X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/af50974463450c98503e763a7836a50e260461a9..073c5ed6408e2f00dc1863b463fe205467628905:/wp-includes/class-smtp.php?ds=sidebyside diff --git a/wp-includes/class-smtp.php b/wp-includes/class-smtp.php index eddc9916..3ad08192 100644 --- a/wp-includes/class-smtp.php +++ b/wp-includes/class-smtp.php @@ -1,153 +1,225 @@ + * PHP Version 5 + * @package PHPMailer + * @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project + * @author Marcus Bointon (Synchro/coolbru) * @author Jim Jagielski (jimjag) * @author Andy Prevost (codeworxtech) - * @copyright 2013 Marcus Bointon - * @copyright 2004 - 2008 Andy Prevost + * @author Brent R. Matzelle (original founder) + * @copyright 2014 Marcus Bointon * @copyright 2010 - 2012 Jim Jagielski - * @license http://www.gnu.org/copyleft/lesser.html Distributed under the Lesser General Public License (LGPL) + * @copyright 2004 - 2009 Andy Prevost + * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License + * @note This program is distributed in the hope that it will be useful - WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. */ /** * PHPMailer RFC821 SMTP email transport class. - * - * Implements RFC 821 SMTP commands - * and provides some utility methods for sending mail to an SMTP server. - * - * PHP Version 5.0.0 - * - * @category PHP - * @package PHPMailer - * @link https://github.com/PHPMailer/PHPMailer/blob/master/class.smtp.php - * @author Chris Ryan - * @author Marcus Bointon - * @license http://www.gnu.org/copyleft/lesser.html Distributed under the Lesser General Public License (LGPL) + * Implements RFC 821 SMTP commands and provides some utility methods for sending mail to an SMTP server. + * @package PHPMailer + * @author Chris Ryan + * @author Marcus Bointon */ - class SMTP { /** - * The PHPMailer SMTP Version number. + * The PHPMailer SMTP version number. + * @var string */ - const VERSION = '5.2.7'; + const VERSION = '5.2.22'; /** * SMTP line break constant. + * @var string */ const CRLF = "\r\n"; /** * The SMTP port to use if one is not specified. + * @var integer */ const DEFAULT_SMTP_PORT = 25; + /** + * The maximum line length allowed by RFC 2822 section 2.1.1 + * @var integer + */ + const MAX_LINE_LENGTH = 998; + + /** + * Debug level for no output + */ + const DEBUG_OFF = 0; + + /** + * Debug level to show client -> server messages + */ + const DEBUG_CLIENT = 1; + + /** + * Debug level to show client -> server and server -> client messages + */ + const DEBUG_SERVER = 2; + + /** + * Debug level to show connection status, client -> server and server -> client messages + */ + const DEBUG_CONNECTION = 3; + + /** + * Debug level to show all messages + */ + const DEBUG_LOWLEVEL = 4; + /** * The PHPMailer SMTP Version number. - * @type string - * @deprecated This should be a constant + * @var string + * @deprecated Use the `VERSION` constant instead * @see SMTP::VERSION */ - public $Version = '5.2.7'; + public $Version = '5.2.22'; /** * SMTP server port number. - * @type int - * @deprecated This is only ever ued as default value, so should be a constant + * @var integer + * @deprecated This is only ever used as a default value, so use the `DEFAULT_SMTP_PORT` constant instead * @see SMTP::DEFAULT_SMTP_PORT */ public $SMTP_PORT = 25; /** - * SMTP reply line ending - * @type string - * @deprecated Use the class constant instead + * SMTP reply line ending. + * @var string + * @deprecated Use the `CRLF` constant instead * @see SMTP::CRLF */ public $CRLF = "\r\n"; /** * Debug output level. - * Options: 0 for no output, 1 for commands, 2 for data and commands - * @type int + * Options: + * * self::DEBUG_OFF (`0`) No debug output, default + * * self::DEBUG_CLIENT (`1`) Client commands + * * self::DEBUG_SERVER (`2`) Client commands and server responses + * * self::DEBUG_CONNECTION (`3`) As DEBUG_SERVER plus connection status + * * self::DEBUG_LOWLEVEL (`4`) Low-level data output, all messages + * @var integer */ - public $do_debug = 0; + public $do_debug = self::DEBUG_OFF; /** - * The function/method to use for debugging output. - * Options: 'echo', 'html' or 'error_log' - * @type string + * How to handle debug output. + * Options: + * * `echo` Output plain-text as-is, appropriate for CLI + * * `html` Output escaped, line breaks converted to `
