X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Fimap_general.php;h=511161bf46572ea0d467551a414b9332447b7e6d;hp=72d725667739cd7f9cb21da94a7f189ed224cd9f;hb=d5c472f16d5aa03b3f69dc1e985299cd53c2fb77;hpb=8813fb150d0c0d643e3752c2ba282aed5479a382 diff --git a/functions/imap_general.php b/functions/imap_general.php index 72d72566..511161bf 100755 --- a/functions/imap_general.php +++ b/functions/imap_general.php @@ -3,256 +3,708 @@ /** * imap_general.php * - * Copyright (c) 1999-2002 The SquirrelMail Project Team + * Copyright (c) 1999-2004 The SquirrelMail Project Team * Licensed under the GNU GPL. For full terms see the file COPYING. * * This implements all functions that do general imap functions. * - * $Id$ + * @version $Id$ + * @package squirrelmail + * @subpackage imap */ +/** Includes.. */ require_once(SM_PATH . 'functions/page_header.php'); +require_once(SM_PATH . 'functions/auth.php'); -global $sqimap_session_id; -$sqimap_session_id = 1; -/* Sets an unique session id in order to avoid simultanous sessions crash. */ -function sqimap_session_id($unique_id = false) { - global $data_dir, $username, $sqimap_session_id; +/** + * Generates a new session ID by incrementing the last one used; + * this ensures that each command has a unique ID. + * @param bool unique_id + * @return string IMAP session id of the form 'A000'. + */ +function sqimap_session_id($unique_id = FALSE) { + static $sqimap_session_id = 1; + if (!$unique_id) { - return( sprintf("A%03d", $sqimap_session_id++) ); + return( sprintf("A%03d", $sqimap_session_id++) ); } else { - return( sprintf("A%03d", $sqimap_session_id++) . ' UID' ); + return( sprintf("A%03d", $sqimap_session_id++) . ' UID' ); } } -/* +/** * Both send a command and accept the result from the command. * This is to allow proper session number handling. */ function sqimap_run_command_list ($imap_stream, $query, $handle_errors, &$response, &$message, $unique_id = false) { if ($imap_stream) { - $sid = sqimap_session_id($unique_id); - fputs ($imap_stream, $sid . ' ' . $query . "\r\n"); - $read = sqimap_read_data_list ($imap_stream, $sid, $handle_errors, $response, $message, $query ); - return $read; + $sid = sqimap_session_id($unique_id); + fputs ($imap_stream, $sid . ' ' . $query . "\r\n"); + $tag_uid_a = explode(' ',trim($sid)); + $tag = $tag_uid_a[0]; + $read = sqimap_retrieve_imap_response ($imap_stream, $tag, $handle_errors, $response, $message, $query ); + /* get the response and the message */ + $message = $message[$tag]; + $response = $response[$tag]; + return $read[$tag]; } else { global $squirrelmail_language, $color; set_up_language($squirrelmail_language); require_once(SM_PATH . 'functions/display_messages.php'); - $string = "\n" . + $string = "\n" . _("ERROR : No available imapstream.") . "\n"; error_box($string,$color); - return false; + return false; } - } -function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response, &$message, $unique_id = false) { +function sqimap_run_command ($imap_stream, $query, $handle_errors, &$response, + &$message, $unique_id = false,$filter=false, + $outputstream=false,$no_return=false) { if ($imap_stream) { $sid = sqimap_session_id($unique_id); - fputs ($imap_stream, $sid . ' ' . $query . "\r\n"); - $read = sqimap_read_data ($imap_stream, $sid, $handle_errors, $response, $message, $query); - return $read; + fputs ($imap_stream, $sid . ' ' . $query . "\r\n"); + $tag_uid_a = explode(' ',trim($sid)); + $tag = $tag_uid_a[0]; + + $read = sqimap_read_data ($imap_stream, $tag, $handle_errors, $response, + $message, $query,$filter,$outputstream,$no_return); + if (empty($read)) { //Imap server dropped its connection + $response = ''; + $message = ''; + return false; + } + /* retrieve the response and the message */ + $response = $response[$tag]; + $message = $message[$tag]; + + if (!empty($read[$tag])) { + return $read[$tag][0]; + } else { + return $read[$tag]; + } } else { global $squirrelmail_language, $color; set_up_language($squirrelmail_language); require_once(SM_PATH . 'functions/display_messages.php'); - $string = "\n" . + $string = "\n" . _("ERROR : No available imapstream.") . "\n"; error_box($string,$color); - return false; + return false; } - } +function sqimap_prepare_pipelined_query($new_query,&$tag,&$aQuery,$unique_id) { + $sid = sqimap_session_id($unique_id); + $tag_uid_a = explode(' ',trim($sid)); + $tag = $tag_uid_a[0]; + $query = $sid . ' '.$new_query."