/**
* Perform SMTP authentication.
* Must be run after hello().
* @see hello()
* @param string $username The User name
* @param string $password The password
* @param string $authtype The auth type (PLAIN, LOGIN, NTLM, CRAM-MD5)
* @param string $realm The auth realm for NTLM
* @param string $workstation The auth workstation for NTLM
* @access public
* @return boolean True if successfully authenticated.
*/
public function authenticate($username, $password, $authtype = null, $realm = '', $workstation = '')
{
if (!$this->server_caps) {
$this->setError('Authentication is not allowed before HELO/EHLO');
return false;
}
if (array_key_exists('EHLO', $this->server_caps)) {
// SMTP extensions are available. Let's try to find a proper authentication method
if (!array_key_exists('AUTH', $this->server_caps)) {
$this->setError('Authentication is not allowed at this stage');
// 'at this stage' means that auth may be allowed after the stage changes
// e.g. after STARTTLS
return false;
}
self::edebug('Auth method requested: ' . ($authtype ? $authtype : 'UNKNOWN'), self::DEBUG_LOWLEVEL);
self::edebug('Auth methods available on the server: ' . implode(',', $this->server_caps['AUTH']), self::DEBUG_LOWLEVEL);
if (empty($authtype)) {
foreach (array('LOGIN', 'CRAM-MD5', 'NTLM', 'PLAIN') as $method) {
if (in_array($method, $this->server_caps['AUTH'])) {
$authtype = $method;
break;
}
}
if (empty($authtype)) {
$this->setError('No supported authentication methods found');
return false;
}
self::edebug('Auth method selected: ' . $authtype, self::DEBUG_LOWLEVEL);
}
if (!in_array($authtype, $this->server_caps['AUTH'])) {
$this->setError("The requested authentication method \"{$authtype}\" is not supported by the server");
return false;
}
} elseif (empty($authtype)) {
$authtype = 'LOGIN';
}
switch ($authtype) {
case 'PLAIN':
// Start authentication
if (!$this->sendCommand('AUTH', 'AUTH PLAIN', 334)) {
return false;
}
// Send encoded username and password
if (!$this->sendCommand('User & Password', base64_encode("" . $username . "" . $password), 235)) {
return false;
}
break;
case 'LOGIN':
// Start authentication
if (!$this->sendCommand('AUTH', 'AUTH LOGIN', 334)) {
return false;
}
if (!$this->sendCommand("Username", base64_encode($username), 334)) {
return false;
}
if (!$this->sendCommand("Password", base64_encode($password), 235)) {
return false;
}
break;
case 'NTLM':
/*
* ntlm_sasl_client.php
* Bundled with Permission
*
* How to telnet in windows:
* http://technet.microsoft.com/en-us/library/aa995718%28EXCHG.65%29.aspx
* PROTOCOL Docs http://curl.haxx.se/rfc/ntlm.html#ntlmSmtpAuthentication
*/
require_once 'extras/ntlm_sasl_client.php';
$temp = new stdClass();
$ntlm_client = new ntlm_sasl_client_class();
//Check that functions are available
if (!$ntlm_client->Initialize($temp)) {
$this->setError($temp->error);
$this->edebug('You need to enable some modules in your php.ini file: ' . $this->error['error'], self::DEBUG_CLIENT);
return false;
}
//msg1
$msg1 = $ntlm_client->TypeMsg1($realm, $workstation);
//msg1
if (!$this->sendCommand('AUTH NTLM', 'AUTH NTLM ' . base64_encode($msg1), 334)) {
return false;
}
//Though 0 based, there is a white space after the 3 digit number
//msg2
$challenge = substr($this->last_reply, 3);
$challenge = base64_decode($challenge);
$ntlm_res = $ntlm_client->NTLMResponse(substr($challenge, 24, 8), $password);
//msg3
$msg3 = $ntlm_client->TypeMsg3($ntlm_res, $username, $realm, $workstation);
// send encoded username
return $this->sendCommand('Username', base64_encode($msg3), 235);
case 'CRAM-MD5':
// Start authentication
if (!$this->sendCommand('AUTH CRAM-MD5', 'AUTH CRAM-MD5', 334)) {
return false;
}
// Get the challenge
$challenge = base64_decode(substr($this->last_reply, 4));
// Build the response
$response = $username . ' ' . $this->hmac($challenge, $password);
// send encoded credentials
return $this->sendCommand('Username', base64_encode($response), 235);
default:
$this->setError("Authentication method \"{$authtype}\" is not supported");
return false;
}
return true;
}
/**
* Perform SMTP authentication.