`, appropriate for browser output + * * `error_log` Output to error log as configured in php.ini + * + * Alternatively, you can provide a callable expecting two params: a message string and the debug level: + * + * $smtp->Debugoutput = function($str, $level) {echo "debug level $level; message: $str";}; + * + * @var string|callable */ public $Debugoutput = 'echo'; /** * Whether to use VERP. - * @type bool + * @link http://en.wikipedia.org/wiki/Variable_envelope_return_path + * @link http://www.postfix.org/VERP_README.html Info on VERP + * @var boolean */ public $do_verp = false; /** - * The SMTP timeout value for reads, in seconds. - * @type int + * The timeout value for connection, in seconds. + * Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2 + * This needs to be quite high to function correctly with hosts using greetdelay as an anti-spam measure. + * @link http://tools.ietf.org/html/rfc2821#section-4.5.3.2 + * @var integer */ - public $Timeout = 15; + public $Timeout = 300; /** - * The SMTP timelimit value for reads, in seconds. - * @type int + * How long to wait for commands to complete, in seconds. + * Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2 + * @var integer */ - public $Timelimit = 30; + public $Timelimit = 300; + + /** + * @var array patterns to extract smtp transaction id from smtp reply + * Only first capture group will be use, use non-capturing group to deal with it + * Extend this class to override this property to fulfil your needs. + */ + protected $smtp_transaction_id_patterns = array( + 'exim' => '/[0-9]{3} OK id=(.*)/', + 'sendmail' => '/[0-9]{3} 2.0.0 (.*) Message/', + 'postfix' => '/[0-9]{3} 2.0.0 Ok: queued as (.*)/' + ); /** * The socket for the server connection. - * @type resource + * @var resource */ protected $smtp_conn; /** - * Error message, if any, for the last call. - * @type string + * Error information, if any, for the last SMTP command. + * @var array */ - protected $error = ''; + protected $error = array( + 'error' => '', + 'detail' => '', + 'smtp_code' => '', + 'smtp_code_ex' => '' + ); /** * The reply the server sent to us for HELO. - * @type string + * If null, no HELO string has yet been received. + * @var string|null */ - protected $helo_rply = ''; + protected $helo_rply = null; /** - * The most recent reply received from the server. - * @type string + * The set of SMTP extensions sent in reply to EHLO command. + * Indexes of the array are extension names. + * Value at index 'HELO' or 'EHLO' (according to command that was sent) + * represents the server name. In case of HELO it is the only element of the array. + * Other values can be boolean TRUE or an array containing extension options. + * If null, no HELO/EHLO string has yet been received. + * @var array|null */ - protected $last_reply = ''; + protected $server_caps = null; /** - * Constructor. - * @access public + * The most recent reply received from the server. + * @var string */ - public function __construct() - { - $this->smtp_conn = 0; - $this->error = null; - $this->helo_rply = null; - - $this->do_debug = 0; - } + protected $last_reply = ''; /** * Output debugging info via a user-selected method. + * @see SMTP::$Debugoutput + * @see SMTP::$do_debug * @param string $str Debug string to output + * @param integer $level The debug level of this message; see DEBUG_* constants * @return void */ - protected function edebug($str) + protected function edebug($str, $level = 0) { + if ($level > $this->do_debug) { + return; + } + //Avoid clash with built-in function names + if (!in_array($this->Debugoutput, array('error_log', 'html', 'echo')) and is_callable($this->Debugoutput)) { + call_user_func($this->Debugoutput, $str, $level); + return; + } switch ($this->Debugoutput) { case 'error_log': //Don't output, just log @@ -164,103 +236,137 @@ class SMTP break; case 'echo': default: - //Just echoes whatever was received - echo $str; + //Normalize line breaks + $str = preg_replace('/(\r\n|\r|\n)/ms', "\n", $str); + echo gmdate('Y-m-d H:i:s') . "\t" . str_replace( + "\n", + "\n \t ", + trim($str) + )."\n"; } } /** * Connect to an SMTP server. - * @param string $host SMTP server IP or host name - * @param int $port The port number to connect to - * @param int $timeout How long to wait for the connection to open + * @param string $host SMTP server IP or host name + * @param integer $port The port number to connect to + * @param integer $timeout How long to wait for the connection to open * @param array $options An array of options for stream_context_create() * @access public - * @return bool + * @return boolean */ public function connect($host, $port = null, $timeout = 30, $options = array()) { + static $streamok; + //This is enabled by default since 5.0.0 but some providers disable it + //Check this once and cache the result + if (is_null($streamok)) { + $streamok = function_exists('stream_socket_client'); + } // Clear errors to avoid confusion - $this->error = null; - + $this->setError(''); // Make sure we are __not__ connected if ($this->connected()) { // Already connected, generate error - $this->error = array('error' => 'Already connected to a server'); + $this->setError('Already connected to a server'); return false; } - if (empty($port)) { $port = self::DEFAULT_SMTP_PORT; } - // Connect to the SMTP server + $this->edebug( + "Connection: opening to $host:$port, timeout=$timeout, options=".var_export($options, true), + self::DEBUG_CONNECTION + ); $errno = 0; $errstr = ''; - $socket_context = stream_context_create($options); - //Suppress errors; connection failures are handled at a higher level - $this->smtp_conn = @stream_socket_client( - $host . ":" . $port, - $errno, - $errstr, - $timeout, - STREAM_CLIENT_CONNECT, - $socket_context - ); - + if ($streamok) { + $socket_context = stream_context_create($options); + set_error_handler(array($this, 'errorHandler')); + $this->smtp_conn = stream_socket_client( + $host . ":" . $port, + $errno, + $errstr, + $timeout, + STREAM_CLIENT_CONNECT, + $socket_context + ); + restore_error_handler(); + } else { + //Fall back to fsockopen which should work in more places, but is missing some features + $this->edebug( + "Connection: stream_socket_client not available, falling back to fsockopen", + self::DEBUG_CONNECTION + ); + set_error_handler(array($this, 'errorHandler')); + $this->smtp_conn = fsockopen( + $host, + $port, + $errno, + $errstr, + $timeout + ); + restore_error_handler(); + } // Verify we connected properly - if (empty($this->smtp_conn)) { - $this->error = array( - 'error' => 'Failed to connect to server', - 'errno' => $errno, - 'errstr' => $errstr + if (!is_resource($this->smtp_conn)) { + $this->setError( + 'Failed to connect to server', + $errno, + $errstr + ); + $this->edebug( + 'SMTP ERROR: ' . $this->error['error'] + . ": $errstr ($errno)", + self::DEBUG_CLIENT ); - if ($this->do_debug >= 1) { - $this->edebug( - 'SMTP -> ERROR: ' . $this->error['error'] - . ": $errstr ($errno)" - ); - } return false; } - + $this->edebug('Connection: opened', self::DEBUG_CONNECTION); // SMTP server can take longer to respond, give longer timeout for first read // Windows does not have support for this timeout function if (substr(PHP_OS, 0, 3) != 'WIN') { $max = ini_get('max_execution_time'); - if ($max != 0 && $timeout > $max) { // Don't bother if unlimited + // Don't bother if unlimited + if ($max != 0 && $timeout > $max) { @set_time_limit($timeout); } stream_set_timeout($this->smtp_conn, $timeout, 0); } - // Get any announcement $announce = $this->get_lines(); - - if ($this->do_debug >= 2) { - $this->edebug('SMTP -> FROM SERVER:' . $announce); - } - + $this->edebug('SERVER -> CLIENT: ' . $announce, self::DEBUG_SERVER); return true; } /** * Initiate a TLS (encrypted) session. * @access public - * @return bool + * @return boolean */ public function startTLS() { - if (!$this->sendCommand("STARTTLS", "STARTTLS", 220)) { + if (!$this->sendCommand('STARTTLS', 'STARTTLS', 220)) { return false; } + + //Allow the best TLS version(s) we can + $crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT; + + //PHP 5.6.7 dropped inclusion of TLS 1.1 and 1.2 in STREAM_CRYPTO_METHOD_TLS_CLIENT + //so add them back in manually if we can + if (defined('STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT')) { + $crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT; + $crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT; + } + // Begin encrypted connection if (!stream_socket_enable_crypto( $this->smtp_conn, true, - STREAM_CRYPTO_METHOD_TLS_CLIENT - ) - ) { + $crypto_method + )) { return false; } return true; @@ -270,25 +376,64 @@ class SMTP * Perform SMTP authentication. * Must be run after hello(). * @see hello() - * @param string $username The user name - * @param string $password The password - * @param string $authtype The auth type (PLAIN, LOGIN, NTLM, CRAM-MD5) - * @param string $realm The auth realm for NTLM + * @param string $username The user name + * @param string $password The password + * @param string $authtype The auth type (PLAIN, LOGIN, CRAM-MD5) + * @param string $realm The auth realm for NTLM * @param string $workstation The auth workstation for NTLM - * @access public - * @return bool True if successfully authenticated. + * @param null|OAuth $OAuth An optional OAuth instance (@see PHPMailerOAuth) + * @return bool True if successfully authenticated.* @access public */ public function authenticate( $username, $password, - $authtype = 'LOGIN', + $authtype = null, $realm = '', - $workstation = '' + $workstation = '', + $OAuth = null ) { - if (empty($authtype)) { - $authtype = 'LOGIN'; + if (!$this->server_caps) { + $this->setError('Authentication is not allowed before HELO/EHLO'); + return false; } + if (array_key_exists('EHLO', $this->server_caps)) { + // SMTP extensions are available. Let's try to find a proper authentication method + + if (!array_key_exists('AUTH', $this->server_caps)) { + $this->setError('Authentication is not allowed at this stage'); + // 'at this stage' means that auth may be allowed after the stage changes + // e.g. after STARTTLS + return false; + } + + self::edebug('Auth method requested: ' . ($authtype ? $authtype : 'UNKNOWN'), self::DEBUG_LOWLEVEL); + self::edebug( + 'Auth methods available on the server: ' . implode(',', $this->server_caps['AUTH']), + self::DEBUG_LOWLEVEL + ); + + if (empty($authtype)) { + foreach (array('CRAM-MD5', 'LOGIN', 'PLAIN') as $method) { + if (in_array($method, $this->server_caps['AUTH'])) { + $authtype = $method; + break; + } + } + if (empty($authtype)) { + $this->setError('No supported authentication methods found'); + return false; + } + self::edebug('Auth method selected: '.