\r\n"; + $aQuery[$tag] = $query; +} -/* - * custom fgets function. gets a line from IMAP - * no matter how big it may be - */ +function sqimap_run_pipelined_command ($imap_stream, $aQueryList, $handle_errors, + &$aServerResponse, &$aServerMessage, $unique_id = false, + $filter=false,$outputstream=false,$no_return=false) { + $aResponse = false; + + /* + Do not fire all calls at once to the imap-server but split the calls up + in portions of $iChunkSize. If we do not do that I think we misbehave as + IMAP client or should handle BYE calls if the IMAP-server drops the + connection because the number of queries is to large. This isn't tested + but a wild guess how it could work in the field. + + After testing it on Exchange 2000 we discovered that a chunksize of 32 + was quicker then when we raised it to 128. + */ + $iQueryCount = count($aQueryList); + $iChunkSize = 32; + // array_chunk would also do the job but it's supported from php > 4.2 + $aQueryChunks = array(); + $iLoops = floor($iQueryCount / $iChunkSize); + + if ($iLoops * $iChunkSize != $iQueryCount) ++$iLoops; + + if (!function_exists('array_chunk')) { // arraychunk replacement + reset($aQueryList); + for($i=0;$i<$iLoops;++$i) { + for($j=0;$j<$iChunkSize;++$j) { + $key = key($aQueryList); + $aTmp[$key] = $aQueryList[$key]; + if (next($aQueryList) === false) break; + } + $aQueryChunks[] = $aTmp; + } + } else { + $aQueryChunks = array_chunk($aQueryList,$iChunkSize,true); + } + for ($i=0;$i<$iLoops;++$i) { + $aQuery = $aQueryChunks[$i]; + foreach($aQuery as $tag => $query) { + fputs($imap_stream,$query); + $aResults[$tag] = false; + } + foreach($aQuery as $tag => $query) { + if ($aResults[$tag] == false) { + $aReturnedResponse = sqimap_retrieve_imap_response ($imap_stream, $tag, + $handle_errors, $response, $message, $query, + $filter,$outputstream,$no_return); + foreach ($aReturnedResponse as $returned_tag => $aResponse) { + if (!empty($aResponse)) { + $aResults[$returned_tag] = $aResponse[0]; + } else { + $aResults[$returned_tag] = $aResponse; + } + $aServerResponse[$returned_tag] = $response[$returned_tag]; + $aServerMessage[$returned_tag] = $message[$returned_tag]; + } + } + } + } + return $aResults; +} + +/** + * Custom fgets function: gets a line from the IMAP-server, + * no matter how big it may be. + * @param stream imap_stream the stream to read from + * @return string a line + */ function sqimap_fgets($imap_stream) { $read = ''; $buffer = 4096; $results = ''; - while (strpos($read, "\n") === false) { + $offset = 0; + while (strpos($results, "\r\n", $offset) === false) { if (!($read = fgets($imap_stream, $buffer))) { + /* this happens in case of an error */ + /* reset $results because it's useless */ + $results = false; break; } + if ( $results != '' ) { + $offset = strlen($results) - 1; + } $results .= $read; } return $results; } -/* +function sqimap_fread($imap_stream,$iSize,$filter=false, + $outputstream=false, $no_return=false) { + if (!$filter || !$outputstream) { + $iBufferSize = $iSize; + } else { + // see php bug 24033. They changed fread behaviour %$^&$% + $iBufferSize = 7800; // multiple of 78 in case of base64 decoding. + } + if ($iSize < $iBufferSize) { + $iBufferSize = $iSize; + } + + $iRetrieved = 0; + $results = ''; + $sRead = $sReadRem = ''; + // NB: fread can also stop at end of a packet on sockets. + while ($iRetrieved < $iSize) { + $sRead = fread($imap_stream,$iBufferSize); + $iLength = strlen($sRead); + $iRetrieved += $iLength ; + $iRemaining = $iSize - $iRetrieved; + if ($iRemaining < $iBufferSize) { + $iBufferSize = $iRemaining; + } + if (!$sRead) { + $results = false; + break; + } + if ($sReadRem) { + $sRead = $sReadRem . $sRead; + $sReadRem = ''; + } + + if ($filter && $sRead) { + // in case the filter is base64 decoding we return a remainder + $sReadRem = $filter($sRead); + } + if ($outputstream && $sRead) { + if (is_resource($outputstream)) { + fwrite($outputstream,$sRead); + } else if ($outputstream == 'php://stdout') { + echo $sRead; + } + } + if ($no_return) { + $sRead = ''; + } else { + $results .= $sRead; + } + } + return $results; +} + + +/** + * Obsolete function, inform plugins that use it + * @deprecated use sqimap_run_command or sqimap_run_command_list instead + */ +function sqimap_read_data_list($imap_stream, $tag, $handle_errors, + &$response, &$message, $query = '') { + global $color, $squirrelmail_language; + set_up_language($squirrelmail_language); + require_once(SM_PATH . 'functions/display_messages.php'); + $string = "\n" . + _("ERROR : Bad function call.") . + "
\n" . + _("Reason:") . ' '. + 'There is a plugin installed which make use of the
' . + 'SquirrelMail internal function sqimap_read_data_list.
