Mercurial > hg > rc1

comparison vendor/pear/net_sieve/Sieve.php @ 0:1e000243b222

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
vanilla 1.3.3 distro, I hope
author Charlie Root
date Thu, 04 Jan 2018 15:50:29 -0500
parents
children 05c4c32948af
comparison
equal deleted inserted replaced
-1:000000000000 0:1e000243b222
1 <?php
2 /**
3 * This file contains the Net_Sieve class.
4 *
5 * PHP version 5
6 *
7 * +-----------------------------------------------------------------------+
8 * | All rights reserved. |
9 * | |
10 * | Redistribution and use in source and binary forms, with or without |
11 * | modification, are permitted provided that the following conditions |
12 * | are met: |
13 * | |
14 * | o Redistributions of source code must retain the above copyright |
15 * | notice, this list of conditions and the following disclaimer. |
16 * | o Redistributions in binary form must reproduce the above copyright |
17 * | notice, this list of conditions and the following disclaimer in the |
18 * | documentation and/or other materials provided with the distribution.|
19 * | |
20 * | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
21 * | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
22 * | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
23 * | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
24 * | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
25 * | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
26 * | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
27 * | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
28 * | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
29 * | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
30 * | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
31 * +-----------------------------------------------------------------------+
32 *
33 * @category Networking
34 * @package Net_Sieve
35 * @author Richard Heyes <richard@phpguru.org>
36 * @author Damian Fernandez Sosa <damlists@cnba.uba.ar>
37 * @author Anish Mistry <amistry@am-productions.biz>
38 * @author Jan Schneider <jan@horde.org>
39 * @copyright 2002-2003 Richard Heyes
40 * @copyright 2006-2008 Anish Mistry
41 * @license http://www.opensource.org/licenses/bsd-license.php BSD
42 * @link http://pear.php.net/package/Net_Sieve
43 */
44
45 require_once 'PEAR.php';
46 require_once 'Net/Socket.php';
47
48 /**
49 * TODO
50 *
51 * o supportsAuthMech()
52 */
53
54 /**
55 * Disconnected state
56 * @const NET_SIEVE_STATE_DISCONNECTED
57 */
58 define('NET_SIEVE_STATE_DISCONNECTED', 1, true);
59
60 /**
61 * Authorisation state
62 * @const NET_SIEVE_STATE_AUTHORISATION
63 */
64 define('NET_SIEVE_STATE_AUTHORISATION', 2, true);
65
66 /**
67 * Transaction state
68 * @const NET_SIEVE_STATE_TRANSACTION
69 */
70 define('NET_SIEVE_STATE_TRANSACTION', 3, true);
71
72
73 /**
74 * A class for talking to the timsieved server which comes with Cyrus IMAP.
75 *
76 * @category Networking
77 * @package Net_Sieve
78 * @author Richard Heyes <richard@phpguru.org>
79 * @author Damian Fernandez Sosa <damlists@cnba.uba.ar>
80 * @author Anish Mistry <amistry@am-productions.biz>
81 * @author Jan Schneider <jan@horde.org>
82 * @copyright 2002-2003 Richard Heyes
83 * @copyright 2006-2008 Anish Mistry
84 * @license http://www.opensource.org/licenses/bsd-license.php BSD
85 * @version Release: @package_version@
86 * @link http://pear.php.net/package/Net_Sieve
87 * @link http://tools.ietf.org/html/rfc5228 RFC 5228 (Sieve: An Email
88 * Filtering Language)
89 * @link http://tools.ietf.org/html/rfc5804 RFC 5804 A Protocol for
90 * Remotely Managing Sieve Scripts
91 */
92 class Net_Sieve
93 {
94 /**
95 * The authentication methods this class supports.
96 *
97 * Can be overwritten if having problems with certain methods.
98 *
99 * @var array
100 */
101 var $supportedAuthMethods = array(
102 'DIGEST-MD5',
103 'CRAM-MD5',
104 'EXTERNAL',
105 'PLAIN' ,
106 'LOGIN'
107 );
108
109 /**
110 * SASL authentication methods that require Auth_SASL.
111 *
112 * @var array
113 */
114 var $supportedSASLAuthMethods = array('DIGEST-MD5', 'CRAM-MD5');
115
116 /**
117 * The socket handle.
118 *
119 * @var resource
120 */
121 var $_sock;
122
123 /**
124 * Parameters and connection information.
125 *
126 * @var array
127 */
128 var $_data;
129
130 /**
131 * Current state of the connection.
132 *
133 * One of the NET_SIEVE_STATE_* constants.
134 *
135 * @var integer
136 */
137 var $_state;
138
139 /**
140 * PEAR object to avoid strict warnings.
141 *
142 * @var PEAR_Error
143 */
144 var $_pear;
145
146 /**
147 * Constructor error.
148 *
149 * @var PEAR_Error
150 */
151 var $_error;
152
153 /**
154 * Whether to enable debugging.
155 *
156 * @var boolean
157 */
158 var $_debug = false;
159
160 /**
161 * Debug output handler.
162 *
163 * This has to be a valid callback.
164 *
165 * @var string|array
166 */
167 var $_debug_handler = null;
168
169 /**
170 * Whether to pick up an already established connection.
