $aResponse; } - switch ($response) - { + switch ($response[$tag]) { case 'OK': - return $resultlist; + return $aResponse; break; case 'NO': /* ignore this error from M$ exchange, it is not fatal (aka bug) */ - if (strstr($message, 'command resulted in') === false) { - set_up_language($squirrelmail_language); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = "\n" . - _("ERROR : Could not complete request.") . - "
\n" . - _("Query:") . ' ' . - htmlspecialchars($query) . '
' . - _("Reason Given: ") . - htmlspecialchars($message) . "
\n"; - error_box($string,$color); + if (strstr($message[$tag], 'command resulted in') === false) { + sqimap_error_box(_("ERROR : Could not complete request."), $query, _("Reason Given: "), $message[$tag]); echo ''; exit; } break; case 'BAD': - set_up_language($squirrelmail_language); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = "\n" . - _("ERROR : Bad or malformed request.") . - "
\n" . - _("Query:") . ' '. - htmlspecialchars($query) . '
' . - _("Server responded: ") . - htmlspecialchars($message) . "
\n"; - error_box($string,$color); + sqimap_error_box(_("ERROR : Bad or malformed request."), $query, _("Server responded: "), $message[$tag]); echo ''; exit; case 'BYE': - set_up_language($squirrelmail_language); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = "\n" . - _("ERROR : Imap server closed the connection.") . - "
\n" . - _("Query:") . ' '. - htmlspecialchars($query) . '
' . - _("Server responded: ") . - htmlspecialchars($message) . "
\n"; - error_box($string,$color); + sqimap_error_box(_("ERROR : Imap server closed the connection."), $query, _("Server responded: "), $message[$tag]); echo ''; exit; default: - set_up_language($squirrelmail_language); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = "\n" . - _("ERROR : Unknown imap response.") . - "
\n" . - _("Query:") . ' '. - htmlspecialchars($query) . '
' . - _("Server responded: ") . - htmlspecialchars($message) . "
\n"; - error_box($string,$color); + sqimap_error_box(_("ERROR : Unknown imap response."), $query, _("Server responded: "), $message[$tag]); /* the error is displayed but because we don't know the reponse we return the result anyway */ - return $resultlist; + return $aResponse; break; } } @@ -401,10 +529,14 @@ function sqimap_read_data_list ($imap_stream, $tag_uid, $handle_errors, function sqimap_read_data ($imap_stream, $tag_uid, $handle_errors, &$response, &$message, $query = '', $filter=false,$outputstream=false,$no_return=false) { - $res = sqimap_read_data_list($imap_stream, $tag_uid, $handle_errors, + + $tag_uid_a = explode(' ',trim($tag_uid)); + $tag = $tag_uid_a[0]; + + $res = sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors, $response, $message, $query,$filter,$outputstream,$no_return); /* sqimap_read_data should be called for one response - but since it just calls sqimap_read_data_list which + but since it just calls sqimap_retrieve_imap_response which handles multiple responses we need to check for that and merge the $res array IF they are seperated and IF it was a FETCH response. */ @@ -417,104 +549,160 @@ function sqimap_read_data ($imap_stream, $tag_uid, $handle_errors, // } // } if (isset($result)) { - return $result; + return $result[$tag]; } else { - return $res[0]; + return $res; } +} + +/** + * Connects to the IMAP server and returns a resource identifier for use with + * the other SquirrelMail IMAP functions. Does NOT login! + * @param string server hostname of IMAP server + * @param int port port number to connect to + * @param bool tls whether to use TLS when connecting. + * @return imap-stream resource identifier + */ +function sqimap_create_stream($server,$port,$tls=false) { + global $username, $use_imap_tls; + if ($use_imap_tls == true) { + if ((check_php_version(4,3)) and (extension_loaded('openssl'))) { + /* Use TLS by prefixing "tls://" to the hostname */ + $server = 'tls://' . $imap_server_address; + } else { + require_once(SM_PATH . 'functions/display_messages.php'); + $string = "Unable to connect to IMAP server!