'. + 'Please adapt the installed plugin and let it use
'. + 'sqimap_run_command or sqimap_run_command_list instead

'. + 'The following query was issued:
'. + htmlspecialchars($query) . '
' . "
\n"; + error_box($string,$color); + echo ''; + exit; +} + +/** + * Function to display an error related to an IMAP-query. + * @param string title the caption of the error box + * @param string query the query that went wrong + * @param string message_title optional message title + * @param string message optional error message + * @param string $link an optional link to try again + * @return void + */ +function sqimap_error_box($title, $query = '', $message_title = '', $message = '', $link = '') +{ + global $color, $squirrelmail_language; + + set_up_language($squirrelmail_language); + require_once(SM_PATH . 'functions/display_messages.php'); + $string = "\n" . $title . "
\n"; + $cmd = explode(' ',$query); + $cmd= strtolower($cmd[0]); + + if ($query != '' && $cmd != 'login') + $string .= _("Query:") . ' ' . htmlspecialchars($query) . '
'; + if ($message_title != '') + $string .= $message_title; + if ($message != '') + $string .= htmlspecialchars($message); + $string .= "
\n"; + if ($link != '') + $string .= $link; + error_box($string,$color); +} + +/** * Reads the output from the IMAP stream. If handle_errors is set to true, * this will also handle all errors that are received. If it is not set, - * the errors will be sent back through $response and $message + * the errors will be sent back through $response and $message. */ - -function sqimap_read_data_list ($imap_stream, $pre, $handle_errors, &$response, &$message, $query = '') { +function sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors, + &$response, &$message, $query = '', + $filter = false, $outputstream = false, $no_return = false) { global $color, $squirrelmail_language; $read = ''; - $pre_a = explode(' ',trim($pre)); - $pre = $pre_a[0]; + if (!is_array($message)) $message = array(); + if (!is_array($response)) $response = array(); + $aResponse = ''; $resultlist = array(); $data = array(); $read = sqimap_fgets($imap_stream); - while (1) { - switch (true) { - case preg_match("/^$pre (OK|BAD|NO)(.*)$/", $read, $regs): - case preg_match('/^\* (BYE \[ALERT\])(.*)$/', $read, $regs): - $response = $regs[1]; - $message = trim($regs[2]); - break 2; - case preg_match("/^\* (OK \[PARSE\])(.*)$/", $read): - $read = sqimap_fgets($imap_stream); - break 1; - case preg_match('/^\* ([0-9]+) FETCH.*/', $read, $regs): - $fetch_data = array(); - $fetch_data[] = $read; - $read = sqimap_fgets($imap_stream); - while (!preg_match('/^\* [0-9]+ FETCH.*/', $read) && - !preg_match("/^$pre (OK|BAD|NO)(.*)$/", $read)) { - $fetch_data[] = $read; - $last = $read; - $read = sqimap_fgets($imap_stream); - } - if (isset($last) && preg_match('/^\)/', $last)) { - array_pop($fetch_data); + $i = $k = 0; + while ($read) { + $char = $read{0}; + switch ($char) + { + case '+': + default: + $read = sqimap_fgets($imap_stream); + break; + + case $tag{0}: + { + /* get the command */ + $arg = ''; + $i = strlen($tag)+1; + $s = substr($read,$i); + if (($j = strpos($s,' ')) || ($j = strpos($s,"\n"))) { + $arg = substr($s,0,$j); + } + $found_tag = substr($read,0,$i-1); + if ($found_tag) { + switch ($arg) + { + case 'OK': + case 'BAD': + case 'NO': + case 'BYE': + case 'PREAUTH': + $response[$found_tag] = $arg; + $message[$found_tag] = trim(substr($read,$i+strlen($arg))); + if (!empty($data)) { + $resultlist[] = $data; + } + $aResponse[$found_tag] = $resultlist; + $data = $resultlist = array(); + if ($found_tag == $tag) { + break 3; /* switch switch while */ + } + break; + default: + /* this shouldn't happen */ + $response[$found_tag] = $arg; + $message[$found_tag] = trim(substr($read,$i+strlen($arg))); + if (!empty($data)) { + $resultlist[] = $data; + } + $aResponse[$found_tag] = $resultlist; + $data = $resultlist = array(); + if ($found_tag == $tag) { + break 3; /* switch switch while */ + } } + } + $read = sqimap_fgets($imap_stream); + if ($read === false) { /* error */ + break 3; /* switch switch while */ + } + break; + } // end case $tag{0} + + case '*': + { + if (preg_match('/^\*\s\d+\sFETCH/',$read)) { + /* check for literal */ + $s = substr($read,-3); + $fetch_data = array(); + do { /* outer loop, continue until next untagged fetch + or tagged reponse */ + do { /* innerloop for fetching literals. with this loop + we prohibid that literal responses appear in the + outer loop so we can trust the untagged and + tagged info provided by $read */ + if ($s === "}\r\n") { + $j = strrpos($read,'{'); + $iLit = substr($read,$j+1,-3); + $fetch_data[] = $read; + $sLiteral = sqimap_fread($imap_stream,$iLit,$filter,$outputstream,$no_return); + if ($sLiteral === false) { /* error */ + break 4; /* while while switch while */ + } + /* backwards compattibility */ + $aLiteral = explode("\n", $sLiteral); + /* release not neaded data */ + unset($sLiteral); + foreach ($aLiteral as $line) { + $fetch_data[] = $line ."\n"; + } + /* release not neaded data */ + unset($aLiteral); + /* next fgets belongs to this fetch because + we just got the exact literalsize and there + must follow data to complete the response */ + $read = sqimap_fgets($imap_stream); + if ($read === false) { /* error */ + break 4; /* while while switch while */ + } + $fetch_data[] = $read; + } else { + $fetch_data[] = $read; + } + /* retrieve next line and check in the while + statements if it belongs to this fetch response */ + $read = sqimap_fgets($imap_stream); + if ($read === false) { /* error */ + break 4; /* while while switch while */ + } + /* check for next untagged reponse and break */ + if ($read{0} == '*') break 2; + $s = substr($read,-3); + } while ($s === "}\r\n"); + $s = substr($read,-3); + } while ($read{0} !