* Must be run after hello().
* @see hello()
* @param string $username The user name
* @param string $password The password
* @param string $authtype The auth type (PLAIN, LOGIN, NTLM, CRAM-MD5)
* @param string $realm The auth realm for NTLM
* @param string $workstation The auth workstation for NTLM
* @access public
* @return bool True if successfully authenticated.
*/
public function authenticate($username, $password, $authtype = 'LOGIN', $realm = '', $workstation = '')
{
if (empty($authtype)) {
$authtype = 'LOGIN';
}
switch ($authtype) {
case 'PLAIN':
// Start authentication
if (!$this->sendCommand('AUTH', 'AUTH PLAIN', 334)) {
return false;
}
// Send encoded username and password
if (!$this->sendCommand('User & Password', base64_encode("" . $username . "" . $password), 235)) {
return false;
}
break;
case 'LOGIN':
// Start authentication
if (!$this->sendCommand('AUTH', 'AUTH LOGIN', 334)) {
return false;
}
if (!$this->sendCommand("Username", base64_encode($username), 334)) {
return false;
}
if (!$this->sendCommand("Password", base64_encode($password), 235)) {
return false;
}
break;
case 'NTLM':
/*
* ntlm_sasl_client.php
* Bundled with Permission
*
* How to telnet in windows:
* http://technet.microsoft.com/en-us/library/aa995718%28EXCHG.65%29.aspx
* PROTOCOL Docs http://curl.haxx.se/rfc/ntlm.html#ntlmSmtpAuthentication
*/
require_once 'extras/ntlm_sasl_client.php';
$temp = new stdClass();
$ntlm_client = new ntlm_sasl_client_class();
//Check that functions are available
if (!$ntlm_client->Initialize($temp)) {
$this->error = array('error' => $temp->error);
if ($this->do_debug >= 1) {
$this->edebug('You need to enable some modules in your php.ini file: ' . $this->error['error']);
}
return false;
}
//msg1
$msg1 = $ntlm_client->TypeMsg1($realm, $workstation);
//msg1
if (!$this->sendCommand('AUTH NTLM', 'AUTH NTLM ' . base64_encode($msg1), 334)) {
return false;
}
//Though 0 based, there is a white space after the 3 digit number
//msg2
$challenge = substr($this->last_reply, 3);
$challenge = base64_decode($challenge);
$ntlm_res = $ntlm_client->NTLMResponse(substr($challenge, 24, 8), $password);
//msg3
$msg3 = $ntlm_client->TypeMsg3($ntlm_res, $username, $realm, $workstation);
// send encoded username
return $this->sendCommand('Username', base64_encode($msg3), 235);
break;
case 'CRAM-MD5':
// Start authentication
if (!$this->sendCommand('AUTH CRAM-MD5', 'AUTH CRAM-MD5', 334)) {
return false;
}
// Get the challenge
$challenge = base64_decode(substr($this->last_reply, 4));
// Build the response
$response = $username . ' ' . $this->hmac($challenge, $password);
// send encoded credentials
return $this->sendCommand('Username', base64_encode($response), 235);
break;
}
return true;
}
/**
* Performs SMTP authentication. Must be run after running the
* Hello() method. Returns true if successfully authenticated.