$authtype, self::DEBUG_LOWLEVEL); + } + + if (!in_array($authtype, $this->server_caps['AUTH'])) { + $this->setError("The requested authentication method \"$authtype\" is not supported by the server"); + return false; + } + } elseif (empty($authtype)) { + $authtype = 'LOGIN'; + } switch ($authtype) { case 'PLAIN': // Start authentication @@ -317,59 +462,6 @@ class SMTP return false; } break; - case 'NTLM': - /* - * ntlm_sasl_client.php - * Bundled with Permission - * - * How to telnet in windows: - * http://technet.microsoft.com/en-us/library/aa995718%28EXCHG.65%29.aspx - * PROTOCOL Docs http://curl.haxx.se/rfc/ntlm.html#ntlmSmtpAuthentication - */ - require_once 'extras/ntlm_sasl_client.php'; - $temp = new stdClass(); - $ntlm_client = new ntlm_sasl_client_class; - //Check that functions are available - if (!$ntlm_client->Initialize($temp)) { - $this->error = array('error' => $temp->error); - if ($this->do_debug >= 1) { - $this->edebug( - 'You need to enable some modules in your php.ini file: ' - . $this->error['error'] - ); - } - return false; - } - //msg1 - $msg1 = $ntlm_client->TypeMsg1($realm, $workstation); //msg1 - - if (!$this->sendCommand( - 'AUTH NTLM', - 'AUTH NTLM ' . base64_encode($msg1), - 334 - ) - ) { - return false; - } - - //Though 0 based, there is a white space after the 3 digit number - //msg2 - $challenge = substr($this->last_reply, 3); - $challenge = base64_decode($challenge); - $ntlm_res = $ntlm_client->NTLMResponse( - substr($challenge, 24, 8), - $password - ); - //msg3 - $msg3 = $ntlm_client->TypeMsg3( - $ntlm_res, - $username, - $realm, - $workstation - ); - // send encoded username - return $this->sendCommand('Username', base64_encode($msg3), 235); - break; case 'CRAM-MD5': // Start authentication if (!$this->sendCommand('AUTH CRAM-MD5', 'AUTH CRAM-MD5', 334)) { @@ -383,7 +475,9 @@ class SMTP // send encoded credentials return $this->sendCommand('Username', base64_encode($response), 235); - break; + default: + $this->setError("Authentication method \"$authtype\" is not supported"); + return false; } return true; } @@ -411,13 +505,13 @@ class SMTP // Eliminates the need to install mhash to compute a HMAC // by Lance Rushing - $b = 64; // byte length for md5 - if (strlen($key) > $b) { + $bytelen = 64; // byte length for md5 + if (strlen($key) > $bytelen) { $key = pack('H*', md5($key)); } - $key = str_pad($key, $b, chr(0x00)); - $ipad = str_pad('', $b, chr(0x36)); - $opad = str_pad('', $b, chr(0x5c)); + $key = str_pad($key, $bytelen, chr(0x00)); + $ipad = str_pad('', $bytelen, chr(0x36)); + $opad = str_pad('', $bytelen, chr(0x5c)); $k_ipad = $key ^ $ipad; $k_opad = $key ^ $opad; @@ -427,19 +521,18 @@ class SMTP /** * Check connection state. * @access public - * @return bool True if connected. + * @return boolean True if connected. */ public function connected() { - if (!empty($this->smtp_conn)) { + if (is_resource($this->smtp_conn)) { $sock_status = stream_get_meta_data($this->smtp_conn); if ($sock_status['eof']) { - // the socket is valid but we are not connected - if ($this->do_debug >= 1) { - $this->edebug( - 'SMTP -> NOTICE: EOF caught while checking if connected' - ); - } + // The socket is valid but we are not connected + $this->edebug( + 'SMTP NOTICE: EOF caught while checking if connected', + self::DEBUG_CLIENT + ); $this->close(); return false; } @@ -457,12 +550,14 @@ class SMTP */ public function close() { - $this->error = null; // so there is no confusion + $this->setError(''); + $this->server_caps = null; $this->helo_rply = null; - if (!empty($this->smtp_conn)) { + if (is_resource($this->smtp_conn)) { // close the connection and cleanup fclose($this->smtp_conn); - $this->smtp_conn = 0; + $this->smtp_conn = null; //Makes for cleaner serialization + $this->edebug('Connection: closed', self::DEBUG_CONNECTION); } } @@ -476,111 +571,101 @@ class SMTP * Implements rfc 821: DATA * @param string $msg_data Message data to send * @access public - * @return bool + * @return boolean */ public function data($msg_data) { + //This will use the standard timelimit if (!