== '*' && + substr($read,0,strlen($tag)) !== $tag); $resultlist[] = $fetch_data; + /* release not neaded data */ + unset ($fetch_data); + } else { + $s = substr($read,-3); + do { + if ($s === "}\r\n") { + $j = strrpos($read,'{'); + $iLit = substr($read,$j+1,-3); + $data[] = $read; + $sLiteral = fread($imap_stream,$iLit); + if ($sLiteral === false) { /* error */ + $read = false; + break 3; /* while switch while */ + } + $data[] = $sLiteral; + $data[] = sqimap_fgets($imap_stream); + } else { + $data[] = $read; + } + $read = sqimap_fgets($imap_stream); + if ($read === false) { + break 3; /* while switch while */ + } else if ($read{0} == '*') { + break; + } + $s = substr($read,-3); + } while ($s === "}\r\n"); break 1; - default: - $data[] = $read; - $read = sqimap_fgets($imap_stream); - break 1; + } + break; + } // end case '*' + } // end switch + } // end while + + /* error processing in case $read is false */ + if ($read === false) { + // try to retrieve an untagged bye respons from the results + $sResponse = array_pop($data); + if ($sResponse !== NULL && strpos($sResponse,'* BYE') !== false) { + if (!$handle_errors) { + $query = ''; + } + sqimap_error_box(_("ERROR : Imap server closed the connection."), $query, _("Server responded:"),$sResponse); + echo ''; + exit; + } else if ($handle_errors) { + unset($data); + sqimap_error_box(_("ERROR : Connection dropped by imap-server."), $query); + exit; } } + + /* Set $resultlist array */ if (!empty($data)) { - $resultlist[] = $data; + //$resultlist[] = $data; } elseif (empty($resultlist)) { - $resultlist[] = array(); + $resultlist[] = array(); } + + /* Return result or handle errors */ if ($handle_errors == false) { - return( $resultlist ); - } - elseif ($response == 'NO') { - /* ignore this error from M$ exchange, it is not fatal (aka bug) */ - if (strstr($message, 'command resulted in') === false) { - set_up_language($squirrelmail_language); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = "\n" . - _("ERROR : Could not complete request.") . - "
\n" . - _("Query:") . - $query . '
' . - _("Reason Given: ") . - $message . "
\n"; - error_box($string,$color); + return $aResponse; + } + switch ($response[$tag]) { + case 'OK': + return $aResponse; + break; + case 'NO': + /* ignore this error from M$ exchange, it is not fatal (aka bug) */ + if (strstr($message[$tag], 'command resulted in') === false) { + sqimap_error_box(_("ERROR : Could not complete request."), $query, _("Reason Given: "), $message[$tag]); + echo ''; exit; } - } - elseif ($response == 'BAD') { - set_up_language($squirrelmail_language); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = "\n" . - _("ERROR : Bad or malformed request.") . - "
\n" . - _("Query:") . - $query . '
' . - _("Server responded: ") . - $message . "
\n"; - error_box($string,$color); + break; + case 'BAD': + sqimap_error_box(_("ERROR : Bad or malformed request."), $query, _("Server responded: "), $message[$tag]); + echo ''; + exit; + case 'BYE': + sqimap_error_box(_("ERROR : Imap server closed the connection."), $query, _("Server responded: "), $message[$tag]); + echo ''; exit; - } - else { - return $resultlist; + default: + sqimap_error_box(_("ERROR : Unknown imap response."), $query, _("Server responded: "), $message[$tag]); + /* the error is displayed but because we don't know the reponse we + return the result anyway */ + return $aResponse; + break; } } -function sqimap_read_data ($imap_stream, $pre, $handle_errors, &$response, &$message, $query = '') { - $res = sqimap_read_data_list($imap_stream, $pre, $handle_errors, $response, $message, $query); - - /* sqimap_read_data should be called for one response - but since it just calls sqimap_read_data_list which - handles multiple responses we need to check for that - and merge the $res array IF they are seperated and - IF it was a FETCH response. */ - - if (isset($res[1]) && is_array($res[1]) && isset($res[1][0]) - && preg_match('/^\* \d+ FETCH/', $res[1][0])) { - $result = array(); - foreach($res as $index=>$value) { - $result = array_merge($result, $res["$index"]); +function sqimap_read_data ($imap_stream, $tag_uid, $handle_errors, + &$response, &$message, $query = '', + $filter=false,$outputstream=false,$no_return=false) { + + $tag_uid_a = explode(' ',trim($tag_uid)); + $tag = $tag_uid_a[0]; + + $res = sqimap_retrieve_imap_response($imap_stream, $tag, $handle_errors, + $response, $message, $query,$filter,$outputstream,$no_return); + return $res; +} + +/** + * Connects to the IMAP server and returns a resource identifier for use with + * the other SquirrelMail IMAP functions. Does NOT login! + * @param string server hostname of IMAP server + * @param int port port number to connect to + * @param bool tls whether to use TLS when connecting. + * @return imap-stream resource identifier + */ +function sqimap_create_stream($server,$port,$tls=false) { + global $username, $use_imap_tls; + + if ($tls == true) { + if ((check_php_version(4,3)) and (extension_loaded('openssl'))) { + /* Use TLS by prefixing "tls://" to the hostname */ + $server = 'tls://' . $server; + } else { + require_once(SM_PATH . 'functions/display_messages.php'); + $string = "Unable to connect to IMAP server!
