aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/functions_messenger.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/functions_messenger.php')
-rw-r--r--phpBB/includes/functions_messenger.php122
1 files changed, 97 insertions, 25 deletions
diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php
index 4797da5398..f4e49b1b18 100644
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@@ -2,9 +2,8 @@
/**
*
* @package phpBB3
-* @version $Id$
* @copyright (c) 2005 phpBB Group
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/
@@ -570,7 +569,7 @@ class messenger
if (!$use_queue)
{
include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
- $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_use_ssl']);
+ $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl']);
if (!$this->jabber->connect())
{
@@ -771,7 +770,7 @@ class queue
}
include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
- $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_use_ssl']);
+ $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password']), $config['jab_use_ssl']);
if (!$this->jabber->connect())
{
@@ -1024,7 +1023,7 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = false)
}
// Let me in. This function handles the complete authentication process
- if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], $config['smtp_password'], $config['smtp_auth_method']))
+ if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], htmlspecialchars_decode($config['smtp_password']), $config['smtp_auth_method']))
{
$smtp->close_session($err_msg);
return false;
@@ -1137,6 +1136,7 @@ class smtp_class
{
var $server_response = '';
var $socket = 0;
+ protected $socket_tls = false;
var $responses = array();
var $commands = array();
var $numeric_response_code = 0;
@@ -1287,30 +1287,29 @@ class smtp_class
}
}
- // Try EHLO first
- $this->server_send("EHLO {$local_host}");
- if ($err_msg = $this->server_parse('250', __LINE__))
+ $hello_result = $this->hello($local_host);
+ if (!is_null($hello_result))
{
- // a 503 response code means that we're already authenticated
- if ($this->numeric_response_code == 503)
- {
- return false;
- }
-
- // If EHLO fails, we try HELO
- $this->server_send("HELO {$local_host}");
- if ($err_msg = $this->server_parse('250', __LINE__))
- {
- return ($this->numeric_response_code == 503) ? false : $err_msg;
- }
+ return $hello_result;
}
- foreach ($this->responses as $response)
+ // SMTP STARTTLS (RFC 3207)
+ if (!$this->socket_tls)
{
- $response = explode(' ', $response);
- $response_code = $response[0];
- unset($response[0]);
- $this->commands[$response_code] = implode(' ', $response);
+ $this->socket_tls = $this->starttls();
+
+ if ($this->socket_tls)
+ {
+ // Switched to TLS
+ // RFC 3207: "The client MUST discard any knowledge obtained from the server, [...]"
+ // So say hello again
+ $hello_result = $this->hello($local_host);
+
+ if (!is_null($hello_result))
+ {
+ return $hello_result;
+ }
+ }
}
// If we are not authenticated yet, something might be wrong if no username and passwd passed
@@ -1357,6 +1356,79 @@ class smtp_class
}
/**
+ * SMTP EHLO/HELO
+ *
+ * @return mixed Null if the authentication process is supposed to continue
+ * False if already authenticated
+ * Error message (string) otherwise
+ */
+ protected function hello($hostname)
+ {
+ // Try EHLO first
+ $this->server_send("EHLO $hostname");
+ if ($err_msg = $this->server_parse('250', __LINE__))
+ {
+ // a 503 response code means that we're already authenticated
+ if ($this->numeric_response_code == 503)
+ {
+ return false;
+ }
+
+ // If EHLO fails, we try HELO
+ $this->server_send("HELO $hostname");
+ if ($err_msg = $this->server_parse('250', __LINE__))
+ {
+ return ($this->numeric_response_code == 503) ? false : $err_msg;
+ }
+ }
+
+ foreach ($this->responses as $response)
+ {
+ $response = explode(' ', $response);
+ $response_code = $response[0];
+ unset($response[0]);
+ $this->commands[$response_code] = implode(' ', $response);
+ }
+ }
+
+ /**
+ * SMTP STARTTLS (RFC 3207)
+ *
+ * @return bool Returns true if TLS was started
+ * Otherwise false
+ */
+ protected function starttls()
+ {
+ if (!function_exists('stream_socket_enable_crypto'))
+ {
+ return false;
+ }
+
+ if (!isset($this->commands['STARTTLS']))
+ {
+ return false;
+ }
+
+ $this->server_send('STARTTLS');
+
+ if ($err_msg = $this->server_parse('220', __LINE__))
+ {
+ return false;
+ }
+
+ $result = false;
+ $stream_meta = stream_get_meta_data($this->socket);
+
+ if (socket_set_blocking($this->socket, 1));
+ {
+ $result = stream_socket_enable_crypto($this->socket, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
+ socket_set_blocking($this->socket, (int) $stream_meta['blocked']);
+ }
+
+ return $result;
+ }
+
+ /**
* Pop before smtp authentication
*/
function pop_before_smtp($hostname, $username, $password)
generated by cgit v1.2.1 (git 2.21.0) at 2025-08-24 14:38:15 +0000