$this->sendCommand('DATA', 'DATA', 354)) { return false; } /* The server is ready to accept data! - * according to rfc821 we should not send more than 1000 - * including the CRLF - * characters on a single line so we will break the data up - * into lines by \r and/or \n then if needed we will break - * each of those into smaller lines to fit within the limit. - * in addition we will be looking for lines that start with - * a period '.' and append and additional period '.' to that - * line. NOTE: this does not count towards limit. + * According to rfc821 we should not send more than 1000 characters on a single line (including the CRLF) + * so we will break the data up into lines by \r and/or \n then if needed we will break each of those into + * smaller lines to fit within the limit. + * We will also look for lines that start with a '.' and prepend an additional '.'. + * NOTE: this does not count towards line-length limit. */ - // Normalize the line breaks before exploding - $msg_data = str_replace("\r\n", "\n", $msg_data); - $msg_data = str_replace("\r", "\n", $msg_data); - $lines = explode("\n", $msg_data); - - /* We need to find a good way to determine if headers are - * in the msg_data or if it is a straight msg body - * currently I am assuming rfc822 definitions of msg headers - * and if the first field of the first line (':' separated) - * does not contain a space then it _should_ be a header - * and we can process all lines before a blank "" line as - * headers. + // Normalize line breaks before exploding + $lines = explode("\n", str_replace(array("\r\n", "\r"), "\n", $msg_data)); + + /* To distinguish between a complete RFC822 message and a plain message body, we check if the first field + * of the first line (':' separated) does not contain a space then it _should_ be a header and we will + * process all lines before a blank line as headers. */ $field = substr($lines[0], 0, strpos($lines[0], ':')); $in_headers = false; - if (!empty($field) && !strstr($field, ' ')) { + if (!empty($field) && strpos($field, ' ') === false) { $in_headers = true; } - //RFC 2822 section 2.1.1 limit - $max_line_length = 998; - foreach ($lines as $line) { - $lines_out = null; - if ($line == '' && $in_headers) { + $lines_out = array(); + if ($in_headers and $line == '') { $in_headers = false; } - // ok we need to break this line up into several smaller lines - while (strlen($line) > $max_line_length) { - $pos = strrpos(substr($line, 0, $max_line_length), ' '); - - // Patch to fix DOS attack + //Break this line up into several smaller lines if it's too long + //Micro-optimisation: isset($str[$len]) is faster than (strlen($str) > $len), + while (isset($line[self::MAX_LINE_LENGTH])) { + //Working backwards, try to find a space within the last MAX_LINE_LENGTH chars of the line to break on + //so as to avoid breaking in the middle of a word + $pos = strrpos(substr($line, 0, self::MAX_LINE_LENGTH), ' '); + //Deliberately matches both false and 0 if (!$pos) { - $pos = $max_line_length - 1; + //No nice break found, add a hard break + $pos = self::MAX_LINE_LENGTH - 1; $lines_out[] = substr($line, 0, $pos); $line = substr($line, $pos); } else { + //Break at the found point $lines_out[] = substr($line, 0, $pos); + //Move along by the amount we dealt with $line = substr($line, $pos + 1); } - - /* If processing headers add a LWSP-char to the front of new line - * rfc822 on long msg headers - */ + //If processing headers add a LWSP-char to the front of new line RFC822 section 3.1.1 if ($in_headers) { $line = "\t" . $line; } } $lines_out[] = $line; - // send the lines to the server - while (list(, $line_out) = @each($lines_out)) { - if (strlen($line_out) > 0) { - if (substr($line_out, 0, 1) == '.') { - $line_out = '.' . $line_out; - } + //Send the lines to the server + foreach ($lines_out as $line_out) { + //RFC2821 section 4.5.2 + if (!empty($line_out) and $line_out[0] == '.') { + $line_out = '.' . $line_out; } $this->client_send($line_out . self::CRLF); } } - // Message data has been sent, complete the command - return $this->sendCommand('DATA END', '.', 250); + //Message data has been sent, complete the command + //Increase timelimit for end of DATA command + $savetimelimit = $this->Timelimit; + $this->Timelimit = $this->Timelimit * 2; + $result = $this->sendCommand('DATA END', '.', 250); + //Restore timelimit + $this->Timelimit = $savetimelimit; + return $result; } /** * Send an SMTP HELO or EHLO command. * Used to identify the sending server to the receiving server. * This makes sure that client and server are in a known state. - * Implements from RFC 821: HELO + * Implements RFC 821: HELO * and RFC 2821 EHLO. * @param string $host The host name or IP to connect to * @access public - * @return bool + * @return boolean */ public function hello($host = '') { - // Try extended hello first (RFC 2821) - if (!$this->sendHello('EHLO', $host)) { - if (!