171 *
172 * @var boolean
173 */
174 var $_bypassAuth = false;
175
176 /**
177 * Whether to use TLS if available.
178 *
179 * @var boolean
180 */
181 var $_useTLS = true;
182
183 /**
184 * Additional options for stream_context_create().
185 *
186 * @var array
187 */
188 var $_options = null;
189
190 /**
191 * Maximum number of referral loops
192 *
193 * @var array
194 */
195 var $_maxReferralCount = 15;
196
197 /**
198 * Constructor.
199 *
200 * Sets up the object, connects to the server and logs in. Stores any
201 * generated error in $this->_error, which can be retrieved using the
202 * getError() method.
203 *
204 * @param string $user Login username.
205 * @param string $pass Login password.
206 * @param string $host Hostname of server.
207 * @param string $port Port of server.
208 * @param string $logintype Type of login to perform (see
209 * $supportedAuthMethods).
210 * @param string $euser Effective user. If authenticating as an
211 * administrator, login as this user.
212 * @param boolean $debug Whether to enable debugging (@see setDebug()).
213 * @param string $bypassAuth Skip the authentication phase. Useful if the
214 * socket is already open.
215 * @param boolean $useTLS Use TLS if available.
216 * @param array $options Additional options for
217 * stream_context_create().
218 * @param mixed $handler A callback handler for the debug output.
219 */
220 function __construct($user = null, $pass = null, $host = 'localhost',
221 $port = 2000, $logintype = '', $euser = '',
222 $debug = false, $bypassAuth = false, $useTLS = true,
223 $options = null, $handler = null
224 ) {
225 $this->_pear = new PEAR();
226 $this->_state = NET_SIEVE_STATE_DISCONNECTED;
227 $this->_data['user'] = $user;
228 $this->_data['pass'] = $pass;
229 $this->_data['host'] = $host;
230 $this->_data['port'] = $port;
231 $this->_data['logintype'] = $logintype;
232 $this->_data['euser'] = $euser;
233 $this->_sock = new Net_Socket();
234 $this->_bypassAuth = $bypassAuth;
235 $this->_useTLS = $useTLS;
236 $this->_options = (array) $options;
237 $this->setDebug($debug, $handler);
238
239 /* Try to include the Auth_SASL package. If the package is not
240 * available, we disable the authentication methods that depend upon
241 * it. */
242 if ((@include_once 'Auth/SASL.php') === false) {
243 $this->_debug('Auth_SASL not present');
244 $this->supportedAuthMethods = array_diff(
245 $this->supportedAuthMethods,
246 $this->supportedSASLAuthMethods
247 );
248 }
249
250 if (strlen($user) && strlen($pass)) {
251 $this->_error = $this->_handleConnectAndLogin();
252 }
253 }
254
255 /**
256 * Returns any error that may have been generated in the constructor.
257 *
258 * @return boolean|PEAR_Error False if no error, PEAR_Error otherwise.
259 */
260 function getError()
261 {
262 return is_a($this->_error, 'PEAR_Error') ? $this->_error : false;
263 }
264
265 /**
266 * Sets the debug state and handler function.
267 *
268 * @param boolean $debug Whether to enable debugging.
269 * @param string $handler A custom debug handler. Must be a valid callback.
270 *
271 * @return void
272 */
273 function setDebug($debug = true, $handler = null)
274 {
275 $this->_debug = $debug;
276 $this->_debug_handler = $handler;
277 }
278
279 /**
280 * Connects to the server and logs in.
281 *
282 * @return boolean True on success, PEAR_Error on failure.
283 */
284 function _handleConnectAndLogin()
285 {
286 $res = $this->connect($this->_data['host'], $this->_data['port'], $this->_options, $this->_useTLS);
287 if (is_a($res, 'PEAR_Error')) {
288 return $res;
289 }
290 if ($this->_bypassAuth === false) {
291 $res = $this->login($this->_data['user'], $this->_data['pass'], $this->_data['logintype'], $this->_data['euser'], $this->_bypassAuth);
292 if (is_a($res, 'PEAR_Error')) {
293 return $res;
294 }
295 }
296 return true;
297 }
298
299 /**
300 * Handles connecting to the server and checks the response validity.
301 *
302 * @param string $host Hostname of server.
303 * @param string $port Port of server.
304 * @param array $options List of options to pass to
305 * stream_context_create().
306 * @param boolean $useTLS Use TLS if available.
307 *
308 * @return boolean True on success, PEAR_Error otherwise.
309 */
310 function connect($host, $port, $options = null, $useTLS = true)
311 {
312 $this->_data['host'] = $host;
313 $this->_data['port'] = $port;
314 $this->_useTLS = $useTLS;
315
316 if (is_array($options)) {
317 $this->_options = array_merge($this->_options, $options);
318 }
319
320 if (NET_SIEVE_STATE_DISCONNECTED != $this->_state) {
321 return $this->_pear->raiseError('Not currently in DISCONNECTED state', 1);
322 }
323
324 $res = $this->_sock->connect($host, $port, false, 5, $options);
325 if (is_a($res, 'PEAR_Error')) {
326 return $res;
327 }
328
329 if ($this->_bypassAuth) {
330 $this->_state = NET_SIEVE_STATE_TRANSACTION;
331 } else {
332 $this->_state = NET_SIEVE_STATE_AUTHORISATION;
333 $res = $this->_doCmd();
334 if (is_a($res, 'PEAR_Error')) {
335 return $res;
336 }
337 }
338
339 // Explicitly ask for the capabilities in case the connection is
340 // picked up from an existing connection.