* @access public
* @param string $username
* @param string $password
* @param string $authtype
* @param string $realm
* @param string $workstation
* @return bool
*/
public function Authenticate($username, $password, $authtype = 'LOGIN', $realm = '', $workstation = '')
{
if (empty($authtype)) {
$authtype = 'LOGIN';
}
switch ($authtype) {
case 'PLAIN':
// Start authentication
$this->client_send('AUTH PLAIN' . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 334) {
$this->error = array('error' => 'AUTH not accepted from server', 'smtp_code' => $code, 'smtp_msg' => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug('SMTP -> ERROR: ' . $this->error['error'] . ': ' . $rply);
}
return false;
}
// Send encoded username and password
$this->client_send(base64_encode("" . $username . "" . $password) . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 235) {
$this->error = array('error' => 'Authentication not accepted from server', 'smtp_code' => $code, 'smtp_msg' => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug('SMTP -> ERROR: ' . $this->error['error'] . ': ' . $rply);
}
return false;
}
break;
case 'LOGIN':
// Start authentication
$this->client_send('AUTH LOGIN' . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 334) {
$this->error = array('error' => 'AUTH not accepted from server', 'smtp_code' => $code, 'smtp_msg' => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug('SMTP -> ERROR: ' . $this->error['error'] . ': ' . $rply);
}
return false;
}
// Send encoded username
$this->client_send(base64_encode($username) . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 334) {
$this->error = array('error' => 'Username not accepted from server', 'smtp_code' => $code, 'smtp_msg' => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug('SMTP -> ERROR: ' . $this->error['error'] . ': ' . $rply);
}
return false;
}
// Send encoded password
$this->client_send(base64_encode($password) . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 235) {
$this->error = array('error' => 'Password not accepted from server', 'smtp_code' => $code, 'smtp_msg' => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug('SMTP -> ERROR: ' . $this->error['error'] . ': ' . $rply);
}
return false;
}
break;
case 'NTLM':
/*
* ntlm_sasl_client.php
** Bundled with Permission
**
** How to telnet in windows: http://technet.microsoft.com/en-us/library/aa995718%28EXCHG.65%29.aspx
** PROTOCOL Documentation http://curl.haxx.se/rfc/ntlm.html#ntlmSmtpAuthentication
*/
require_once 'extras/ntlm_sasl_client.php';
$temp = new stdClass();
$ntlm_client = new ntlm_sasl_client_class();
if (!$ntlm_client->Initialize($temp)) {
//let's test if every function its available
$this->error = array('error' => $temp->error);
if ($this->do_debug >= 1) {
$this->edebug('You need to enable some modules in your php.ini file: ' . $this->error['error']);
}
return false;
}
$msg1 = $ntlm_client->TypeMsg1($realm, $workstation);
//msg1
$this->client_send('AUTH NTLM ' . base64_encode($msg1) . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 334) {
$this->error = array('error' => 'AUTH not accepted from server', 'smtp_code' => $code, 'smtp_msg' => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug('SMTP -> ERROR: ' . $this->error['error'] . ': ' . $rply);
}
return false;
}
$challenge = substr($rply, 3);
//though 0 based, there is a white space after the 3 digit number....//msg2
$challenge = base64_decode($challenge);
$ntlm_res = $ntlm_client->NTLMResponse(substr($challenge, 24, 8), $password);
$msg3 = $ntlm_client->TypeMsg3($ntlm_res, $username, $realm, $workstation);
//msg3
// Send encoded username
$this->client_send(base64_encode($msg3) . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 235) {
$this->error = array('error' => 'Could not authenticate', 'smtp_code' => $code, 'smtp_msg' => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug('SMTP -> ERROR: ' . $this->error['error'] . ': ' . $rply);
}
return false;
}
break;
case 'CRAM-MD5':
// Start authentication
$this->client_send('AUTH CRAM-MD5' . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 334) {
$this->error = array('error' => 'AUTH not accepted from server', 'smtp_code' => $code, 'smtp_msg' => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug('SMTP -> ERROR: ' . $this->error['error'] . ': ' . $rply);
}
return false;
}
// Get the challenge
$challenge = base64_decode(substr($rply, 4));
// Build the response
$response = $username . ' ' . $this->hmac($challenge, $password);
// Send encoded credentials
$this->client_send(base64_encode($response) . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 235) {
$this->error = array('error' => 'Credentials not accepted from server', 'smtp_code' => $code, 'smtp_msg' => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug('SMTP -> ERROR: ' . $this->error['error'] . ': ' . $rply);
}
return false;
}
break;
}
return true;
}
/**
* Performs SMTP authentication. Must be run after running the
* Hello() method. Returns true if successfully authenticated.