$this->sendHello('HELO', $host)) { - return false; - } - } - - return true; + //Try extended hello first (RFC 2821) + return (boolean)($this->sendHello('EHLO', $host) or $this->sendHello('HELO', $host)); } /** @@ -588,17 +673,64 @@ class SMTP * Low-level implementation used by hello() * @see hello() * @param string $hello The HELO string - * @param string $host The hostname to say we are + * @param string $host The hostname to say we are * @access protected - * @return bool + * @return boolean */ protected function sendHello($hello, $host) { $noerror = $this->sendCommand($hello, $hello . ' ' . $host, 250); $this->helo_rply = $this->last_reply; + if ($noerror) { + $this->parseHelloFields($hello); + } else { + $this->server_caps = null; + } return $noerror; } + /** + * Parse a reply to HELO/EHLO command to discover server extensions. + * In case of HELO, the only parameter that can be discovered is a server name. + * @access protected + * @param string $type - 'HELO' or 'EHLO' + */ + protected function parseHelloFields($type) + { + $this->server_caps = array(); + $lines = explode("\n", $this->helo_rply); + + foreach ($lines as $n => $s) { + //First 4 chars contain response code followed by - or space + $s = trim(substr($s, 4)); + if (empty($s)) { + continue; + } + $fields = explode(' ', $s); + if (!empty($fields)) { + if (!$n) { + $name = $type; + $fields = $fields[0]; + } else { + $name = array_shift($fields); + switch ($name) { + case 'SIZE': + $fields = ($fields ? $fields[0] : 0); + break; + case 'AUTH': + if (!is_array($fields)) { + $fields = array(); + } + break; + default: + $fields = true; + } + } + $this->server_caps[$name] = $fields; + } + } + } + /** * Send an SMTP MAIL command. * Starts a mail transaction from the email address specified in @@ -608,7 +740,7 @@ class SMTP * Implements rfc 821: MAIL FROM: * @param string $from Source address of this message * @access public - * @return bool + * @return boolean */ public function mail($from) { @@ -624,35 +756,35 @@ class SMTP * Send an SMTP QUIT command. * Closes the socket if there is no error or the $close_on_error argument is true. * Implements from rfc 821: QUIT - * @param bool $close_on_error Should the connection close if an error occurs? + * @param boolean $close_on_error Should the connection close if an error occurs? * @access public - * @return bool + * @return boolean */ public function quit($close_on_error = true) { $noerror = $this->sendCommand('QUIT', 'QUIT', 221); - $e = $this->error; //Save any error + $err = $this->error; //Save any error if ($noerror or $close_on_error) { $this->close(); - $this->error = $e; //Restore any error from the quit command + $this->error = $err; //Restore any error from the quit command } return $noerror; } /** * Send an SMTP RCPT command. - * Sets the TO argument to $to. + * Sets the TO argument to $toaddr. * Returns true if the recipient was accepted false if it was rejected. * Implements from rfc 821: RCPT TO: - * @param string $to The address the message is being sent to + * @param string $address The address the message is being sent to * @access public - * @return bool + * @return boolean */ - public function recipient($to) + public function recipient($address) { return $this->sendCommand( - 'RCPT TO ', - 'RCPT TO:<' . $to . '>', + 'RCPT TO', + 'RCPT TO:<' . $address . '>', array(250, 251) ); } @@ -662,7 +794,7 @@ class SMTP * Abort any transaction that is currently in progress. * Implements rfc 821: RSET * @access public - * @return bool True on success. + * @return boolean True on success. */ public function reset() { @@ -671,46 +803,61 @@ class SMTP /** * Send a command to an SMTP server and check its return code. - * @param string $command The command name - not sent to the server + * @param string $command The command name - not sent to the server * @param string $commandstring The actual command to send - * @param int|array $expect One or more expected integer success codes + * @param integer|array $expect One or more expected integer success codes * @access protected - * @return bool True on success. + * @return boolean True on success. */ protected function sendCommand($command, $commandstring, $expect) { if (!$this->connected()) { - $this->error = array( - "error" => "Called $command without being connected" - ); + $this->setError("Called $command without being connected"); + return false; + } + //Reject line breaks in all commands + if (strpos($commandstring, "\n") !== false or strpos($commandstring, "\r") !== false) { + $this->setError("Command '$command' contained line breaks"); return false; } $this->client_send($commandstring . self::CRLF); - $reply = $this->get_lines(); - $code = substr($reply, 0, 3); - - if ($this->do_debug >= 2) { - $this->edebug('SMTP -> FROM SERVER:' . $reply); + $this->last_reply = $this->get_lines(); + // Fetch SMTP code and possible error code explanation + $matches = array(); + if (preg_match("/^([0-9]{3})[ -](?:([0-9]\\.[0-9]\\.[0-9]) )?/", $this->last_reply, $matches)) { + $code = $matches[1]; + $code_ex = (count($matches) > 2 ? $matches[2] : null); + // Cut off error code from each response line + $detail = preg_replace( + "/{$code}[ -]".