diff options
| author | thomascube <thomas@roundcube.net> | 2012-03-31 12:25:48 +0000 |
|---|---|---|
| committer | thomascube <thomas@roundcube.net> | 2012-03-31 12:25:48 +0000 |
| commit | 48e9c14ebded89d858c8be0333f77f77a81b0877 (patch) | |
| tree | e97fd2ea338eea2dbe5f3fb7431e73f44cb8bf18 /plugins/managesieve/lib | |
| parent | 13db9ee199b0a452a6efaf09e6f7c5a76f739ef5 (diff) | |
Move plugins repository into roundcubemail root folder; svn:externals are not defined anymore
Diffstat (limited to 'plugins/managesieve/lib')
| -rw-r--r-- | plugins/managesieve/lib/Net/Sieve.php | 1274 | ||||
| -rw-r--r-- | plugins/managesieve/lib/rcube_sieve.php | 387 | ||||
| -rw-r--r-- | plugins/managesieve/lib/rcube_sieve_script.php | 1073 |
3 files changed, 2734 insertions, 0 deletions
diff --git a/plugins/managesieve/lib/Net/Sieve.php b/plugins/managesieve/lib/Net/Sieve.php new file mode 100644 index 000000000..a8e36d8d7 --- /dev/null +++ b/plugins/managesieve/lib/Net/Sieve.php @@ -0,0 +1,1274 @@ +<?php +/** + * This file contains the Net_Sieve class. + * + * PHP version 4 + * + * +-----------------------------------------------------------------------+ + * | All rights reserved. | + * | | + * | Redistribution and use in source and binary forms, with or without | + * | modification, are permitted provided that the following conditions | + * | are met: | + * | | + * | o Redistributions of source code must retain the above copyright | + * | notice, this list of conditions and the following disclaimer. | + * | o Redistributions in binary form must reproduce the above copyright | + * | notice, this list of conditions and the following disclaimer in the | + * | documentation and/or other materials provided with the distribution.| + * | | + * | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | + * | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | + * | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | + * | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | + * | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | + * | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | + * | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | + * | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | + * | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | + * | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | + * | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | + * +-----------------------------------------------------------------------+ + * + * @category Networking + * @package Net_Sieve + * @author Richard Heyes <richard@phpguru.org> + * @author Damian Fernandez Sosa <damlists@cnba.uba.ar> + * @author Anish Mistry <amistry@am-productions.biz> + * @author Jan Schneider <jan@horde.org> + * @copyright 2002-2003 Richard Heyes + * @copyright 2006-2008 Anish Mistry + * @license http://www.opensource.org/licenses/bsd-license.php BSD + * @version SVN: $Id: Sieve.php 300898 2010-07-01 09:49:02Z yunosh $ + * @link http://pear.php.net/package/Net_Sieve + */ + +require_once 'PEAR.php'; +require_once 'Net/Socket.php'; + +/** + * TODO + * + * o supportsAuthMech() + */ + +/** + * Disconnected state + * @const NET_SIEVE_STATE_DISCONNECTED + */ +define('NET_SIEVE_STATE_DISCONNECTED', 1, true); + +/** + * Authorisation state + * @const NET_SIEVE_STATE_AUTHORISATION + */ +define('NET_SIEVE_STATE_AUTHORISATION', 2, true); + +/** + * Transaction state + * @const NET_SIEVE_STATE_TRANSACTION + */ +define('NET_SIEVE_STATE_TRANSACTION', 3, true); + + +/** + * A class for talking to the timsieved server which comes with Cyrus IMAP. + * + * @category Networking + * @package Net_Sieve + * @author Richard Heyes <richard@phpguru.org> + * @author Damian Fernandez Sosa <damlists@cnba.uba.ar> + * @author Anish Mistry <amistry@am-productions.biz> + * @author Jan Schneider <jan@horde.org> + * @copyright 2002-2003 Richard Heyes + * @copyright 2006-2008 Anish Mistry + * @license http://www.opensource.org/licenses/bsd-license.php BSD + * @version Release: 1.3.0 + * @link http://pear.php.net/package/Net_Sieve + * @link http://www.ietf.org/rfc/rfc3028.txt RFC 3028 (Sieve: A Mail + * Filtering Language) + * @link http://tools.ietf.org/html/draft-ietf-sieve-managesieve A + * Protocol for Remotely Managing Sieve Scripts + */ +class Net_Sieve +{ + /** + * The authentication methods this class supports. + * + * Can be overwritten if having problems with