/**
* Attempt to do SMTP authentication.
*
* @param string $uid The userid to authenticate as.
* @param string $pwd The password to authenticate with.
* @param string $method The requested authentication method. If none is
* specified, the best supported method will be used.
* @param bool $tls Flag indicating whether or not TLS should be attempted.
* @param string $authz An optional authorization identifier. If specified, this
* identifier will be used as the authorization proxy.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @since 1.0
*/
public function auth($uid, $pwd, $method = '', $tls = true, $authz = '')
{
/* We can only attempt a TLS connection if one has been requested,
* we're running PHP 5.1.0 or later, have access to the OpenSSL
* extension, are connected to an SMTP server which supports the
* STARTTLS extension, and aren't already connected over a secure
* (SSL) socket connection. */
if ($tls && version_compare(PHP_VERSION, '5.1.0', '>=') && extension_loaded('openssl') && isset($this->esmtp['STARTTLS']) && strncasecmp($this->host, 'ssl://', 6) !== 0) {
/* Start the TLS connection attempt. */
if (PEAR::isError($result = $this->put('STARTTLS'))) {
return $result;
}
if (PEAR::isError($result = $this->parseResponse(220))) {
return $result;
}
if (PEAR::isError($result = $this->socket->enableCrypto(true, STREAM_CRYPTO_METHOD_TLS_CLIENT))) {
return $result;
} elseif ($result !== true) {
return PEAR::raiseError('STARTTLS failed');
}
/* Send EHLO again to recieve the AUTH string from the
* SMTP server. */
$this->negotiate();
}
if (empty($this->esmtp['AUTH'])) {
return PEAR::raiseError('SMTP server does not support authentication');
}
/* If no method has been specified, get the name of the best
* supported method advertised by the SMTP server. */
if (empty($method)) {
if (PEAR::isError($method = $this->getBestAuthMethod())) {
/* Return the PEAR_Error object from _getBestAuthMethod(). */
return $method;
}
} else {
$method = strtoupper($method);
if (!array_key_exists($method, $this->auth_methods)) {
return PEAR::raiseError("{$method} is not a supported authentication method");
}
}
if (!isset($this->auth_methods[$method])) {
return PEAR::raiseError("{$method} is not a supported authentication method");
}
if (!is_callable($this->auth_methods[$method], false)) {
return PEAR::raiseError("{$method} authentication method cannot be called");
}
if (is_array($this->auth_methods[$method])) {
list($object, $method) = $this->auth_methods[$method];
$result = $object->{$method}($uid, $pwd, $authz, $this);
} else {
$func = $this->auth_methods[$method];
$result = $func($uid, $pwd, $authz, $this);
}
/* If an error was encountered, return the PEAR_Error object. */
if (PEAR::isError($result)) {
return $result;
}
return true;
}
/**
* Attempt to connect to the IMAP server.
*
* @param string $host Hostname of the IMAP server
* @param int $port Port of the IMAP server (default = 143)
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access public
* @since 1.0
*/
function cmdConnect($host = 'localhost', $port = 143)
{
if ($this->_connected) {
return new PEAR_Error('already connected, logout first!');
}
if (PEAR::isError($error = $this->_socket->connect($host, $port, null, $this->_timeout, $this->_streamContextOptions))) {
return $error;
}
if ($port == 993) {
if (!$this->_socket->enableCrypto(true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) {
return new PEAR_Error('Failed to set crypto');
}
}
if (PEAR::isError($this->_getRawResponse())) {
return new PEAR_Error('unable to open socket');
}
$this->_connected = true;
return true;
}
/**
* Attempt to do SMTP authentication.
*
* @param string The userid to authenticate as.
* @param string The password to authenticate with.
* @param string The requested authentication method. If none is
* specified, the best supported method will be used.
* @param bool Flag indicating whether or not TLS should be attempted.