341 $res = $this->_cmdCapability();
342 if (is_a($res, 'PEAR_Error')) {
343 return $this->_pear->raiseError(
344 'Failed to connect, server said: ' . $res->getMessage(), 2
345 );
346 }
347
348 // Check if we can enable TLS via STARTTLS.
349 if ($useTLS && !empty($this->_capability['starttls'])
350 && function_exists('stream_socket_enable_crypto')
351 ) {
352 $res = $this->_startTLS();
353 if (is_a($res, 'PEAR_Error')) {
354 return $res;
355 }
356 }
357
358 return true;
359 }
360
361 /**
362 * Disconnect from the Sieve server.
363 *
364 * @param boolean $sendLogoutCMD Whether to send LOGOUT command before
365 * disconnecting.
366 *
367 * @return boolean True on success, PEAR_Error otherwise.
368 */
369 function disconnect($sendLogoutCMD = true)
370 {
371 return $this->_cmdLogout($sendLogoutCMD);
372 }
373
374 /**
375 * Logs into server.
376 *
377 * @param string $user Login username.
378 * @param string $pass Login password.
379 * @param string $logintype Type of login method to use.
380 * @param string $euser Effective UID (perform on behalf of $euser).
381 * @param boolean $bypassAuth Do not perform authentication.
382 *
383 * @return boolean True on success, PEAR_Error otherwise.
384 */
385 function login($user, $pass, $logintype = null, $euser = '', $bypassAuth = false)
386 {
387 $this->_data['user'] = $user;
388 $this->_data['pass'] = $pass;
389 $this->_data['logintype'] = $logintype;
390 $this->_data['euser'] = $euser;
391 $this->_bypassAuth = $bypassAuth;
392
393 if (NET_SIEVE_STATE_AUTHORISATION != $this->_state) {
394 return $this->_pear->raiseError('Not currently in AUTHORISATION state', 1);
395 }
396
397 if (!$bypassAuth ) {
398 $res = $this->_cmdAuthenticate($user, $pass, $logintype, $euser);
399 if (is_a($res, 'PEAR_Error')) {
400 return $res;
401 }
402 }
403 $this->_state = NET_SIEVE_STATE_TRANSACTION;
404
405 return true;
406 }
407
408 /**
409 * Returns an indexed array of scripts currently on the server.
410 *
411 * @return array Indexed array of scriptnames.
412 */
413 function listScripts()
414 {
415 if (is_array($scripts = $this->_cmdListScripts())) {
416 return $scripts[0];
417 } else {
418 return $scripts;
419 }
420 }
421
422 /**
423 * Returns the active script.
424 *
425 * @return string The active scriptname.
426 */
427 function getActive()
428 {
429 if (is_array($scripts = $this->_cmdListScripts())) {
430 return $scripts[1];
431 }
432 }
433
434 /**
435 * Sets the active script.
436 *
437 * @param string $scriptname The name of the script to be set as active.
438 *
439 * @return boolean True on success, PEAR_Error on failure.
440 */
441 function setActive($scriptname)
442 {
443 return $this->_cmdSetActive($scriptname);
444 }
445
446 /**
447 * Retrieves a script.
448 *
449 * @param string $scriptname The name of the script to be retrieved.
450 *
451 * @return string The script on success, PEAR_Error on failure.
452 */
453 function getScript($scriptname)
454 {
455 return $this->_cmdGetScript($scriptname);
456 }
457
458 /**
459 * Adds a script to the server.
460 *
461 * @param string $scriptname Name of the script.
462 * @param string $script The script content.
463 * @param boolean $makeactive Whether to make this the active script.
464 *
465 * @return boolean True on success, PEAR_Error on failure.
466 */
467 function installScript($scriptname, $script, $makeactive = false)
468 {
469 $res = $this->_cmdPutScript($scriptname, $script);
470 if (is_a($res, 'PEAR_Error')) {
471 return $res;
472 }
473 if ($makeactive) {
474 return $this->_cmdSetActive($scriptname);
475 }
476 return true;
477 }
478
479 /**
480 * Removes a script from the server.
481 *
482 * @param string $scriptname Name of the script.
483 *
484 * @return boolean True on success, PEAR_Error on failure.
485 */
486 function removeScript($scriptname)
487 {
488 return $this->_cmdDeleteScript($scriptname);
489 }
490
491 /**
492 * Checks if the server has space to store the script by the server.
493 *
494 * @param string $scriptname The name of the script to mark as active.
495 * @param integer $size The size of the script.
496 *
497 * @return boolean|PEAR_Error True if there is space, PEAR_Error otherwise.
498 *
499 * @todo Rename to hasSpace()
500 */
501 function haveSpace($scriptname, $size)
502 {
503 if (NET_SIEVE_STATE_TRANSACTION != $this->_state) {
504 return $this->_pear->raiseError('Not currently in TRANSACTION state', 1);
505 }
506
507 $res = $this->_doCmd(sprintf('HAVESPACE %s %d', $this->_escape($scriptname), $size));
508 if (is_a($res, 'PEAR_Error')) {
509 return $res;
510 }
511 return true;
512 }
513
514 /**
515 * Returns the list of extensions the server supports.