certain methods. + * + * @var array + */ + var $supportedAuthMethods = array('DIGEST-MD5', 'CRAM-MD5', 'EXTERNAL', + 'PLAIN' , 'LOGIN'); + + /** + * SASL authentication methods that require Auth_SASL. + * + * @var array + */ + var $supportedSASLAuthMethods = array('DIGEST-MD5', 'CRAM-MD5'); + + /** + * The socket handle. + * + * @var resource + */ + var $_sock; + + /** + * Parameters and connection information. + * + * @var array + */ + var $_data; + + /** + * Current state of the connection. + * + * One of the NET_SIEVE_STATE_* constants. + * + * @var integer + */ + var $_state; + + /** + * Constructor error. + * + * @var PEAR_Error + */ + var $_error; + + /** + * Whether to enable debugging. + * + * @var boolean + */ + var $_debug = false; + + /** + * Debug output handler. + * + * This has to be a valid callback. + * + * @var string|array + */ + var $_debug_handler = null; + + /** + * Whether to pick up an already established connection. + * + * @var boolean + */ + var $_bypassAuth = false; + + /** + * Whether to use TLS if available. + * + * @var boolean + */ + var $_useTLS = true; + + /** + * Additional options for stream_context_create(). + * + * @var array + */ + var $_options = null; + + /** + * Maximum number of referral loops + * + * @var array + */ + var $_maxReferralCount = 15; + + /** + * Constructor. + * + * Sets up the object, connects to the server and logs in. Stores any + * generated error in $this->_error, which can be retrieved using the + * getError() method. + * + * @param string $user Login username. + * @param string $pass Login password. + * @param string $host Hostname of server. + * @param string $port Port of server. + * @param string $logintype Type of login to perform (see + * $supportedAuthMethods). + * @param string $euser Effective user. If authenticating as an + * administrator, login as this user. + * @param boolean $debug Whether to enable debugging (@see setDebug()). + * @param string $bypassAuth Skip the authentication phase. Useful if the + * socket is already open. + * @param boolean $useTLS Use TLS if available. + * @param array $options Additional options for + * stream_context_create(). + * @param mixed $handler A callback handler for the debug output. + */ + function Net_Sieve($user = null, $pass = null, $host = 'localhost', + $port = 2000, $logintype = '', $euser = '', + $debug = false, $bypassAuth = false, $useTLS = true, + $options = null, $handler = null) + { + $this->_state = NET_SIEVE_STATE_DISCONNECTED; + $this->_data['user'] = $user; + $this->_data['pass'] = $pass; + $this->_data['host'] = $host; + $this->_data['port'] = $port; + $this->_data['logintype'] = $logintype; + $this->_data['euser'] = $euser; + $this->_sock = new Net_Socket(); + $this->_bypassAuth = $bypassAuth; + $this->_useTLS = $useTLS; + $this->_options = $options; + $this->setDebug($debug, $handler); + + /* Try to include the Auth_SASL package. If the package is not + * available, we disable the authentication methods that depend upon + * it. */ + if ((@include_once 'Auth/SASL.php') === false) { + $this->_debug('Auth_SASL not present'); + foreach ($this->supportedSASLAuthMethods as $SASLMethod) { + $pos = array_search($SASLMethod, $this->supportedAuthMethods); + $this->_debug('Disabling method ' . $SASLMethod); + unset($this->supportedAuthMethods[$pos]); + } + } + + if (strlen($user) && strlen($pass)) { + $this->_error = $this->_handleConnectAndLogin(); + } + } + + /** + * Returns any error that may have been generated in the constructor. + * + * @return boolean|PEAR_Error False if no error, PEAR_Error otherwise. + */ + function getError() + { + return PEAR::isError($this->_error) ? $this->_error : false; + } + + /** + * Sets the debug state and handler function. + * + * @param boolean $debug Whether to enable debugging. + * @param string $handler A custom debug handler. Must be a valid callback. + * + * @return void + */ + function setDebug($debug = true, $handler = null) + { + $this->_debug = $debug; + $this->_debug_handler = $handler; + } + + /** + * Connects to the server and logs in. + * + * @return boolean True on success, PEAR_Error on failure. + */ + function _handleConnectAndLogin() + { + if (PEAR::isError($res = $this->connect($this->_data['host'], $this->_data['port'], $this->_options, $this->_useTLS))) { + return $res; + } + if ($this->_bypassAuth === false) { + if (PEAR::isError($res = $this->login($this->_data['user'], $this->_data['pass'], $this->_data['logintype'], $this->_data['euser'], $this->_bypassAuth))) { + return $res; + } + } + return true; + } + + /** + * Handles connecting to the server and checks the response validity. + * + * @param string $host Hostname of server. + * @param string $port Port of server. + * @param array $options List of options to pass to + * stream_context_create(). + * @param boolean $useTLS Use TLS if available. + * + * @return boolean True on success, PEAR_Error otherwise. + */ + function connect($host, $port, $options = null, $useTLS = true) + { + $this->_data['host'] = $host; + $this->_data['port'] = $port; + $this->_useTLS = $useTLS; + if (!empty($options) && is_array($options)) { + $this->_options = array_merge($this->_options, $options); + } + + if (NET_SIEVE_STATE_DISCONNECTED != $this->_state) { + return PEAR::raiseError('Not currently in DISCONNECTED state', 1); + } + + if (PEAR::isError($res = $this->_sock->connect($host, $port, false, 5, $options))) { + return $res; + } + + if ($this->_bypassAuth) { + $this->_state = NET_SIEVE_STATE_TRANSACTION; + } else { + $this->_state = NET_SIEVE_STATE_AUTHORISATION; + if (PEAR::isError($res = $this->_doCmd())) { + return $res; + } + } + + // Explicitly ask for the capabilities in case the connection is + // picked up from an existing connection. + if (PEAR::isError($res = $this->_cmdCapability())) { + return PEAR::raiseError( + 'Failed to connect, server said: ' . $res->getMessage(), 2 + ); + } + + // Check if we can enable TLS via STARTTLS. + if ($useTLS && !empty($this->_capability['starttls']) + && function_exists('stream_socket_enable_crypto') + ) { + if (PEAR::isError($res = $this->_startTLS())) { + return $res; + } + } + + return true; + } + + /** + * Disconnect from the Sieve server. + * + * @param boolean $sendLogoutCMD Whether to send LOGOUT command before + * disconnecting. + * + * @return boolean True on success, PEAR_Error otherwise. + */ + function disconnect($sendLogoutCMD = true) + { + return $this->_cmdLogout($sendLogoutCMD); + } + + /** + * Logs into server. + * + * @param string $user Login username. + * @param string $pass Login password. + * @param string $logintype Type of login method to use. + * @param string $euser Effective UID (perform on behalf of $euser). + * @param boolean $bypassAuth Do not perform authentication. + * + * @return boolean True on success, PEAR_Error otherwise. + */ + function login($user, $pass, $logintype = null, $euser = '', $bypassAuth = false) + { + $this->_data['user'] = $user; + $this->_data['pass'] = $pass; + $this->_data['logintype'] = $logintype; + $this->_data['euser'] = $euser; + $this->_bypassAuth = $bypassAuth; + + if (NET_SIEVE_STATE_AUTHORISATION != $this->_state) { + return PEAR::raiseError('Not currently in AUTHORISATION state', 1); + } + + if (!$bypassAuth ) { + if (PEAR::isError($res = $this->_cmdAuthenticate($user, $pass, $logintype, $euser))) { + return $res; + } + } + $this->_state = NET_SIEVE_STATE_TRANSACTION; + + return true; + } + + /** + * Returns an indexed array of scripts currently on the server. + * + * @return array Indexed array of scriptnames. + */ + function listScripts() + { + if (is_array($scripts = $this->_cmdListScripts())) { + $this->_active = $scripts[1]; + return $scripts[0]; + } else { + return $scripts; + } + } + + /** + * Returns the active script. + * + * @return string The active scriptname. + */ + function getActive() + { + if (!empty($this->_active)) { + return $this->_active; + } + if (is_array($scripts = $this->_cmdListScripts())) { + $this->_active = $scripts[1]; + return $scripts[1]; + } + } + + /** + * Sets the active script. + * + * @param string $scriptname The name of the script to be set as active. + * + * @return boolean True on success, PEAR_Error on failure. + */ + function setActive($scriptname) + { + return $this->_cmdSetActive($scriptname); + } + + /** + * Retrieves a script. + * + * @param string $scriptname The name of the script to be retrieved. + * + * @return string The script on success, PEAR_Error on failure. + */ + function getScript($scriptname) + { + return $this->_cmdGetScript($scriptname); + } + + /** + * Adds a script to the server. + * + * @param string $scriptname Name of the script. + * @param string $script The script content. + * @param boolean $makeactive Whether to make this the active