TLS is enabled, but this " . + "version of PHP does not support TLS sockets, or is missing the openssl " . + "extension.

Please contact your system administrator."; + logout_error($string,$color); + } + } + + $imap_stream = fsockopen($server, $port, $error_number, $error_string, 15); + + /* Do some error correction */ + if (!$imap_stream) { + set_up_language($squirrelmail_language, true); + require_once(SM_PATH . 'functions/display_messages.php'); + $string = sprintf (_("Error connecting to IMAP server: %s.") . + "
\r\n", $server) . + "$error_number : $error_string
\r\n"; + logout_error($string,$color); + exit; + } + $server_info = fgets ($imap_stream, 1024); + return $imap_stream; } -/* +/** * Logs the user into the imap server. If $hide is set, no error messages * will be displayed. This function returns the imap connection handle. */ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $hide) { - global $color, $squirrelmail_language, $onetimepad, $use_imap_tls, $imap_auth_mech; + global $color, $squirrelmail_language, $onetimepad, $use_imap_tls, + $imap_auth_mech, $sqimap_capabilities; if (!isset($onetimepad) || empty($onetimepad)) { sqgetglobalvar('onetimepad' , $onetimepad , SQ_SESSION ); } - $imap_server_address = sqimap_get_user_server($imap_server_address, $username); - $host=$imap_server_address; - - if (($use_imap_tls == true) and (check_php_version(4,3)) and (extension_loaded('openssl'))) { - /* Use TLS by prefixing "tls://" to the hostname */ - $imap_server_address = 'tls://' . $imap_server_address; - } - - $imap_stream = fsockopen ( $imap_server_address, $imap_port, $error_number, $error_string, 15); - - /* Do some error correction */ - if (!$imap_stream) { - if (!$hide) { - set_up_language($squirrelmail_language, true); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = sprintf (_("Error connecting to IMAP server: %s.") . - "
\r\n", $imap_server_address) . - "$error_number : $error_string
\r\n"; - logout_error($string,$color); - } - exit; + if (!isset($sqimap_capabilities)) { + sqgetglobalvar('sqimap_capabilities' , $capability , SQ_SESSION ); } - $server_info = fgets ($imap_stream, 1024); + $host = $imap_server_address; + $imap_server_address = sqimap_get_user_server($imap_server_address, $username); + + $imap_stream = sqimap_create_stream($imap_server_address,$imap_port,$use_imap_tls); /* Decrypt the password */ $password = OneTimePadDecrypt($password, $onetimepad); - if (($imap_auth_mech == 'cram-md5') OR ($imap_auth_mech == 'digest-md5')) { - // We're using some sort of authentication OTHER than plain or login - $tag=sqimap_session_id(false); - if ($imap_auth_mech == 'digest-md5') { + if (($imap_auth_mech == 'cram-md5') OR ($imap_auth_mech == 'digest-md5')) { + // We're using some sort of authentication OTHER than plain or login + $tag=sqimap_session_id(false); + if ($imap_auth_mech == 'digest-md5') { $query = $tag . " AUTHENTICATE DIGEST-MD5\r\n"; - } elseif ($imap_auth_mech == 'cram-md5') { + } elseif ($imap_auth_mech == 'cram-md5') { $query = $tag . " AUTHENTICATE CRAM-MD5\r\n"; - } - fputs($imap_stream,$query); - $answer=sqimap_fgets($imap_stream); - // Trim the "+ " off the front - $response=explode(" ",$answer,3); - if ($response[0] == '+') { + } + fputs($imap_stream,$query); + $answer=sqimap_fgets($imap_stream); + // Trim the "+ " off the front + $response=explode(" ",$answer,3); + if ($response[0] == '+') { // Got a challenge back - $challenge=$response[1]; - if ($imap_auth_mech == 'digest-md5') { - $reply = digest_md5_response($username,$password,$challenge,'imap',$host); - } elseif ($imap_auth_mech == 'cram-md5') { - $reply = cram_md5_response($username,$password,$challenge); - } - fputs($imap_stream,$reply); - $read=sqimap_fgets($imap_stream); - if ($imap_auth_mech == 'digest-md5') { - // DIGEST-MD5 has an extra step.. - if (substr($read,0,1) == '+') { // OK so far.. + $challenge=$response[1]; + if ($imap_auth_mech == 'digest-md5') { + $reply = digest_md5_response($username,$password,$challenge,'imap',$host); + } elseif ($imap_auth_mech == 'cram-md5') { + $reply = cram_md5_response($username,$password,$challenge); + } + fputs($imap_stream,$reply); + $read=sqimap_fgets($imap_stream); + if ($imap_auth_mech == 'digest-md5') { + // DIGEST-MD5 has an extra step.. + if (substr($read,0,1) == '+') { // OK so far.. fputs($imap_stream,"\r\n"); $read=sqimap_fgets($imap_stream); - } } - $results=explode(" ",$read,3); - $response=$results[1]; - $message=$results[2]; - } else { - // Fake the response, so the error trap at the bottom will work - $response="BAD"; - $message='IMAP server does not appear to support the authentication method selected.'; - $message .= ' Please contact your system administrator.'; - } + } + $results=explode(" ",$read,3); + $response=$results[1]; + $message=$results[2]; + } else { + // Fake the response, so the error trap at the bottom will work + $response="BAD"; + $message='IMAP server does not appear to support the authentication method selected.'; + $message .= ' Please contact your system administrator.'; + } } elseif ($imap_auth_mech == 'login') { - // Original IMAP login code - $query = 'LOGIN "' . quoteimap($username) . '" "' . quoteimap($password) . '"'; - $read = sqimap_run_command ($imap_stream, $query, false, $response, $message); + // Original IMAP login code + $query = 'LOGIN "' . quoteimap($username) . '" "' . quoteimap($password) . '"'; + $read = sqimap_run_command ($imap_stream, $query, false, $response, $message); } elseif ($imap_auth_mech == 'plain') { - /* Replace this with SASL PLAIN if it ever gets implemented */ - $response="BAD"; - $message='SquirrelMail does not support SASL PLAIN yet. Rerun conf.pl and use login instead.'; + /*** + * SASL PLAIN + * + * RFC 2595 Chapter 6 + * + * The mechanism consists of a single message from the client to the + * server. The client sends the authorization identity (identity to + * login as), followed by a US-ASCII NUL character, followed by the + * authentication identity (identity whose password will be used), + * followed by a US-ASCII NUL character, followed by the clear-text + * password. The client may leave the authorization identity empty to + * indicate that it is the same as the authentication identity. + * + **/ + $tag=sqimap_session_id(false); + $sasl = (isset($capability['SASL-IR']) && $capability['SASL-IR']) ? true : false; + $auth = base64_encode("$username\0$username\0$password"); + if ($sasl) { + // IMAP Extension for SASL Initial Client Response + // + $query = $tag . " AUTHENTICATE PLAIN $auth\r\n"; + fputs($imap_stream, $query); + $read = sqimap_fgets($imap_stream); } else { - $response="BAD"; - $message="Internal SquirrelMail error - unknown IMAP authentication method chosen. Please contact the developers."; + $query = $tag . " AUTHENTICATE PLAIN\r\n"; + fputs($imap_stream, $query); + $read=sqimap_fgets($imap_stream); + if (substr($read,0,1) == '+') { // OK so far.. + fputs($imap_stream, "$auth\r\n"); + $read = sqimap_fgets($imap_stream); + } } - - /* If the connection was not successful, lets see why */ + $results=explode(" ",$read,3); + $response=$results[1]; + $message=$results[2]; + } else { + $response="BAD"; + $message="Internal SquirrelMail error - unknown IMAP authentication method chosen. Please contact the developers."; + } + + /* If the connection was not successful, lets see why */ if ($response != 'OK') { if (!