516 *
517 * @return array List of extensions or PEAR_Error on failure.
518 */
519 function getExtensions()
520 {
521 if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) {
522 return $this->_pear->raiseError('Not currently connected', 7);
523 }
524 return $this->_capability['extensions'];
525 }
526
527 /**
528 * Returns whether the server supports an extension.
529 *
530 * @param string $extension The extension to check.
531 *
532 * @return boolean Whether the extension is supported or PEAR_Error on
533 * failure.
534 */
535 function hasExtension($extension)
536 {
537 if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) {
538 return $this->_pear->raiseError('Not currently connected', 7);
539 }
540
541 $extension = trim($this->_toUpper($extension));
542 if (is_array($this->_capability['extensions'])) {
543 foreach ($this->_capability['extensions'] as $ext) {
544 if ($ext == $extension) {
545 return true;
546 }
547 }
548 }
549
550 return false;
551 }
552
553 /**
554 * Returns the list of authentication methods the server supports.
555 *
556 * @return array List of authentication methods or PEAR_Error on failure.
557 */
558 function getAuthMechs()
559 {
560 if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) {
561 return $this->_pear->raiseError('Not currently connected', 7);
562 }
563 return $this->_capability['sasl'];
564 }
565
566 /**
567 * Returns whether the server supports an authentication method.
568 *
569 * @param string $method The method to check.
570 *
571 * @return boolean Whether the method is supported or PEAR_Error on
572 * failure.
573 */
574 function hasAuthMech($method)
575 {
576 if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) {
577 return $this->_pear->raiseError('Not currently connected', 7);
578 }
579
580 $method = trim($this->_toUpper($method));
581 if (is_array($this->_capability['sasl'])) {
582 foreach ($this->_capability['sasl'] as $sasl) {
583 if ($sasl == $method) {
584 return true;
585 }
586 }
587 }
588
589 return false;
590 }
591
592 /**
593 * Handles the authentication using any known method.
594 *
595 * @param string $uid The userid to authenticate as.
596 * @param string $pwd The password to authenticate with.
597 * @param string $userMethod The method to use. If empty, the class chooses
598 * the best (strongest) available method.
599 * @param string $euser The effective uid to authenticate as.
600 *
601 * @return void
602 */
603 function _cmdAuthenticate($uid, $pwd, $userMethod = null, $euser = '')
604 {
605 $method = $this->_getBestAuthMethod($userMethod);
606 if (is_a($method, 'PEAR_Error')) {
607 return $method;
608 }
609 switch ($method) {
610 case 'DIGEST-MD5':
611 return $this->_authDigestMD5($uid, $pwd, $euser);
612 case 'CRAM-MD5':
613 $result = $this->_authCRAMMD5($uid, $pwd, $euser);
614 break;
615 case 'LOGIN':
616 $result = $this->_authLOGIN($uid, $pwd, $euser);
617 break;
618 case 'PLAIN':
619 $result = $this->_authPLAIN($uid, $pwd, $euser);
620 break;
621 case 'EXTERNAL':
622 $result = $this->_authEXTERNAL($uid, $pwd, $euser);
623 break;
624 default :
625 $result = $this->_pear->raiseError(
626 $method . ' is not a supported authentication method'
627 );
628 break;
629 }
630
631 $res = $this->_doCmd();
632 if (is_a($res, 'PEAR_Error')) {
633 return $res;
634 }
635
636 // Query the server capabilities again now that we are authenticated.
637 if ($this->_pear->isError($res = $this->_cmdCapability())) {
638 return $this->_pear->raiseError(
639 'Failed to connect, server said: ' . $res->getMessage(), 2
640 );
641 }
642
643 return $result;
644 }
645
646 /**
647 * Authenticates the user using the PLAIN method.
648 *
649 * @param string $user The userid to authenticate as.
650 * @param string $pass The password to authenticate with.
651 * @param string $euser The effective uid to authenticate as.
652 *
653 * @return void
654 */
655 function _authPLAIN($user, $pass, $euser)
656 {
657 return $this->_sendCmd(
658 sprintf(
659 'AUTHENTICATE "PLAIN" "%s"',
660 base64_encode($euser . chr(0) . $user . chr(0) . $pass)
661 )
662 );
663 }
664
665 /**
666 * Authenticates the user using the LOGIN method.
667 *
668 * @param string $user The userid to authenticate as.
669 * @param string $pass The password to authenticate with.
670 * @param string $euser The effective uid to authenticate as. Not used.
671 *
672 * @return void
673 */
674 function _authLOGIN($user, $pass, $euser)
675 {
676 $result = $this->_sendCmd('AUTHENTICATE "LOGIN"');
677 if (is_a($result, 'PEAR_Error')) {
678 return $result;
679 }
680 $result = $this->_doCmd('"' . base64_encode($user) . '"', true);
681 if (is_a($result, 'PEAR_Error')) {
682 return $result;
683 }
684 return $this->_doCmd('"' . base64_encode($pass) . '"', true);
685 }
686
687 /**
688 * Authenticates the user using the CRAM-MD5 method.