TLS is enabled, but this " . + "version of PHP does not support TLS sockets, or is missing the openssl " . + "extension.

Please contact your system administrator."; + logout_error($string,$color); } } - if (isset($result)) { - return $result; - } - else { - return $res[0]; - } + $imap_stream = @fsockopen($server, $port, $error_number, $error_string, 15); + + /* Do some error correction */ + if (!$imap_stream) { + set_up_language($squirrelmail_language, true); + require_once(SM_PATH . 'functions/display_messages.php'); + $string = sprintf (_("Error connecting to IMAP server: %s.") . + "
\r\n", $server) . + "$error_number : $error_string
\r\n"; + logout_error($string,$color); + exit; + } + $server_info = fgets ($imap_stream, 1024); + return $imap_stream; } -/* +/** * Logs the user into the imap server. If $hide is set, no error messages * will be displayed. This function returns the imap connection handle. */ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $hide) { - global $color, $squirrelmail_language, $onetimepad; + global $color, $squirrelmail_language, $onetimepad, $use_imap_tls, + $imap_auth_mech, $sqimap_capabilities; + + if (!isset($onetimepad) || empty($onetimepad)) { + sqgetglobalvar('onetimepad' , $onetimepad , SQ_SESSION ); + } + if (!isset($sqimap_capabilities)) { + sqgetglobalvar('sqimap_capabilities' , $capability , SQ_SESSION ); + } + $host = $imap_server_address; $imap_server_address = sqimap_get_user_server($imap_server_address, $username); - $imap_stream = fsockopen ( $imap_server_address, $imap_port, $error_number, $error_string, 15); - if ( !$imap_stream ) { - return false; - } - $server_info = fgets ($imap_stream, 1024); + $imap_stream = sqimap_create_stream($imap_server_address,$imap_port,$use_imap_tls); /* Decrypt the password */ $password = OneTimePadDecrypt($password, $onetimepad); - /* Do some error correction */ - if (!$imap_stream) { - if (!$hide) { - set_up_language($squirrelmail_language, true); - require_once(SM_PATH . 'functions/display_messages.php'); - $string = sprintf (_("Error connecting to IMAP server: %s.") . - "
\r\n", $imap_server_address) . - "$error_number : $error_string
\r\n"; - error_box($string,$color); + if (($imap_auth_mech == 'cram-md5') OR ($imap_auth_mech == 'digest-md5')) { + // We're using some sort of authentication OTHER than plain or login + $tag=sqimap_session_id(false); + if ($imap_auth_mech == 'digest-md5') { + $query = $tag . " AUTHENTICATE DIGEST-MD5\r\n"; + } elseif ($imap_auth_mech == 'cram-md5') { + $query = $tag . " AUTHENTICATE CRAM-MD5\r\n"; } - exit; + fputs($imap_stream,$query); + $answer=sqimap_fgets($imap_stream); + // Trim the "+ " off the front + $response=explode(" ",$answer,3); + if ($response[0] == '+') { + // Got a challenge back + $challenge=$response[1]; + if ($imap_auth_mech == 'digest-md5') { + $reply = digest_md5_response($username,$password,$challenge,'imap',$host); + } elseif ($imap_auth_mech == 'cram-md5') { + $reply = cram_md5_response($username,$password,$challenge); + } + fputs($imap_stream,$reply); + $read=sqimap_fgets($imap_stream); + if ($imap_auth_mech == 'digest-md5') { + // DIGEST-MD5 has an extra step.. + if (substr($read,0,1) == '+') { // OK so far.. + fputs($imap_stream,"\r\n"); + $read=sqimap_fgets($imap_stream); + } + } + $results=explode(" ",$read,3); + $response=$results[1]; + $message=$results[2]; + } else { + // Fake the response, so the error trap at the bottom will work + $response="BAD"; + $message='IMAP server does not appear to support the authentication method selected.'; + $message .= ' Please contact your system administrator.'; + } + } elseif ($imap_auth_mech == 'login') { + // Original IMAP login code + $query = 'LOGIN "' . quoteimap($username) . '" "' . quoteimap($password) . '"'; + $read = sqimap_run_command ($imap_stream, $query, false, $response, $message); + } elseif ($imap_auth_mech == 'plain') { + /*** + * SASL PLAIN + * + * RFC 2595 Chapter 6 + * + * The mechanism consists of a single message from the client to the + * server. The client sends the authorization identity (identity to + * login as), followed by a US-ASCII NUL character, followed by the + * authentication identity (identity whose password will be used), + * followed by a US-ASCII NUL character, followed by the clear-text + * password. The client may leave the authorization identity empty to + * indicate that it is the same as the