* @param string An optional authorization identifier. If specified, this
* identifier will be used as the authorization proxy.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access public
* @since 1.0
*/
function auth($uid, $pwd, $method = '', $tls = true, $authz = '')
{
/* We can only attempt a TLS connection if one has been requested,
* we're running PHP 5.1.0 or later, have access to the OpenSSL
* extension, are connected to an SMTP server which supports the
* STARTTLS extension, and aren't already connected over a secure
* (SSL) socket connection. */
if ($tls && version_compare(PHP_VERSION, '5.1.0', '>=') && extension_loaded('openssl') && isset($this->_esmtp['STARTTLS']) && strncasecmp($this->host, 'ssl://', 6) !== 0) {
/* Start the TLS connection attempt. */
if (PEAR::isError($result = $this->_put('STARTTLS'))) {
return $result;
}
if (PEAR::isError($result = $this->_parseResponse(220))) {
return $result;
}
if (PEAR::isError($result = $this->_socket->enableCrypto(true, STREAM_CRYPTO_METHOD_TLS_CLIENT))) {
return $result;
} elseif ($result !== true) {
return PEAR::raiseError('STARTTLS failed');
}
/* Send EHLO again to recieve the AUTH string from the
* SMTP server. */
$this->_negotiate();
}
if (empty($this->_esmtp['AUTH'])) {
return PEAR::raiseError('SMTP server does not support authentication');
}
/* If no method has been specified, get the name of the best
* supported method advertised by the SMTP server. */
if (empty($method)) {
if (PEAR::isError($method = $this->_getBestAuthMethod())) {
/* Return the PEAR_Error object from _getBestAuthMethod(). */
return $method;
}
} else {
$method = strtoupper($method);
if (!in_array($method, $this->auth_methods)) {
return PEAR::raiseError("{$method} is not a supported authentication method");
}
}
switch ($method) {
case 'DIGEST-MD5':
$result = $this->_authDigest_MD5($uid, $pwd, $authz);
break;
case 'CRAM-MD5':
$result = $this->_authCRAM_MD5($uid, $pwd);
break;
case 'LOGIN':
$result = $this->_authLogin($uid, $pwd);
break;
case 'PLAIN':
$result = $this->_authPlain($uid, $pwd, $authz);
break;
default:
$result = PEAR::raiseError("{$method} is not a supported authentication method");
break;
}
/* If an error was encountered, return the PEAR_Error object. */
if (PEAR::isError($result)) {
return $result;
}
return true;
}
/**
* Attempt to do SMTP authentication.
*
* @param string The userid to authenticate as.
* @param string The password to authenticate with.
* @param string The requested authentication method. If none is
* specified, the best supported method will be used.
*
* @return mixed Returns a PEAR_Error with an error message on any
* kind of failure, or true on success.
* @access public
* @since 1.0
*/
function auth($uid, $pwd, $method = '')
{
if (version_compare(PHP_VERSION, '5.1.0', '>=') && (isset($this->_esmtp['STARTTLS']) || $this->_esmtp['STARTTLS'] == true)) {
if (PEAR::isError($result = $this->_put('STARTTLS'))) {
return $result;
}
if (PEAR::isError($result = $this->_parseResponse(220))) {
return $result;
}
if (PEAR::isError($result = $this->_socket->enableCrypto(true, STREAM_CRYPTO_METHOD_TLS_CLIENT))) {
return $result;
} elseif ($result !== true) {
return PEAR::raiseError('STARTTLS failed');
}
/* Send EHLO again to recieve the AUTH string from the
* SMTP server. */
$this->_negotiate();
}
if (empty($this->_esmtp['AUTH'])) {
return PEAR::raiseError('SMTP server does not support authentication');
}
/* If no method has been specified, get the name of the best
* supported method advertised by the SMTP server. */
if (empty($method)) {
if (PEAR::isError($method = $this->_getBestAuthMethod())) {
/* Return the PEAR_Error object from _getBestAuthMethod(). */
return $method;
}
} else {
$method = strtoupper($method);
if (!in_array($method, $this->auth_methods)) {
return PEAR::raiseError("{$method} is not a supported authentication method");
}
}
switch ($method) {
case 'DIGEST-MD5':
$result = $this->_authDigest_MD5($uid, $pwd);
break;
case 'CRAM-MD5':
$result = $this->_authCRAM_MD5($uid, $pwd);
break;
case 'LOGIN':
$result = $this->_authLogin($uid, $pwd);
break;
case 'PLAIN':
$result = $this->_authPlain($uid, $pwd);
break;
default:
$result = PEAR::raiseError("{$method} is not a supported authentication method");
break;
}
/* If an error was encountered, return the PEAR_Error object. */
if (PEAR::isError($result)) {
return $result;
}
return true;
}