689 *
690 * @param string $user The userid to authenticate as.
691 * @param string $pass The password to authenticate with.
692 * @param string $euser The effective uid to authenticate as. Not used.
693 *
694 * @return void
695 */
696 function _authCRAMMD5($user, $pass, $euser)
697 {
698 $challenge = $this->_doCmd('AUTHENTICATE "CRAM-MD5"', true);
699 if (is_a($challenge, 'PEAR_Error')) {
700 return $challenge;
701 }
702
703 $auth_sasl = new Auth_SASL;
704 $cram = $auth_sasl->factory('crammd5');
705 $challenge = base64_decode(trim($challenge));
706 $response = $cram->getResponse($user, $pass, $challenge);
707
708 if (is_a($response, 'PEAR_Error')) {
709 return $response;
710 }
711
712 return $this->_sendStringResponse(base64_encode($response));
713 }
714
715 /**
716 * Authenticates the user using the DIGEST-MD5 method.
717 *
718 * @param string $user The userid to authenticate as.
719 * @param string $pass The password to authenticate with.
720 * @param string $euser The effective uid to authenticate as.
721 *
722 * @return void
723 */
724 function _authDigestMD5($user, $pass, $euser)
725 {
726 $challenge = $this->_doCmd('AUTHENTICATE "DIGEST-MD5"', true);
727 if (is_a($challenge, 'PEAR_Error')) {
728 return $challenge;
729 }
730
731 $auth_sasl = new Auth_SASL;
732 $digest = $auth_sasl->factory('digestmd5');
733 $challenge = base64_decode(trim($challenge));
734
735 // @todo Really 'localhost'?
736 $response = $digest->getResponse($user, $pass, $challenge, 'localhost', 'sieve', $euser);
737 if (is_a($response, 'PEAR_Error')) {
738 return $response;
739 }
740
741 $result = $this->_sendStringResponse(base64_encode($response));
742 if (is_a($result, 'PEAR_Error')) {
743 return $result;
744 }
745 $result = $this->_doCmd('', true);
746 if (is_a($result, 'PEAR_Error')) {
747 return $result;
748 }
749 if ($this->_toUpper(substr($result, 0, 2)) == 'OK') {
750 return;
751 }
752
753 /* We don't use the protocol's third step because SIEVE doesn't allow
754 * subsequent authentication, so we just silently ignore it. */
755 $result = $this->_sendStringResponse('');
756 if (is_a($result, 'PEAR_Error')) {
757 return $result;
758 }
759
760 return $this->_doCmd();
761 }
762
763 /**
764 * Authenticates the user using the EXTERNAL method.
765 *
766 * @param string $user The userid to authenticate as.
767 * @param string $pass The password to authenticate with.
768 * @param string $euser The effective uid to authenticate as.
769 *
770 * @return void
771 *
772 * @since 1.1.7
773 */
774 function _authEXTERNAL($user, $pass, $euser)
775 {
776 $cmd = sprintf(
777 'AUTHENTICATE "EXTERNAL" "%s"',
778 base64_encode(strlen($euser) ? $euser : $user)
779 );
780 return $this->_sendCmd($cmd);
781 }
782
783 /**
784 * Removes a script from the server.
785 *
786 * @param string $scriptname Name of the script to delete.
787 *
788 * @return boolean True on success, PEAR_Error otherwise.
789 */
790 function _cmdDeleteScript($scriptname)
791 {
792 if (NET_SIEVE_STATE_TRANSACTION != $this->_state) {
793 return $this->_pear->raiseError('Not currently in AUTHORISATION state', 1);
794 }
795
796 $res = $this->_doCmd(sprintf('DELETESCRIPT %s', $this->_escape($scriptname)));
797 if (is_a($res, 'PEAR_Error')) {
798 return $res;
799 }
800 return true;
801 }
802
803 /**
804 * Retrieves the contents of the named script.
805 *
806 * @param string $scriptname Name of the script to retrieve.
807 *
808 * @return string The script if successful, PEAR_Error otherwise.
809 */
810 function _cmdGetScript($scriptname)
811 {
812 if (NET_SIEVE_STATE_TRANSACTION != $this->_state) {
813 return $this->_pear->raiseError('Not currently in AUTHORISATION state', 1);
814 }
815
816 $res = $this->_doCmd(sprintf('GETSCRIPT %s', $this->_escape($scriptname)));
817 if (is_a($res, 'PEAR_Error')) {
818 return $res;
819 }
820
821 return preg_replace('/^{[0-9]+}\r\n/', '', $res);
822 }
823
824 /**
825 * Sets the active script, i.e. the one that gets run on new mail by the
826 * server.
827 *
828 * @param string $scriptname The name of the script to mark as active.
829 *
830 * @return boolean True on success, PEAR_Error otherwise.
831 */
832 function _cmdSetActive($scriptname)
833 {
834 if (NET_SIEVE_STATE_TRANSACTION != $this->_state) {
835 return $this->_pear->raiseError('Not currently in AUTHORISATION state', 1);
836 }
837
838 $res = $this->_doCmd(sprintf('SETACTIVE %s', $this->_escape($scriptname)));
839 if (is_a($res, 'PEAR_Error')) {
840 return $res;
841 }
842
843 return true;
844 }
845
846 /**
847 * Returns the list of scripts on the server.