script. + * + * @return boolean True on success, PEAR_Error on failure. + */ + function installScript($scriptname, $script, $makeactive = false) + { + if (PEAR::isError($res = $this->_cmdPutScript($scriptname, $script))) { + return $res; + } + if ($makeactive) { + return $this->_cmdSetActive($scriptname); + } + return true; + } + + /** + * Removes a script from the server. + * + * @param string $scriptname Name of the script. + * + * @return boolean True on success, PEAR_Error on failure. + */ + function removeScript($scriptname) + { + return $this->_cmdDeleteScript($scriptname); + } + + /** + * Checks if the server has space to store the script by the server. + * + * @param string $scriptname The name of the script to mark as active. + * @param integer $size The size of the script. + * + * @return boolean|PEAR_Error True if there is space, PEAR_Error otherwise. + * + * @todo Rename to hasSpace() + */ + function haveSpace($scriptname, $size) + { + if (NET_SIEVE_STATE_TRANSACTION != $this->_state) { + return PEAR::raiseError('Not currently in TRANSACTION state', 1); + } + + $command = sprintf('HAVESPACE %s %d', $this->_escape($scriptname), $size); + if (PEAR::isError($res = $this->_doCmd($command))) { + return $res; + } + return true; + } + + /** + * Returns the list of extensions the server supports. + * + * @return array List of extensions or PEAR_Error on failure. + */ + function getExtensions() + { + if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) { + return PEAR::raiseError('Not currently connected', 7); + } + return $this->_capability['extensions']; + } + + /** + * Returns whether the server supports an extension. + * + * @param string $extension The extension to check. + * + * @return boolean Whether the extension is supported or PEAR_Error on + * failure. + */ + function hasExtension($extension) + { + if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) { + return PEAR::raiseError('Not currently connected', 7); + } + + $extension = trim($this->_toUpper($extension)); + if (is_array($this->_capability['extensions'])) { + foreach ($this->_capability['extensions'] as $ext) { + if ($ext == $extension) { + return true; + } + } + } + + return false; + } + + /** + * Returns the list of authentication methods the server supports. + * + * @return array List of authentication methods or PEAR_Error on failure. + */ + function getAuthMechs() + { + if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) { + return PEAR::raiseError('Not currently connected', 7); + } + return $this->_capability['sasl']; + } + + /** + * Returns whether the server supports an authentication method. + * + * @param string $method The method to check. + * + * @return boolean Whether the method is supported or PEAR_Error on + * failure. + */ + function hasAuthMech($method) + { + if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) { + return PEAR::raiseError('Not currently connected', 7); + } + + $method = trim($this->_toUpper($method)); + if (is_array($this->_capability['sasl'])) { + foreach ($this->_capability['sasl'] as $sasl) { + if ($sasl == $method) { + return true; + } + } + } + + return false; + } + + /** + * Handles the authentication using any known method. + * + * @param string $uid The userid to authenticate as. + * @param string $pwd The password to authenticate with. + * @param string $userMethod The method to use. If empty, the class chooses + * the best (strongest) available method. + * @param string $euser The effective uid to authenticate as. + * + * @return void + */ + function _cmdAuthenticate($uid, $pwd, $userMethod = null, $euser = '') + { + if (PEAR::isError($method = $this->_getBestAuthMethod($userMethod))) { + return $method; + } + switch ($method) { + case 'DIGEST-MD5': + return $this->_authDigestMD5($uid, $pwd, $euser); + case 'CRAM-MD5': + $result = $this->_authCRAMMD5($uid, $pwd, $euser); + break; + case 'LOGIN': + $result = $this->_authLOGIN($uid, $pwd, $euser); + break; + case 'PLAIN': + $result = $this->_authPLAIN($uid, $pwd, $euser); + break; + case 'EXTERNAL': + $result = $this->_authEXTERNAL($uid, $pwd, $euser); + break; + default : + $result = PEAR::raiseError( + $method . ' is not a supported authentication method' + ); + break; + } + + if (PEAR::isError($res = $this->_doCmd())) { + return $res; + } + + return $result; + } + + /** + * Authenticates the user using the PLAIN method. + * + * @param