* @access public
* @param string $username
* @param string $password
* @param string $authtype
* @param string $realm
* @param string $workstation
* @return bool
*/
public function Authenticate($username, $password, $authtype = 'LOGIN', $realm = '', $workstation = '')
{
if (empty($authtype)) {
$authtype = 'LOGIN';
}
switch ($authtype) {
case 'PLAIN':
// Start authentication
fputs($this->smtp_conn, "AUTH PLAIN" . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 334) {
$this->error = array("error" => "AUTH not accepted from server", "smtp_code" => $code, "smtp_msg" => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug("SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF . '<br />');
}
return false;
}
// Send encoded username and password
fputs($this->smtp_conn, base64_encode("" . $username . "" . $password) . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 235) {
$this->error = array("error" => "Authentication not accepted from server", "smtp_code" => $code, "smtp_msg" => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug("SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF . '<br />');
}
return false;
}
break;
case 'LOGIN':
// Start authentication
fputs($this->smtp_conn, "AUTH LOGIN" . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 334) {
$this->error = array("error" => "AUTH not accepted from server", "smtp_code" => $code, "smtp_msg" => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug("SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF . '<br />');
}
return false;
}
// Send encoded username
fputs($this->smtp_conn, base64_encode($username) . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 334) {
$this->error = array("error" => "Username not accepted from server", "smtp_code" => $code, "smtp_msg" => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug("SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF . '<br />');
}
return false;
}
// Send encoded password
fputs($this->smtp_conn, base64_encode($password) . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 235) {
$this->error = array("error" => "Password not accepted from server", "smtp_code" => $code, "smtp_msg" => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug("SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF . '<br />');
}
return false;
}
break;
case 'NTLM':
/*
* ntlm_sasl_client.php
** Bundled with Permission
**
** How to telnet in windows: http://technet.microsoft.com/en-us/library/aa995718%28EXCHG.65%29.aspx
** PROTOCOL Documentation http://curl.haxx.se/rfc/ntlm.html#ntlmSmtpAuthentication
*/
require_once 'ntlm_sasl_client.php';
$temp = new stdClass();
$ntlm_client = new ntlm_sasl_client_class();
if (!$ntlm_client->Initialize($temp)) {
//let's test if every function its available
$this->error = array("error" => $temp->error);
if ($this->do_debug >= 1) {
$this->edebug("You need to enable some modules in your php.ini file: " . $this->error["error"] . $this->CRLF);
}
return false;
}
$msg1 = $ntlm_client->TypeMsg1($realm, $workstation);
//msg1
fputs($this->smtp_conn, "AUTH NTLM " . base64_encode($msg1) . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 334) {
$this->error = array("error" => "AUTH not accepted from server", "smtp_code" => $code, "smtp_msg" => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug("SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF);
}
return false;
}
$challange = substr($rply, 3);
//though 0 based, there is a white space after the 3 digit number....//msg2
$challange = base64_decode($challange);
$ntlm_res = $ntlm_client->NTLMResponse(substr($challange, 24, 8), $password);
$msg3 = $ntlm_client->TypeMsg3($ntlm_res, $username, $realm, $workstation);
//msg3
// Send encoded username
fputs($this->smtp_conn, base64_encode($msg3) . $this->CRLF);
$rply = $this->get_lines();
$code = substr($rply, 0, 3);
if ($code != 235) {
$this->error = array("error" => "Could not authenticate", "smtp_code" => $code, "smtp_msg" => substr($rply, 4));
if ($this->do_debug >= 1) {
$this->edebug("SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF);
}
return false;
}
break;
}
return true;
}
public function authenticate($username, $password, $authtype = 'LOGIN', $realm = '', $workstation = '')
{
if (empty($authtype)) {
$authtype = 'LOGIN';
}
switch ($authtype) {
case 'PLAIN':
if (!$this->sendCommand('AUTH', 'AUTH PLAIN', 334)) {
return false;
}