authentication identity. + * + **/ + $tag=sqimap_session_id(false); + $sasl = (isset($capability['SASL-IR']) && $capability['SASL-IR']) ? true : false; + $auth = base64_encode("$username\0$username\0$password"); + if ($sasl) { + // IMAP Extension for SASL Initial Client Response + // + $query = $tag . " AUTHENTICATE PLAIN $auth\r\n"; + fputs($imap_stream, $query); + $read = sqimap_fgets($imap_stream); + } else { + $query = $tag . " AUTHENTICATE PLAIN\r\n"; + fputs($imap_stream, $query); + $read=sqimap_fgets($imap_stream); + if (substr($read,0,1) == '+') { // OK so far.. + fputs($imap_stream, "$auth\r\n"); + $read = sqimap_fgets($imap_stream); + } + } + $results=explode(" ",$read,3); + $response=$results[1]; + $message=$results[2]; + } else { + $response="BAD"; + $message="Internal SquirrelMail error - unknown IMAP authentication method chosen. Please contact the developers."; } - $query = 'LOGIN "' . quoteIMAP($username) . '" "' . quoteIMAP($password) . '"'; - $read = sqimap_run_command ($imap_stream, $query, false, $response, $message); - /* If the connection was not successful, lets see why */ if ($response != 'OK') { if (!$hide) { if ($response != 'NO') { /* "BAD" and anything else gets reported here. */ + $message = htmlspecialchars($message); set_up_language($squirrelmail_language, true); - require_once(SM_PATH . 'functions/display_messages.php'); + require_once(SM_PATH . 'functions/display_messages.php'); if ($response == 'BAD') { - $string = sprintf (_("Bad request: %s")."
\r\n", $message); + $string = sprintf (_("Bad request: %s")."
\r\n", $message); } else { - $string = sprintf (_("Unknown error: %s") . "
\n", $message); + $string = sprintf (_("Unknown error: %s") . "
\n", $message); } - $string .= '
' . _("Read data:") . "
\n"; - if (is_array($read)) { + if (isset($read) && is_array($read)) { + $string .= '
' . _("Read data:") . "
\n"; foreach ($read as $line) { - $string .= htmlspecialchars($line) . "
\n"; + $string .= htmlspecialchars($line) . "
\n"; } } - error_box($string,$color); + error_box($string,$color); exit; } else { /* @@ -265,10 +717,12 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $ * $squirrelmail_language is set by a cookie when * the user selects language and logs out */ - + set_up_language($squirrelmail_language, true); include_once(SM_PATH . 'functions/display_messages.php' ); - sqsession_destroy(); + sqsession_destroy(); + /* terminate the session nicely */ + sqimap_logout($imap_stream); logout_error( _("Unknown user or password incorrect.") ); exit; } @@ -279,7 +733,11 @@ function sqimap_login ($username, $password, $imap_server_address, $imap_port, $ return $imap_stream; } -/* Simply logs out the IMAP session */ +/** + * Simply logs out the IMAP session + * @param stream imap_stream the IMAP connection to log out. + * @return void + */ function sqimap_logout ($imap_stream) { /* Logout is not valid until the server returns 'BYE' * If we don't have an imap_ stream we're already logged out */ @@ -287,6 +745,11 @@ function sqimap_logout ($imap_stream) { sqimap_run_command($imap_stream, 'LOGOUT', false, $response, $message); } +/** + * Retreive the CAPABILITY string from the IMAP server. + * If capability is set, returns only that specific capability, + * else returns array of all capabilities. + */ function sqimap_capability($imap_stream, $capability='') { global $sqimap_capabilities; if (!is_array($sqimap_capabilities)) { @@ -296,6 +759,8 @@ function sqimap_capability($imap_stream, $capability='') { for ($i=2; $i < count($c); $i++) { $cap_list = explode('=', $c[$i]); if (isset($cap_list[1])) { + // FIX ME. capabilities can occure multiple times. + // THREAD=REFERENCES THREAD=ORDEREDSUBJECT $sqimap_capabilities[$cap_list[0]] = $cap_list[1]; } else { $sqimap_capabilities[$cap_list[0]] = TRUE; @@ -303,16 +768,18 @@ function sqimap_capability($imap_stream, $capability='') { } } if ($capability) { - if (isset($sqimap_capabilities[$capability])) { - return $sqimap_capabilities[$capability]; - } else { - return false; - } + if (isset($sqimap_capabilities[$capability])) { + return $sqimap_capabilities[$capability]; + } else { + return false; + } } return $sqimap_capabilities; } -/* Returns the delimeter between mailboxes: INBOX/Test, or INBOX.Test */ +/** + * Returns the delimeter between mailboxes: INBOX/Test, or INBOX.Test + */ function sqimap_get_delimiter ($imap_stream = false) { global $sqimap_delimiter, $optional_delimiter; @@ -350,6 +817,7 @@ function sqimap_get_delimiter ($imap_stream = false) { } else { fputs ($imap_stream, ". LIST \"INBOX\" \"\"\r\n"); $read = sqimap_read_data($imap_stream, '.', true, $a, $b); + $read = $read['.'][0]; //sqimap_read_data() now returns a tag array of response array $quote_position = strpos ($read[0], '"'); $sqimap_delimiter = substr ($read[0], $quote_position+1, 1); } @@ -357,10 +825,25 @@ function sqimap_get_delimiter ($imap_stream = false) { return $sqimap_delimiter; } +/** + * This encodes a mailbox name for use in IMAP commands. + * @param string what the mailbox to encode + * @return string the encoded mailbox string + */ +function sqimap_encode_mailbox_name($what) +{ + if (ereg("[\"\\\r\n]", $what)) + return '{' . strlen($what) . "}\r\n" . $what; /* 4.3 literal form */ + return '"' . $what . '"'; /* 4.3 quoted string form */ +} -/* Gets the number of messages in the current mailbox. */ +/** + * Gets the number of messages in the current mailbox. + * + * OBSOLETE use sqimap_status_messages instead. + */ function sqimap_get_num_messages ($imap_stream, $mailbox) { - $read_ary = sqimap_run_command ($imap_stream, "EXAMINE \"$mailbox\"", false, $result, $message); + $read_ary = sqimap_run_command ($imap_stream, 'EXAMINE ' . sqimap_encode_mailbox_name($mailbox), false, $result, $message); for ($i = 0; $i < count($read_ary); $i++) { if (ereg("[^ ]+ +([^ ]+) +EXISTS", $read_ary[$i], $regs)) { return $regs[1]; @@ -368,108 +851,90 @@ function sqimap_get_num_messages ($imap_stream, $mailbox) { } return false; //"BUG! Couldn't get number of messages in $mailbox!"; } +include_once(SM_PATH . 'functions/rfc822address.php'); - -/* Returns a displayable email address. - * Luke Ehresman - * "Luke Ehresman" - * - * lehresma@css.tayloru.edu (Luke Ehresman) - * lehresma@css.tayloru.edu - * becomes: lehresma@css.tayloru.edu +/** + * OBSOLETE FUNCTION should be removed after mailbox_display, + * printMessage function is adapted */ -function sqimap_find_email ($string) { - if (ereg("<([^>]+)>", $string, $regs)) { - $string = $regs[1]; - } else if (ereg("([^ ]+@[^ ]+)", $string, $regs)) { - $string = $regs[1]; - } - return trim($string); +function parseAddress($address, $max=0) { + $aAddress = parseRFC822Address($address,array('limit'=> $max)); + /* + * Because the expected format of the array element is changed we adapt it now. + * This also implies that this function is obsolete and should be removed after the + * rest of the source is adapted. See Rfc822Address.php for the new function. + */ + array_walk($aAddress, '_adaptAddress'); + return $aAddress; } - -/* - * Takes the From: field and creates a displayable name. - * Luke Ehresman - * "Luke Ehresman" - * lkehresman@yahoo.com (Luke Ehresman) - * becomes: Luke Ehresman - * - * becomes: lkehresman@yahoo.com +/** + * OBSOLETE FUNCTION should be removed after mailbox_display, + * printMessage function is adapted */ -function sqimap_find_displayable_name ($string) { - $string = trim($string); - - if ( ereg('^(.+)<.*>', $string, $regs) ) { - $orig_string = $string; - $string = str_replace ('"', '', $regs[1] ); - if (trim($string) == '') { - $string = sqimap_find_email($orig_string); - } - if( $string == '' || $string == ' ' ){ - $string = ' '; - } - } - elseif ( ereg('\((.*)\)', $string, $regs) ) { - if( ( $regs[1] == '' ) || ( $regs[1] == ' ' ) ){ - if ( ereg('^(.+) \(', $string, $regs) ) { - $string = ereg_replace( ' \(\)$', '', $string ); - } else { - $string = ' '; - } - } else { - $string = $regs[1]; - } - } - else { - $string = str_replace ('"', '', sqimap_find_email($string)); - } - - return trim($string); +function _adaptAddress(&$aAddr,$k) { + $sPersonal = (isset($aAddr[SQM_ADDR_PERSONAL]) && $aAddr[SQM_ADDR_PERSONAL]) ? + $aAddr[SQM_ADDR_PERSONAL] : ''; + $sEmail = ($aAddr[SQM_ADDR_HOST]) ? + $aAddr[SQM_ADDR_MAILBOX] . '@'.