string $user The userid to authenticate as. + * @param string $pass The password to authenticate with. + * @param string $euser The effective uid to authenticate as. + * + * @return void + */ + function _authPLAIN($user, $pass, $euser) + { + return $this->_sendCmd( + sprintf( + 'AUTHENTICATE "PLAIN" "%s"', + base64_encode($euser . chr(0) . $user . chr(0) . $pass) + ) + ); + } + + /** + * Authenticates the user using the LOGIN method. + * + * @param string $user The userid to authenticate as. + * @param string $pass The password to authenticate with. + * @param string $euser The effective uid to authenticate as. + * + * @return void + */ + function _authLOGIN($user, $pass, $euser) + { + if (PEAR::isError($result = $this->_sendCmd('AUTHENTICATE "LOGIN"'))) { + return $result; + } + if (PEAR::isError($result = $this->_doCmd('"' . base64_encode($user) . '"', true))) { + return $result; + } + return $this->_doCmd('"' . base64_encode($pass) . '"', true); + } + + /** + * Authenticates the user using the CRAM-MD5 method. + * + * @param string $user The userid to authenticate as. + * @param string $pass The password to authenticate with. + * @param string $euser The effective uid to authenticate as. + * + * @return void + */ + function _authCRAMMD5($user, $pass, $euser) + { + if (PEAR::isError($challenge = $this->_doCmd('AUTHENTICATE "CRAM-MD5"', true))) { + return $challenge; + } + + $challenge = base64_decode(trim($challenge)); + $cram = Auth_SASL::factory('crammd5'); + if (PEAR::isError($response = $cram->getResponse($user, $pass, $challenge))) { + return $response; + } + + return $this->_sendStringResponse(base64_encode($response)); + } + + /** + * Authenticates the user using the DIGEST-MD5 method. + * + * @param string $user The userid to authenticate as. + * @param string $pass The password to authenticate with. + * @param string $euser The effective uid to authenticate as. + * + * @return void + */ + function _authDigestMD5($user, $pass, $euser) + { + if (PEAR::isError($challenge = $this->_doCmd('AUTHENTICATE "DIGEST-MD5"', true))) { + return $challenge; + } + + $challenge = base64_decode(trim($challenge)); + $digest = Auth_SASL::factory('digestmd5'); + // @todo Really 'localhost'? + if (PEAR::isError($response = $digest->getResponse($user, $pass, $challenge, 'localhost', 'sieve', $euser))) { + return $response; + } + + if (PEAR::isError($result = $this->_sendStringResponse(base64_encode($response)))) { + return $result; + } + if (PEAR::isError($result = $this->_doCmd('', true))) { + return $result; + } + if ($this->_toUpper(substr($result, 0, 2)) == 'OK') { + return; + } + + /* We don't use the protocol's third step because SIEVE doesn't allow + * subsequent authentication, so we just silently ignore it. */ + if (PEAR::isError($result = $this->_sendStringResponse(''))) { + return $result; + } + + return $this->_doCmd(); + } + + /** + * Authenticates the user using the EXTERNAL method. + * + * @param string $user The userid to authenticate as. + * @param string $pass The password to authenticate with. + * @param string $euser The effective uid to authenticate as. + * + * @return void + * + * @since 1.1.7 + */ + function _authEXTERNAL($user, $pass, $euser) + { + $cmd = sprintf( + 'AUTHENTICATE "EXTERNAL" "%s"', + base64_encode(strlen($euser) ? $euser : $user) + ); + return $this->_sendCmd($cmd); + } + + /** + * Removes a script from the server. + * + * @param string $scriptname Name of the script to delete. + * + * @return boolean True on success, PEAR_Error otherwise. + */ + function _cmdDeleteScript($scriptname) + { + if (NET_SIEVE_STATE_TRANSACTION != $this->_state) { + return PEAR::raiseError('Not currently in AUTHORISATION state', 1); + } + + $command = sprintf('DELETESCRIPT %s', $this->_escape($scriptname)); + if (PEAR::isError($res = $this->_doCmd($command))) { + return $res; + } + return true; + } + + /** + * Retrieves the contents of the named script. + * + * @param string $scriptname Name of the script to retrieve. + * + * @return string The script if successful, PEAR_Error otherwise. + */ + function _cmdGetScript($scriptname) + { + if (NET_SIEVE_STATE_TRANSACTION != $this->_state) { + return PEAR::raiseError('Not currently in AUTHORISATION state', 1); + } + + $command = sprintf('GETSCRIPT %s', $this->_escape($scriptname)); + if (PEAR::isError($res = $this->_doCmd($command))) { + return $res; + } + + return