[Hastymail-cvs] hastymail/lib smtp.php,1.64,1.65
Brought to you by:
sailfrog,
slushpupie
From: <sai...@us...> - 2003-09-24 19:04:50
|
Update of /cvsroot/hastymail/hastymail/lib In directory sc8-pr-cvs1:/tmp/cvs-serv29270/lib Modified Files: smtp.php Log Message: Added SMTP authentication via the CRAM-MD5 mechanism and SMTP over SSL. Index: smtp.php =================================================================== RCS file: /cvsroot/hastymail/hastymail/lib/smtp.php,v retrieving revision 1.64 retrieving revision 1.65 diff -u -d -r1.64 -r1.65 --- smtp.php 22 Sep 2003 04:02:15 -0000 1.64 +++ smtp.php 24 Sep 2003 19:04:45 -0000 1.65 @@ -97,6 +97,17 @@ } return false; } + + /* smtp auth */ + if (isset($config['smtp_auth']) && $config['smtp_auth'] == 'true') { + if(!hm_auth_smtp($smtp_stream, $lost, $config_file)) { + if ($smtp_stream) { + fclose($smtp_stream); + } + return false; + } + } + if (!hm_smtp_mail($smtp_stream, $lost, $from_address)) { if ($smtp_stream) { fclose($smtp_stream); @@ -284,6 +295,14 @@ else { $port = 25; } + if (isset($_SESSION['config']['smtp_ssl']) && + $_SESSION['config']['smtp_ssl'] == 'ssl') { + $server = 'ssl://'.$server; + } + elseif (isset($_SESSION['config']['smtp_ssl']) && + $_SESSION['config']['smtp_ssl'] == 'tls') { + $server = 'tls://'.$server; + } if ($smtp_stream = @fsockopen($server, $port, $errorno, $errorstr, 30)) { if ($helo = fgets($smtp_stream, 1024)) { if (preg_match("/^220/", $helo)) { @@ -369,6 +388,59 @@ } } +function hm_auth_smtp($smtp_stream, $lost, $config_file) { + $str = $_SESSION['str']; + fputs($smtp_stream, "AUTH CRAM-MD5\r\n"); + if ($response = fgets($smtp_stream, 1024)) { + if (substr($response, 0, 3) != '334') { + echo '<table align="center" class="tables3"> + <tr> + <td align="center"> + <font class="font2"><small> + ',$str[234],':<br> + ',$response,' + </small></font> + </td> + </tr> +</table><br>',"\n"; + return false; + } + else { + $challenge = base64_decode(substr($response, 4)); + $user = $_SESSION['user']; + $key = 'hastytest'; + $key .= str_repeat(chr(0x00), (64-strlen($key))); + $ipad = str_repeat(chr(0x36), 64); + $opad = str_repeat(chr(0x5c), 64); + $digest = bin2hex(pack("H*", md5(($key ^ $opad). + pack("H*", md5(($key ^ $ipad).$challenge))))); + $challenge_response = base64_encode($user.' '.$digest); + fputs($smtp_stream, $challenge_response."\r\n"); + $result = fgets($smtp_stream, 1024); + if (substr($result, 0, 3) != '235') { + echo '<table align="center" class="tables3"> + <tr> + <td align="center"> + <font class="font2"><small> + ',$str[234],':<br> + ',$response,' + </small></font> + </td> + </tr> +</table><br>',"\n"; + return false; + } + else { + return true; + } + } + } + else { + echo $lost; + return false; + } +} + /* performs the SMTP MAIL command $smtp_stream = connection to the smtp server $lost = some html to echo if our socket connection went away @@ -395,7 +467,6 @@ </table><br>',"\n"; return false; } - } else { echo $lost; |