$aAddr[SQM_ADDR_HOST] : + $aAddr[SQM_ADDR_MAILBOX]; + $aAddr = array($sEmail,$sPersonal); } -/* - * Returns the number of unseen messages in this folder +/** + * Returns the number of unseen messages in this folder. + * obsoleted by sqimap_status_messages ! */ function sqimap_unseen_messages ($imap_stream, $mailbox) { - $read_ary = sqimap_run_command ($imap_stream, "STATUS \"$mailbox\" (UNSEEN)", false, $result, $message); - $i = 0; - $regs = array(false, false); - while (isset($read_ary[$i])) { - if (ereg("UNSEEN ([0-9]+)", $read_ary[$i], $regs)) { - break; - } - $i++; - } - return $regs[1]; + $aStatus = sqimap_status_messages($imap_stream,$mailbox,array('UNSEEN')); + return $aStatus['UNSEEN']; } -/* - * Returns the number of unseen/total messages in this folder +/** + * Returns the status items of a mailbox. + * Default it returns MESSAGES,UNSEEN and RECENT + * Supported status items are MESSAGES, UNSEEN, RECENT, UIDNEXT and UIDVALIDITY */ -function sqimap_status_messages ($imap_stream, $mailbox) { - $read_ary = sqimap_run_command ($imap_stream, "STATUS \"$mailbox\" (MESSAGES UNSEEN)", false, $result, $message); +function sqimap_status_messages ($imap_stream, $mailbox, + $aStatusItems = array('MESSAGES','UNSEEN','RECENT')) { + + $aStatusItems = implode(' ',$aStatusItems); + $read_ary = sqimap_run_command ($imap_stream, 'STATUS ' . sqimap_encode_mailbox_name($mailbox) . + " ($aStatusItems)", false, $result, $message); $i = 0; - $messages = $unseen = false; + $messages = $unseen = $recent = $uidnext = $uidvalidity = false; $regs = array(false,false); while (isset($read_ary[$i])) { if (preg_match('/UNSEEN\s+([0-9]+)/i', $read_ary[$i], $regs)) { - $unseen = $regs[1]; - } + $unseen = $regs[1]; + } if (preg_match('/MESSAGES\s+([0-9]+)/i', $read_ary[$i], $regs)) { - $messages = $regs[1]; - } + $messages = $regs[1]; + } + if (preg_match('/RECENT\s+([0-9]+)/i', $read_ary[$i], $regs)) { + $recent = $regs[1]; + } + if (preg_match('/UIDNEXT\s+([0-9]+)/i', $read_ary[$i], $regs)) { + $uidnext = $regs[1]; + } + if (preg_match('/UIDVALIDITY\s+([0-9]+)/i', $read_ary[$i], $regs)) { + $uidvalidity = $regs[1]; + } $i++; } - return array('MESSAGES' => $messages, 'UNSEEN'=>$unseen); + return array('MESSAGES' => $messages, + 'UNSEEN'=>$unseen, + 'RECENT' => $recent, + 'UIDNEXT' => $uidnext, + 'UIDVALIDITY' => $uidvalidity); } -/* - * Saves a message to a given folder -- used for saving sent messages +/** + * Saves a message to a given folder -- used for saving sent messages */ function sqimap_append ($imap_stream, $sent_folder, $length) { - fputs ($imap_stream, sqimap_session_id() . " APPEND \"$sent_folder\" (\\Seen) \{$length}\r\n"); + fputs ($imap_stream, sqimap_session_id() . ' APPEND ' . sqimap_encode_mailbox_name($sent_folder) . " (\\Seen) \{$length}\r\n"); $tmp = fgets ($imap_stream, 1024); } @@ -480,29 +945,29 @@ function sqimap_append_done ($imap_stream, $folder='') { if (preg_match("/(.*)(BAD|NO)(.*)$/", $tmp, $regs)) { set_up_language($squirrelmail_language); require_once(SM_PATH . 'functions/display_messages.php'); - $reason = $regs[3]; - if ($regs[2] == 'NO') { - $string = "\n" . - _("ERROR : Could not append message to") ." $folder." . - "
\n" . - _("Server responded: ") . - $reason . "
\n"; - if (preg_match("/(.*)(quota)(.*)$/i", $reason, $regs)) { - $string .= _("Sollution: ") . - _("Remove unnessecarry messages from your folder and start with your Trash folder.") - ."
\n"; - } - $string .= "\n"; - error_box($string,$color); - } else { - $string = "\n" . - _("ERROR : Bad or malformed request.") . - "
\n" . - _("Server responded: ") . - $tmp . "
\n"; - error_box($string,$color); + $reason = $regs[3]; + if ($regs[2] == 'NO') { + $string = "\n" . + _("ERROR : Could not append message to") ." $folder." . + "
\n" . + _("Server responded: ") . + $reason . "
\n"; + if (preg_match("/(.*)(quota)(.*)$/i", $reason, $regs)) { + $string .= _("Solution: ") . + _("Remove unneccessary messages from your folder and start with your Trash folder.") + ."
\n"; + } + $string .= "\n"; + error_box($string,$color); + } else { + $string = "\n" . + _("ERROR : Bad or malformed request.") . + "
\n" . + _("Server responded: ") . + $tmp . "
\n"; + error_box($string,$color); exit; - } + } } } @@ -514,14 +979,15 @@ function sqimap_get_user_server ($imap_server, $username) { return $function($username); } -/* This is an example that gets imapservers from yellowpages (NIS). - * you can simple put map:map_yp_alias in your $imap_server_address +/** + * This is an example that gets imapservers from yellowpages (NIS). + * you can simple put map:map_yp_alias in your $imap_server_address * in config.php use your own function instead map_yp_alias to map your - * LDAP whatever way to find the users imapserver. */ - + * LDAP whatever way to find the users imapserver. + */ function map_yp_alias($username) { $yp = `ypmatch $username aliases`; return chop(substr($yp, strlen($username)+1)); -} +} ?>