$hide) { if ($response != 'NO') { @@ -546,7 +734,7 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $ * $squirrelmail_language is set by a cookie when * the user selects language and logs out */ - + set_up_language($squirrelmail_language, true); include_once(SM_PATH . 'functions/display_messages.php' ); sqsession_destroy(); @@ -560,7 +748,11 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $ return $imap_stream; } -/* Simply logs out the IMAP session */ +/** + * Simply logs out the IMAP session + * @param stream imap_stream the IMAP connection to log out. + * @return void + */ function sqimap_logout ($imap_stream) { /* Logout is not valid until the server returns 'BYE' * If we don't have an imap_ stream we're already logged out */ @@ -568,6 +760,11 @@ function sqimap_logout ($imap_stream) { sqimap_run_command($imap_stream, 'LOGOUT', false, $response, $message); } +/** + * Retreive the CAPABILITY string from the IMAP server. + * If capability is set, returns only that specific capability, + * else returns array of all capabilities. + */ function sqimap_capability($imap_stream, $capability='') { global $sqimap_capabilities; if (!is_array($sqimap_capabilities)) { @@ -593,7 +790,9 @@ function sqimap_capability($imap_stream, $capability='') { return $sqimap_capabilities; } -/* Returns the delimeter between mailboxes: INBOX/Test, or INBOX.Test */ +/** + * Returns the delimeter between mailboxes: INBOX/Test, or INBOX.Test + */ function sqimap_get_delimiter ($imap_stream = false) { global $sqimap_delimiter, $optional_delimiter; @@ -631,6 +830,7 @@ function sqimap_get_delimiter ($imap_stream = false) { } else { fputs ($imap_stream, ". LIST \"INBOX\" \"\"\r\n"); $read = sqimap_read_data($imap_stream, '.', true, $a, $b); + $read = $read['.'][0]; //sqimap_read_data() now returns a tag array of response array $quote_position = strpos ($read[0], '"'); $sqimap_delimiter = substr ($read[0], $quote_position+1, 1); } @@ -638,10 +838,24 @@ function sqimap_get_delimiter ($imap_stream = false) { return $sqimap_delimiter; } +/** + * This encodes a mailbox name for use in IMAP commands. + * @param string what the mailbox to encode + * @return string the encoded mailbox string + */ +function sqimap_encode_mailbox_name($what) +{ + if (ereg("[\"\\\r\n]", $what)) + return '{' . strlen($what) . "}\r\n" . $what; /* 4.3 literal form */ + return '"' . $what . '"'; /* 4.3 quoted string form */ +} + -/* Gets the number of messages in the current mailbox. */ +/** + * Gets the number of messages in the current mailbox. + */ function sqimap_get_num_messages ($imap_stream, $mailbox) { - $read_ary = sqimap_run_command ($imap_stream, "EXAMINE \"$mailbox\"", false, $result, $message); + $read_ary = sqimap_run_command ($imap_stream, 'EXAMINE ' . sqimap_encode_mailbox_name($mailbox), false, $result, $message); for ($i = 0; $i < count($read_ary); $i++) { if (ereg("[^ ]+ +([^ ]+) +EXISTS", $read_ary[$i], $regs)) { return $regs[1]; @@ -650,7 +864,6 @@ function sqimap_get_num_messages ($imap_stream, $mailbox) { return false; //"BUG! Couldn't get number of messages in $mailbox!"; } - function parseAddress($address, $max=0) { $aTokens = array(); $aAddress = array(); @@ -658,7 +871,7 @@ function