if (!$this->sendCommand('User & Password', base64_encode("" . $username . "" . $password), 235)) {
return false;
}
break;
case 'LOGIN':
if (!$this->sendCommand('AUTH', 'AUTH LOGIN', 334)) {
return false;
}
if (!$this->sendCommand("Username", base64_encode($username), 334)) {
return false;
}
if (!$this->sendCommand("Password", base64_encode($password), 235)) {
return false;
}
break;
case 'NTLM':
require_once 'extras/ntlm_sasl_client.php';
$temp = new stdClass();
$ntlm_client = new ntlm_sasl_client_class();
if (!$ntlm_client->Initialize($temp)) {
$this->error = array('error' => $temp->error);
if ($this->do_debug >= 1) {
$this->edebug('You need to enable some modules in your php.ini file: ' . $this->error['error']);
}
return false;
}
$msg1 = $ntlm_client->TypeMsg1($realm, $workstation);
if (!$this->sendCommand('AUTH NTLM', 'AUTH NTLM ' . base64_encode($msg1), 334)) {
return false;
}
$challenge = substr($this->last_reply, 3);
$challenge = base64_decode($challenge);
$ntlm_res = $ntlm_client->NTLMResponse(substr($challenge, 24, 8), $password);
$msg3 = $ntlm_client->TypeMsg3($ntlm_res, $username, $realm, $workstation);
return $this->sendCommand('Username', base64_encode($msg3), 235);
break;
case 'CRAM-MD5':
if (!$this->sendCommand('AUTH CRAM-MD5', 'AUTH CRAM-MD5', 334)) {
return false;
}
$challenge = base64_decode(substr($this->last_reply, 4));
$response = $username . ' ' . $this->hmac($challenge, $password);
return $this->sendCommand('Username', base64_encode($response), 235);
break;
}
return true;
}
public function authenticate($username, $password, $authtype = null, $realm = '', $workstation = '')
{
if (!$this->server_caps) {
$this->setError('Authentication is not allowed before HELO/EHLO');
return false;
}
if (array_key_exists('EHLO', $this->server_caps)) {
if (!array_key_exists('AUTH', $this->server_caps)) {
$this->setError('Authentication is not allowed at this stage');
return false;
}
self::edebug('Auth method requested: ' . ($authtype ? $authtype : 'UNKNOWN'), self::DEBUG_LOWLEVEL);
self::edebug('Auth methods available on the server: ' . implode(',', $this->server_caps['AUTH']), self::DEBUG_LOWLEVEL);
if (empty($authtype)) {
foreach (array('LOGIN', 'CRAM-MD5', 'NTLM', 'PLAIN') as $method) {
if (in_array($method, $this->server_caps['AUTH'])) {
$authtype = $method;
break;
}
}
if (empty($authtype)) {
$this->setError('No supported authentication methods found');
return false;
}
self::edebug('Auth method selected: ' . $authtype, self::DEBUG_LOWLEVEL);
}
if (!in_array($authtype, $this->server_caps['AUTH'])) {
$this->setError("The requested authentication method \"{$authtype}\" is not supported by the server");
return false;
}
} elseif (empty($authtype)) {
$authtype = 'LOGIN';
}
switch ($authtype) {
case 'PLAIN':
if (!$this->sendCommand('AUTH', 'AUTH PLAIN', 334)) {
return false;
}
if (!$this->sendCommand('User & Password', base64_encode("" . $username . "" . $password), 235)) {
return false;
}
break;
case 'LOGIN':
if (!$this->sendCommand('AUTH', 'AUTH LOGIN', 334)) {
return false;
}
if (!$this->sendCommand("Username", base64_encode($username), 334)) {
return false;
}
if (!$this->sendCommand("Password", base64_encode($password), 235)) {
return false;
}
break;
case 'NTLM':
require_once 'extras/ntlm_sasl_client.php';
$temp = new stdClass();
$ntlm_client = new ntlm_sasl_client_class();
if (!$ntlm_client->Initialize($temp)) {
$this->setError($temp->error);
$this->edebug('You need to enable some modules in your php.ini file: ' . $this->error['error'], self::DEBUG_CLIENT);
return false;
}
$msg1 = $ntlm_client->TypeMsg1($realm, $workstation);
//msg1
if (!$this->sendCommand('AUTH NTLM', 'AUTH NTLM ' . base64_encode($msg1), 334)) {
return false;
}
$challenge = substr($this->last_reply, 3);
$challenge = base64_decode($challenge);
$ntlm_res = $ntlm_client->NTLMResponse(substr($challenge, 24, 8), $password);
$msg3 = $ntlm_client->TypeMsg3($ntlm_res, $username, $realm, $workstation);
return $this->sendCommand('Username', base64_encode($msg3), 235);
case 'CRAM-MD5':
if (!$this->sendCommand('AUTH CRAM-MD5', 'AUTH CRAM-MD5', 334)) {
return false;
}
$challenge = base64_decode(substr($this->last_reply, 4));
$response = $username . ' ' . $this->hmac($challenge, $password);
return $this->sendCommand('Username', base64_encode($response), 235);
default:
$this->setError("Authentication method \"{$authtype}\" is not supported");
return false;
}
return true;
}