($code_ex ? str_replace('.', '\\.', $code_ex).' ' : '')."/m", + '', + $this->last_reply + ); + } else { + // Fall back to simple parsing if regex fails + $code = substr($this->last_reply, 0, 3); + $code_ex = null; + $detail = substr($this->last_reply, 4); } + $this->edebug('SERVER -> CLIENT: ' . $this->last_reply, self::DEBUG_SERVER); + if (!in_array($code, (array)$expect)) { - $this->last_reply = null; - $this->error = array( - "error" => "$command command failed", - "smtp_code" => $code, - "detail" => substr($reply, 4) + $this->setError( + "$command command failed", + $detail, + $code, + $code_ex + ); + $this->edebug( + 'SMTP ERROR: ' . $this->error['error'] . ': ' . $this->last_reply, + self::DEBUG_CLIENT ); - if ($this->do_debug >= 1) { - $this->edebug( - 'SMTP -> ERROR: ' . $this->error['error'] . ': ' . $reply - ); - } return false; } - $this->last_reply = $reply; - $this->error = null; + $this->setError(''); return true; } @@ -725,52 +872,48 @@ class SMTP * Implements rfc 821: SAML FROM: * @param string $from The address the message is from * @access public - * @return bool + * @return boolean */ public function sendAndMail($from) { - return $this->sendCommand("SAML", "SAML FROM:$from", 250); + return $this->sendCommand('SAML', "SAML FROM:$from", 250); } /** * Send an SMTP VRFY command. * @param string $name The name to verify * @access public - * @return bool + * @return boolean */ public function verify($name) { - return $this->sendCommand("VRFY", "VRFY $name", array(250, 251)); + return $this->sendCommand('VRFY', "VRFY $name", array(250, 251)); } /** * Send an SMTP NOOP command. * Used to keep keep-alives alive, doesn't actually do anything * @access public - * @return bool + * @return boolean */ public function noop() { - return $this->sendCommand("NOOP", "NOOP", 250); + return $this->sendCommand('NOOP', 'NOOP', 250); } /** * Send an SMTP TURN command. * This is an optional command for SMTP that this class does not support. - * This method is here to make the RFC821 Definition - * complete for this class and __may__ be implemented in future + * This method is here to make the RFC821 Definition complete for this class + * and _may_ be implemented in future * Implements from rfc 821: TURN * @access public - * @return bool + * @return boolean */ public function turn() { - $this->error = array( - 'error' => 'The SMTP TURN command is not implemented' - ); - if ($this->do_debug >= 1) { - $this->edebug('SMTP -> NOTICE: ' . $this->error['error']); - } + $this->setError('The SMTP TURN command is not implemented'); + $this->edebug('SMTP NOTICE: ' . $this->error['error'], self::DEBUG_CLIENT); return false; } @@ -778,13 +921,11 @@ class SMTP * Send raw data to the server. * @param string $data The data to send * @access public - * @return int|bool The number of bytes sent to the server or FALSE on error + * @return integer|boolean The number of bytes sent to the server or false on error */ public function client_send($data) { - if ($this->do_debug >= 1) { - $this->edebug("CLIENT -> SMTP: $data"); - } + $this->edebug("CLIENT -> SERVER: $data", self::DEBUG_CLIENT); return fwrite($this->smtp_conn, $data); } @@ -798,6 +939,57 @@ class SMTP return $this->error; } + /** + * Get SMTP extensions available on the server + * @access public + * @return array|null + */ + public function getServerExtList() + { + return $this->server_caps; + } + + /** + * A multipurpose method + * The method works in three ways, dependent on argument value and current state + * 1. HELO/EHLO was not sent - returns null and set up $this->error + * 2. HELO was sent + * $name = 'HELO': returns server name + * $name = 'EHLO': returns boolean false + * $name = any string: returns null and set up $this->error + * 3. EHLO was sent + * $name = 'HELO'|'EHLO': returns server name + * $name = any string: if extension $name exists, returns boolean True + * or its options. Otherwise returns boolean False + * In other words, one can use this method to detect 3 conditions: + * - null returned: handshake was not or we don't know about ext (refer to $this->error) + * - false returned: the requested feature exactly not exists + * - positive value returned: the requested feature exists + * @param string $name Name of SMTP extension or 'HELO'|'EHLO' + * @return mixed + */ + public function getServerExt($name) + { + if (!