We use cookies to ensure you get the best experience on our website
Home Esplora Aiuto
Registrati Accedi
0ct0pu5
/
squirrelmail
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Sfoglia il codice sorgente

Some tweaks to SMTP auth to allow a site-wide user/pass override
(for those of us with a home installation that want to go out
using the ISP's SMTP server because people arbitrarily block
our dynamic IP addresses).

new function in auth.php assigns the correct user/pass values
based on the auth mechanism.

For some reason the initStream method in Deliver_SMTP was not using
the passed in user name, it was using the global $username, and had
the key and onetimepad declared, though it always used the passed in
parameter pass instead - cleaned that up so it used the user/pass values
passed in instead.

read_body and compose were updated to use the new function in auth.php
to get the correct username and password for SMTP auth, and pass these
values to initStream.

Works for me.

Erin Schnabel 21 anni fa
parent
2df740a406
commit
cfdced5f7b
4 ha cambiato i file con 34 aggiunte e 25 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 8 8
      class/deliver/Deliver_SMTP.class.php
  2. 24 0
      functions/auth.php
  3. 1 9
      src/compose.php
  4. 1 8
      src/read_body.php

+ 8 - 8
class/deliver/Deliver_SMTP.class.php
Vedi File 

@@ -28,12 +28,12 @@ class Deliver_SMTP extends Deliver {
 
     }
 
     
     function initStream($message, $domain, $length=0, $host='', $port='', $user='', $pass='', $authpop=false) {
 
-	global $use_smtp_tls,$smtp_auth_mech,$username,$key,$onetimepad;
 
-    
+	global $use_smtp_tls,$smtp_auth_mech;
 
+
 
 	if ($authpop) {
 
-	   $this->authPop($host, '', $username, $pass);
 
+	   $this->authPop($host, '', $user, $pass);
 
 	}
 
-	
+
 
     $rfc822_header = $message->rfc822_header;      
 	$from = $rfc822_header->from[0];  
 	$to =   $rfc822_header->to;
 
@@ -95,9 +95,9 @@ class Deliver_SMTP extends Deliver {
 
 	  $chall = substr($tmp,4);
 
 	  // Depending on mechanism, generate response string 
 	  if ($smtp_auth_mech == 'cram-md5') {
 
-	    $response = cram_md5_response($username,$pass,$chall);
 
+	    $response = cram_md5_response($user,$pass,$chall);
 
 	  } elseif ($smtp_auth_mech == 'digest-md5') {
 
-	    $response = digest_md5_response($username,$pass,$chall,'smtp',$host);
 
+	    $response = digest_md5_response($user,$pass,$chall,'smtp',$host);
 
 	  }
 
 	  fputs($stream, $response);
 
 	  
@@ -130,7 +130,7 @@ class Deliver_SMTP extends Deliver {
 
 	  if ($this->errorCheck($tmp, $stream)) {
 
     	return(0);
 
 	  }
 
-      fputs($stream, base64_encode ($username) . "\r\n");
 
+      fputs($stream, base64_encode ($user) . "\r\n");
 
       $tmp = fgets($stream, 1024);
 
 	  if ($this->errorCheck($tmp, $stream)) {
 
     	return(0);
 
@@ -143,7 +143,7 @@ class Deliver_SMTP extends Deliver {
 
 	  }
 
 	} elseif ($smtp_auth_mech == "plain") {
 
       /* SASL Plain */
 
-      $auth = base64_encode("$username\0$username\0$pass");
 
+      $auth = base64_encode("$user\0$user\0$pass");
 
                   
       $query = "AUTH PLAIN\r\n";
 
       fputs($stream, $query);

+ 24 - 0
functions/auth.php
Vedi File 

@@ -218,4 +218,28 @@ function hmac_md5($data, $key='') {
 
     return $hmac;
 
 }
 
 
+/** 
+ * Fillin user and password based on SMTP auth settings.
 
+ *
 
+ * @global
 
+ * @param string $user Reference to SMTP username
 
+ * @param string $pass Reference to SMTP password (unencrypted)
 
+ */
 
+function get_smtp_user(&$user, &$pass) {
 
+    global $username, $smtp_auth_mech, 
+           $smtp_sitewide_user, $smtp_sitewide_pass;
 
+
 
+    if ($smtp_auth_mech == 'none') {
 
+        $user = '';
 
+        $pass = '';
 
+    } elseif ( isset($smtp_sitewide_user) && isset($smtp_sitewide_pass) ) {
 
+        $user = $smtp_sitewide_user;
 
+        $pass = $smtp_sitewide_pass;
 
+    } else {
 
+        global $key, $onetimepad;
 
+        $user = $username;
 
+        $pass = OneTimePadDecrypt($key, $onetimepad);
 
+    }
 
+}
 
+
 
 ?>

+ 1 - 9
src/compose.php
Vedi File 

@@ -1462,16 +1462,8 @@ function deliverMessage($composeMessage, $draft=false) {
 
         $deliver = new Deliver_SMTP();
 
         global $smtpServerAddress, $smtpPort, $pop_before_smtp, $smtp_auth_mech;
 
 
-        if ($smtp_auth_mech == 'none') {
 
-                $user = '';
 
-                $pass = '';
 
-        } else {
 
-                global $key, $onetimepad;
 
-                $user = $username;
 
-                $pass = OneTimePadDecrypt($key, $onetimepad);
 
-        }
 
-
 
         $authPop = (isset($pop_before_smtp) && $pop_before_smtp) ? true : false;
 
+        get_smtp_user($user, $pass);
 
         $stream = $deliver->initStream($composeMessage,$domain,0,
 
                           $smtpServerAddress, $smtpPort, $user, $pass, $authPop);
 
     } elseif (!$draft) {

+ 1 - 8
src/read_body.php
Vedi File 

@@ -278,15 +278,8 @@ function SendMDN ( $mailbox, $passed_id, $sender, $message, $imapConnection) {
 
         require_once(SM_PATH . 'class/deliver/Deliver_SMTP.class.php');
 
         $deliver = new Deliver_SMTP();
 
         global $smtpServerAddress, $smtpPort, $smtp_auth_mech, $pop_before_smtp;
 
-        if ($smtp_auth_mech == 'none') {
 
-            $user = '';
 
-            $pass = '';
 
-        } else {
 
-            global $key, $onetimepad;
 
-            $user = $username;
 
-            $pass = OneTimePadDecrypt($key, $onetimepad);
 
-        }
 
         $authPop = (isset($pop_before_smtp) && $pop_before_smtp) ? true : false;
 
+        get_smtp_user($user, $pass);
 
         $stream = $deliver->initStream($composeMessage,$domain,0,
 
                                        $smtpServerAddress, $smtpPort, $user, $pass, $authPop);
 
     }

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5