848 *
849 * @return array An array with the list of scripts in the first element
850 * and the active script in the second element on success,
851 * PEAR_Error otherwise.
852 */
853 function _cmdListScripts()
854 {
855 if (NET_SIEVE_STATE_TRANSACTION != $this->_state) {
856 return $this->_pear->raiseError('Not currently in AUTHORISATION state', 1);
857 }
858
859 $res = $this->_doCmd('LISTSCRIPTS');
860 if (is_a($res, 'PEAR_Error')) {
861 return $res;
862 }
863
864 $scripts = array();
865 $activescript = null;
866 $res = explode("\r\n", $res);
867 foreach ($res as $value) {
868 if (preg_match('/^"(.*)"( ACTIVE)?$/i', $value, $matches)) {
869 $script_name = stripslashes($matches[1]);
870 $scripts[] = $script_name;
871 if (!empty($matches[2])) {
872 $activescript = $script_name;
873 }
874 }
875 }
876
877 return array($scripts, $activescript);
878 }
879
880 /**
881 * Adds a script to the server.
882 *
883 * @param string $scriptname Name of the new script.
884 * @param string $scriptdata The new script.
885 *
886 * @return boolean True on success, PEAR_Error otherwise.
887 */
888 function _cmdPutScript($scriptname, $scriptdata)
889 {
890 if (NET_SIEVE_STATE_TRANSACTION != $this->_state) {
891 return $this->_pear->raiseError('Not currently in AUTHORISATION state', 1);
892 }
893
894 $stringLength = $this->_getLineLength($scriptdata);
895 $command = sprintf(
896 "PUTSCRIPT %s {%d+}\r\n%s",
897 $this->_escape($scriptname),
898 $stringLength,
899 $scriptdata
900 );
901
902 $res = $this->_doCmd($command);
903 if (is_a($res, 'PEAR_Error')) {
904 return $res;
905 }
906
907 return true;
908 }
909
910 /**
911 * Logs out of the server and terminates the connection.
912 *
913 * @param boolean $sendLogoutCMD Whether to send LOGOUT command before
914 * disconnecting.
915 *
916 * @return boolean True on success, PEAR_Error otherwise.
917 */
918 function _cmdLogout($sendLogoutCMD = true)
919 {
920 if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) {
921 return $this->_pear->raiseError('Not currently connected', 1);
922 }
923
924 if ($sendLogoutCMD) {
925 $res = $this->_doCmd('LOGOUT');
926 if (is_a($res, 'PEAR_Error')) {
927 return $res;
928 }
929 }
930
931 $this->_sock->disconnect();
932 $this->_state = NET_SIEVE_STATE_DISCONNECTED;
933
934 return true;
935 }
936
937 /**
938 * Sends the CAPABILITY command
939 *
940 * @return boolean True on success, PEAR_Error otherwise.
941 */
942 function _cmdCapability()
943 {
944 if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) {
945 return $this->_pear->raiseError('Not currently connected', 1);
946 }
947 $res = $this->_doCmd('CAPABILITY');
948 if (is_a($res, 'PEAR_Error')) {
949 return $res;
950 }
951 $this->_parseCapability($res);
952 return true;
953 }
954
955 /**
956 * Parses the response from the CAPABILITY command and stores the result
957 * in $_capability.
958 *
959 * @param string $data The response from the capability command.
960 *
961 * @return void
962 */
963 function _parseCapability($data)
964 {
965 // Clear the cached capabilities.
966 $this->_capability = array('sasl' => array(),
967 'extensions' => array());
968
969 $data = preg_split('/\r?\n/', $this->_toUpper($data), -1, PREG_SPLIT_NO_EMPTY);
970
971 for ($i = 0; $i < count($data); $i++) {
972 if (!preg_match('/^"([A-Z]+)"( "(.*)")?$/', $data[$i], $matches)) {
973 continue;
974 }
975 switch ($matches[1]) {
976 case 'IMPLEMENTATION':
977 $this->_capability['implementation'] = $matches[3];
978 break;
979
980 case 'SASL':
981 $this->_capability['sasl'] = preg_split('/\s+/', $matches[3]);
982 break;
983
984 case 'SIEVE':
985 $this->_capability['extensions'] = preg_split('/\s+/', $matches[3]);
986 break;
987
988 case 'STARTTLS':
989 $this->_capability['starttls'] = true;
990 break;
991 }
992 }
993 }
994
995 /**
996 * Sends a command to the server
997 *
998 * @param string $cmd The command to send.
999 *
1000 * @return void
1001 */
1002 function _sendCmd($cmd)
1003 {
1004 $status = $this->_sock->getStatus();
1005 if (is_a($status, 'PEAR_Error') || $status['eof']) {
1006 return $this->_pear->raiseError('Failed to write to socket: connection lost');
1007 }
1008 $error = $this->_sock->write($cmd . "\r\n");
1009 if (is_a($error, 'PEAR_Error')) {
1010 return $this->_pear->raiseError(
1011 'Failed to write to socket: ' . $error->getMessage()
1012 );
1013 }
1014 $this->_debug("C: $cmd");
1015 }
1016
1017 /**
1018 * Sends a string response to the server.
1019 *
1020 * @param string $str The string to send.