parseAddress($address, $max=0) { $aSpecials = array('(' ,'<' ,',' ,';' ,':'); $aReplace = array(' (',' <',' ,',' ;',' :'); $address = str_replace($aSpecials,$aReplace,$address); - $i = 0; + $i = $iAddrFound = $bGroup = 0; while ($i < $iCnt) { $cChar = $address{$i}; switch($cChar) @@ -677,6 +890,18 @@ function parseAddress($address, $max=0) { break; case '"': $iEnd = strpos($address,$cChar,$i+1); + if ($iEnd) { + // skip escaped quotes + $prev_char = $address{$iEnd-1}; + while ($prev_char === '\\' && substr($address,$iEnd-2,2) !== '\\\\') { + $iEnd = strpos($address,$cChar,$iEnd+1); + if ($iEnd) { + $prev_char = $address{$iEnd-1}; + } else { + $prev_char = false; + } + } + } if (!$iEnd) { $sToken = substr($address,$i); $i = $iCnt; @@ -701,8 +926,21 @@ function parseAddress($address, $max=0) { $aTokens[] = $sToken; break; case ',': + ++$iAddrFound; case ';': - case ';': + if (!$bGroup) { + ++$iAddrFound; + } else { + $bGroup = false; + } + if ($max && $max == $iAddrFound) { + break 2; + } else { + $aTokens[] = $cChar; + break; + } + case ':': + $bGroup = true; case ' ': $aTokens[] = $cChar; break; @@ -796,12 +1034,11 @@ function parseAddress($address, $max=0) { } - -/* - * Returns the number of unseen messages in this folder +/** + * Returns the number of unseen messages in this folder. */ function sqimap_unseen_messages ($imap_stream, $mailbox) { - $read_ary = sqimap_run_command ($imap_stream, "STATUS \"$mailbox\" (UNSEEN)", false, $result, $message); + $read_ary = sqimap_run_command ($imap_stream, 'STATUS ' . sqimap_encode_mailbox_name($mailbox) . ' (UNSEEN)', false, $result, $message); $i = 0; $regs = array(false, false); while (isset($read_ary[$i])) { @@ -813,11 +1050,11 @@ function sqimap_unseen_messages ($imap_stream, $mailbox) { return $regs[1]; } -/* - * Returns the number of unseen/total messages in this folder +/** + * Returns the number of total/unseen/recent messages in this folder */ function sqimap_status_messages ($imap_stream, $mailbox) { - $read_ary = sqimap_run_command ($imap_stream, "STATUS \"$mailbox\" (MESSAGES UNSEEN RECENT)", false, $result, $message); + $read_ary = sqimap_run_command ($imap_stream, 'STATUS ' . sqimap_encode_mailbox_name($mailbox) . ' (MESSAGES UNSEEN RECENT)', false, $result, $message); $i = 0; $messages = $unseen = $recent = false; $regs = array(false,false); @@ -837,11 +1074,11 @@ function sqimap_status_messages ($imap_stream, $mailbox) { } -/* - * Saves a message to a given folder -- used for saving sent messages +/** + * Saves a message to a given folder -- used for saving sent messages */ function sqimap_append ($imap_stream, $sent_folder, $length) { - fputs ($imap_stream, sqimap_session_id() . " APPEND \"$sent_folder\" (\\Seen) \{$length}\r\n"); + fputs ($imap_stream, sqimap_session_id() . ' APPEND ' . sqimap_encode_mailbox_name($sent_folder) . " (\\Seen) \{$length}\r\n"); $tmp = fgets ($imap_stream, 1024); } @@ -886,11 +1123,12 @@ function sqimap_get_user_server ($imap_server, $username) { return $function($username); } -/* This is an example that gets imapservers from yellowpages (NIS). +/** + * This is an example that gets imapservers from yellowpages (NIS). * you can simple put map:map_yp_alias in your $imap_server_address * in config.php use your own function instead map_yp_alias to map your - * LDAP whatever way to find the users imapserver. */ - + * LDAP whatever way to find the users imapserver. + */ function map_yp_alias($username) { $yp = `ypmatch $username aliases`; return chop(substr($yp, strlen($username)+1));