$this->server_caps) { + $this->setError('No HELO/EHLO was sent'); + return null; + } + + // the tight logic knot ;) + if (!array_key_exists($name, $this->server_caps)) { + if ($name == 'HELO') { + return $this->server_caps['EHLO']; + } + if ($name == 'EHLO' || array_key_exists('EHLO', $this->server_caps)) { + return false; + } + $this->setError('HELO handshake was used. Client knows nothing about server extensions'); + return null; + } + + return $this->server_caps[$name]; + } + /** * Get the last reply from the server. * @access public @@ -819,51 +1011,42 @@ class SMTP */ protected function get_lines() { - $data = ''; - $endtime = 0; - // If the connection is bad, give up now + // If the connection is bad, give up straight away if (!is_resource($this->smtp_conn)) { - return $data; + return ''; } + $data = ''; + $endtime = 0; stream_set_timeout($this->smtp_conn, $this->Timeout); if ($this->Timelimit > 0) { $endtime = time() + $this->Timelimit; } while (is_resource($this->smtp_conn) && !feof($this->smtp_conn)) { $str = @fgets($this->smtp_conn, 515); - if ($this->do_debug >= 4) { - $this->edebug("SMTP -> get_lines(): \$data was \"$data\""); - $this->edebug("SMTP -> get_lines(): \$str is \"$str\""); - } + $this->edebug("SMTP -> get_lines(): \$data is \"$data\"", self::DEBUG_LOWLEVEL); + $this->edebug("SMTP -> get_lines(): \$str is \"$str\"", self::DEBUG_LOWLEVEL); $data .= $str; - if ($this->do_debug >= 4) { - $this->edebug("SMTP -> get_lines(): \$data is \"$data\""); - } - // if 4th character is a space, we are done reading, break the loop - if (substr($str, 3, 1) == ' ') { + // If 4th character is a space, we are done reading, break the loop, micro-optimisation over strlen + if ((isset($str[3]) and $str[3] == ' ')) { break; } // Timed-out? Log and break $info = stream_get_meta_data($this->smtp_conn); if ($info['timed_out']) { - if ($this->do_debug >= 4) { - $this->edebug( - 'SMTP -> get_lines(): timed-out (' . $this->Timeout . ' sec)' - ); - } + $this->edebug( + 'SMTP -> get_lines(): timed-out (' . $this->Timeout . ' sec)', + self::DEBUG_LOWLEVEL + ); break; } // Now check if reads took too long - if ($endtime) { - if (time() > $endtime) { - if ($this->do_debug >= 4) { - $this->edebug( - 'SMTP -> get_lines(): timelimit reached (' - . $this->Timelimit . ' sec)' - ); - } - break; - } + if ($endtime and time() > $endtime) { + $this->edebug( + 'SMTP -> get_lines(): timelimit reached ('. + $this->Timelimit . ' sec)', + self::DEBUG_LOWLEVEL + ); + break; } } return $data; @@ -871,7 +1054,7 @@ class SMTP /** * Enable or disable VERP address generation. - * @param bool $enabled + * @param boolean $enabled */ public function setVerp($enabled = false) { @@ -880,16 +1063,33 @@ class SMTP /** * Get VERP address generation mode. - * @return bool + * @return boolean */ public function getVerp() { return $this->do_verp; } + /** + * Set error messages and codes. + * @param string $message The error message + * @param string $detail Further detail on the error + * @param string $smtp_code An associated SMTP error code + * @param string $smtp_code_ex Extended SMTP code + */ + protected function setError($message, $detail = '', $smtp_code = '', $smtp_code_ex = '') + { + $this->error = array( + 'error' => $message, + 'detail' => $detail, + 'smtp_code' => $smtp_code, + 'smtp_code_ex' => $smtp_code_ex + ); + } + /** * Set debug output method. - * @param string $method The function/method to use for debugging output. + * @param string|callable $method The name of the mechanism to use for debugging output, or a callable to handle it. */ public function setDebugOutput($method = 'echo') { @@ -907,7 +1107,7 @@ class SMTP /** * Set debug output level. - * @param int $level + * @param integer $level */ public function setDebugLevel($level = 0) { @@ -916,7 +1116,7 @@ class SMTP /** * Get debug output level. - * @return int + * @return integer */ public function getDebugLevel() { @@ -925,7 +1125,7 @@ class SMTP /** * Set SMTP timeout. - * @param int $timeout + * @param integer $timeout */ public function setTimeout($timeout = 0) { @@ -934,10 +1134,53 @@ class SMTP /** * Get SMTP timeout. - * @return int + * @return integer */ public function getTimeout() { return $this->Timeout; } + + /** + * Reports an error number and string. + * @param integer $errno The error number returned by PHP. + * @param string $errmsg The error message returned by PHP. + */ + protected function errorHandler($errno, $errmsg) + { + $notice = 'Connection: Failed to connect to server.'; + $this->setError( + $notice, + $errno, + $errmsg + ); + $this->edebug( + $notice . ' Error number ' . $errno . '. "Error notice: ' . $errmsg, + self::DEBUG_CONNECTION + ); + } + + /** + * Will return the ID of the last smtp transaction based on a list of patterns provided + * in SMTP::$smtp_transaction_id_patterns. + * If no reply has been received yet, it will return null. + * If no pattern has been matched, it will return false. + * @return bool|null|string + */ + public function getLastTransactionID() + { + $reply = $this->getLastReply(); + + if (empty($reply)) { + return null; + } + + foreach($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) { + if(preg_match($smtp_transaction_id_pattern, $reply, $matches)) { + return $matches[1]; + } + } + + return false; + } }