1021 *
1022 * @return void
1023 */
1024 function _sendStringResponse($str)
1025 {
1026 return $this->_sendCmd('{' . $this->_getLineLength($str) . "+}\r\n" . $str);
1027 }
1028
1029 /**
1030 * Receives a single line from the server.
1031 *
1032 * @return string The server response line.
1033 */
1034 function _recvLn()
1035 {
1036 $lastline = $this->_sock->gets(8192);
1037 if (is_a($lastline, 'PEAR_Error')) {
1038 return $this->_pear->raiseError(
1039 'Failed to read from socket: ' . $lastline->getMessage()
1040 );
1041 }
1042
1043 $lastline = rtrim($lastline);
1044 $this->_debug("S: $lastline");
1045
1046 if ($lastline === '') {
1047 return $this->_pear->raiseError('Failed to read from socket');
1048 }
1049
1050 return $lastline;
1051 }
1052
1053 /**
1054 * Receives a number of bytes from the server.
1055 *
1056 * @param integer $length Number of bytes to read.
1057 *
1058 * @return string The server response.
1059 */
1060 function _recvBytes($length)
1061 {
1062 $response = '';
1063 $response_length = 0;
1064 while ($response_length < $length) {
1065 $response .= $this->_sock->read($length - $response_length);
1066 $response_length = $this->_getLineLength($response);
1067 }
1068 $this->_debug('S: ' . rtrim($response));
1069 return $response;
1070 }
1071
1072 /**
1073 * Send a command and retrieves a response from the server.
1074 *
1075 * @param string $cmd The command to send.
1076 * @param boolean $auth Whether this is an authentication command.
1077 *
1078 * @return string|PEAR_Error Reponse string if an OK response, PEAR_Error
1079 * if a NO response.
1080 */
1081 function _doCmd($cmd = '', $auth = false)
1082 {
1083 $referralCount = 0;
1084 while ($referralCount < $this->_maxReferralCount) {
1085 if (strlen($cmd)) {
1086 $error = $this->_sendCmd($cmd);
1087 if (is_a($error, 'PEAR_Error')) {
1088 return $error;
1089 }
1090 }
1091
1092 $response = '';
1093 while (true) {
1094 $line = $this->_recvLn();
1095 if (is_a($line, 'PEAR_Error')) {
1096 return $line;
1097 }
1098
1099 if (preg_match('/^(OK|NO)/i', $line, $tag)) {
1100 // Check for string literal message.
1101 if (preg_match('/{([0-9]+)}$/', $line, $matches)) {
1102 $line = substr($line, 0, -(strlen($matches[1]) + 2))
1103 . str_replace(
1104 "\r\n", ' ', $this->_recvBytes($matches[1] + 2)
1105 );
1106 }
1107
1108 if ('OK' == $this->_toUpper($tag[1])) {
1109 $response .= $line;
1110 return rtrim($response);
1111 }
1112
1113 return $this->_pear->raiseError(trim($response . substr($line, 2)), 3);
1114 }
1115
1116 if (preg_match('/^BYE/i', $line)) {
1117 $error = $this->disconnect(false);
1118 if (is_a($error, 'PEAR_Error')) {
1119 return $this->_pear->raiseError(
1120 'Cannot handle BYE, the error was: '
1121 . $error->getMessage(),
1122 4
1123 );
1124 }
1125 // Check for referral, then follow it. Otherwise, carp an
1126 // error.
1127 if (preg_match('/^bye \(referral "(sieve:\/\/)?([^"]+)/i', $line, $matches)) {
1128 // Replace the old host with the referral host
1129 // preserving any protocol prefix.
1130 $this->_data['host'] = preg_replace(
1131 '/\w+(?!(\w|\:\/\/)).*/', $matches[2],
1132 $this->_data['host']
1133 );
1134 $error = $this->_handleConnectAndLogin();
1135 if (is_a($error, 'PEAR_Error')) {
1136 return $this->_pear->raiseError(
1137 'Cannot follow referral to '
1138 . $this->_data['host'] . ', the error was: '
1139 . $error->getMessage(),
1140 5
1141 );
1142 }
1143 break;
1144 }
1145 return $this->_pear->raiseError(trim($response . $line), 6);
1146 }
1147
1148 if (preg_match('/^{([0-9]+)}/', $line, $matches)) {
1149 // Matches literal string responses.
1150 $line = $this->_recvBytes($matches[1] + 2);
1151 if (!$auth) {
1152 // Receive the pending OK only if we aren't
1153 // authenticating since string responses during
1154 // authentication don't need an OK.
1155 $this->_recvLn();
1156 }
1157 return $line;
1158 }
1159
1160 if ($auth) {
1161 // String responses during authentication don't need an
1162 // OK.
1163 $response .= $line;
1164 return rtrim($response);
1165 }
1166
1167 $response .= $line . "\r\n";
1168 $referralCount++;
1169 }
1170 }
1171
1172 return $this->_pear->raiseError('Max referral count (' . $referralCount . ') reached. Cyrus murder loop error?', 7);
1173 }
1174
1175 /**
1176 * Returns the name of the best authentication method that the server
1177 * has advertised.
1178 *
1179 * @param string $userMethod Only consider this method as available.
1180 *
1181 * @return string The name of the best supported authentication method or
1182 * a PEAR_Error object on failure.
1183 */
1184 function _getBestAuthMethod($userMethod = null)
1185 {
1186 if (!isset($this->_capability['sasl'])) {
1187 return $this->_pear->raiseError('This server doesn\'t support any authentication methods. SASL problem?');
1188 }
1189 if (!$this->_capability['sasl']) {
1190 return $this->_pear->raiseError('This server doesn\'t support any authentication methods.');
1191 }
1192
1193 if ($userMethod) {
1194 if (in_array($userMethod, $this->_capability['sasl'])) {
1195 return $userMethod;
1196 }
1197
1198 $msg = 'No supported authentication method found. The server supports these methods: %s, but we want to use: %s';
1199 return $this->_pear->raiseError(
1200 sprintf($msg, implode(', ', $this->_capability['sasl']), $userMethod)
1201 );
1202 }
1203
1204 foreach ($this->supportedAuthMethods as $method) {
1205 if (in_array($method, $this->_capability['sasl'])) {
1206 return $method;
1207 }
1208 }
1209
1210 $msg = 'No supported authentication method found. The server supports these methods: %s, but we only support: %s';
1211 return $this->_pear->raiseError(
1212 sprintf($msg, implode(', ', $this->_capability['sasl']), implode(', ', $this->supportedAuthMethods))
1213 );
1214 }
1215
1216 /**
1217 * Starts a TLS connection.
1218 *
1219 * @return boolean True on success, PEAR_Error on failure.
1220 */
1221 function _startTLS()
1222 {
1223 $res = $this->_doCmd('STARTTLS');
1224 if (is_a($res, 'PEAR_Error')) {
1225 return $res;
1226 }
1227
1228 if (isset($this->_options['ssl']['crypto_method'])) {
1229 $crypto_method = $this->_options['ssl']['crypto_method'];
1230 }
1231 else {
1232 // There is no flag to enable all TLS methods. Net_SMTP
1233 // handles enabling TLS similarly.
1234 $crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT
1235 | @STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT
1236 | @STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
1237 }
1238
1239 if (!stream_socket_enable_crypto($this->_sock->fp, true, $crypto_method)) {
1240 return $this->_pear->raiseError('Failed to establish TLS connection', 2);
1241 }
1242
1243 $this->_debug('STARTTLS negotiation successful');
1244
1245 // The server should be sending a CAPABILITY response after
1246 // negotiating TLS. Read it, and ignore if it doesn't.
1247 // Unfortunately old Cyrus versions are broken and don't send a
1248 // CAPABILITY response, thus we would wait here forever. Parse the
1249 // Cyrus version and work around this broken behavior.
1250 if (!preg_match('/^CYRUS TIMSIEVED V([0-9.]+)/', $this->_capability['implementation'], $matches)
1251 || version_compare($matches[1], '2.3.10', '>=')
1252 ) {
1253 $this->_doCmd();
1254 }
1255
1256 // Query the server capabilities again now that we are under
1257 // encryption.
1258 $res = $this->_cmdCapability();
1259 if (is_a($res, 'PEAR_Error')) {
1260 return $this->_pear->raiseError(
1261 'Failed to connect, server said: ' . $res->getMessage(), 2
1262 );
1263 }
1264
1265 return true;
1266 }
1267
1268 /**
1269 * Returns the length of a string.
1270 *
1271 * @param string $string A string.
1272 *
1273 * @return integer The length of the string.
1274 */
1275 function _getLineLength($string)
1276 {
1277 if (extension_loaded('mbstring')) {
1278 return mb_strlen($string, 'latin1');
1279 } else {
1280 return strlen($string);
1281 }
1282 }
1283
1284 /**
1285 * Locale independant strtoupper() implementation.
1286 *
1287 * @param string $string The string to convert to lowercase.
1288 *
1289 * @return string The lowercased string, based on ASCII encoding.
1290 */
1291 function _toUpper($string)
1292 {
1293 $language = setlocale(LC_CTYPE, 0);
1294 setlocale(LC_CTYPE, 'C');
1295 $string = strtoupper($string);
1296 setlocale(LC_CTYPE, $language);
1297 return $string;
1298 }
1299
1300 /**
1301 * Converts strings into RFC's quoted-string or literal-c2s form.
1302 *
1303 * @param string $string The string to convert.
1304 *
1305 * @return string Result string.
1306 */
1307 function _escape($string)
1308 {
1309 // Some implementations don't allow UTF-8 characters in quoted-string,
1310 // use literal-c2s.
1311 if (preg_match('/[^\x01-\x09\x0B-\x0C\x0E-\x7F]/', $string)) {
1312 return sprintf("{%d+}\r\n%s", $this->_getLineLength($string), $string);
1313 }
1314
1315 return '"' . addcslashes($string, '\\"') . '"';
1316 }
1317
1318 /**
1319 * Write debug text to the current debug output handler.
1320 *
1321 * @param string $message Debug message text.
1322 *
1323 * @return void
1324 */
1325 function _debug($message)
1326 {
1327 if ($this->_debug) {
1328 if ($this->_debug_handler) {
1329 call_user_func_array($this->_debug_handler, array(&$this, $message));
1330 } else {
1331 echo "$message\n";
1332 }
1333 }
1334 }
1335 }