preg_replace('/^{[0-9]+}\r\n/', '', $res); + } + + /** + * Sets the active script, i.e. the one that gets run on new mail by the + * server. + * + * @param string $scriptname The name of the script to mark as active. + * + * @return boolean True on success, PEAR_Error otherwise. + */ + function _cmdSetActive($scriptname) + { + if (NET_SIEVE_STATE_TRANSACTION != $this->_state) { + return PEAR::raiseError('Not currently in AUTHORISATION state', 1); + } + + $command = sprintf('SETACTIVE %s', $this->_escape($scriptname)); + if (PEAR::isError($res = $this->_doCmd($command))) { + return $res; + } + + $this->_activeScript = $scriptname; + return true; + } + + /** + * Returns the list of scripts on the server. + * + * @return array An array with the list of scripts in the first element + * and the active script in the second element on success, + * PEAR_Error otherwise. + */ + function _cmdListScripts() + { + if (NET_SIEVE_STATE_TRANSACTION != $this->_state) { + return PEAR::raiseError('Not currently in AUTHORISATION state', 1); + } + + if (PEAR::isError($res = $this->_doCmd('LISTSCRIPTS'))) { + return $res; + } + + $scripts = array(); + $activescript = null; + $res = explode("\r\n", $res); + foreach ($res as $value) { + if (preg_match('/^"(.*)"( ACTIVE)?$/i', $value, $matches)) { + $script_name = stripslashes($matches[1]); + $scripts[] = $script_name; + if (!empty($matches[2])) { + $activescript = $script_name; + } + } + } + + return array($scripts, $activescript); + } + + /** + * Adds a script to the server. + * + * @param string $scriptname Name of the new script. + * @param string $scriptdata The new script. + * + * @return boolean True on success, PEAR_Error otherwise. + */ + function _cmdPutScript($scriptname, $scriptdata) + { + if (NET_SIEVE_STATE_TRANSACTION != $this->_state) { + return PEAR::raiseError('Not currently in AUTHORISATION state', 1); + } + + $stringLength = $this->_getLineLength($scriptdata); + $command = sprintf("PUTSCRIPT %s {%d+}\r\n%s", + $this->_escape($scriptname), $stringLength, $scriptdata); + + if (PEAR::isError($res = $this->_doCmd($command))) { + return $res; + } + + return true; + } + + /** + * Logs out of the server and terminates the connection. + * + * @param boolean $sendLogoutCMD Whether to send LOGOUT command before + * disconnecting. + * + * @return boolean True on success, PEAR_Error otherwise. + */ + function _cmdLogout($sendLogoutCMD = true) + { + if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) { + return PEAR::raiseError('Not currently connected', 1); + } + + if ($sendLogoutCMD) { + if (PEAR::isError($res = $this->_doCmd('LOGOUT'))) { + return $res; + } + } + + $this->_sock->disconnect(); + $this->_state = NET_SIEVE_STATE_DISCONNECTED; + + return true; + } + + /** + * Sends the CAPABILITY command + * + * @return boolean True on success, PEAR_Error otherwise. + */ + function _cmdCapability() + { + if (NET_SIEVE_STATE_DISCONNECTED == $this->_state) { + return PEAR::raiseError('Not currently connected', 1); + } + if (PEAR::isError($res = $this->_doCmd('CAPABILITY'))) { + return $res; + } + $this->_parseCapability($res); + return true; + } + + /** + * Parses the response from the CAPABILITY command and stores the result + * in $_capability. + * + * @param string $data The response from the capability command. + * + * @return void + */ + function _parseCapability($data) + { + // Clear the cached capabilities. + $this->_capability = array('sasl' => array(), + 'extensions' => array()); + + $data = preg_split('/\r?\n/', $this->_toUpper($data), -1, PREG_SPLIT_NO_EMPTY); + + for ($i = 0; $i < count($data); $i++) { + if (!preg_match('/^"([A-Z]+)"( "(.*)")?$/', $data[$i], $matches)) { + continue; + } + switch ($matches[1]) { + case 'IMPLEMENTATION': + $this->_capability['implementation'] = $matches[3]; + break; + + case 'SASL': + $this->_capability['sasl'] = preg_split('/\s+/', $matches[3]); + break; + + case 'SIEVE': + $this->_capability['extensions'] = preg_split('/\s+/', $matches[3]); + break; + + case 'STARTTLS': + $this->_capability['starttls'] = true; + break; + } + } + } + + /** + * Sends a command to the server + * + * @param string $cmd The command to send. + * + * @return void + */ + function _sendCmd($cmd) + { + $status = $this->_sock->getStatus(); + if (PEAR::isError($status) || $status['eof']) { + return PEAR::raiseError('Failed to write to socket: connection lost'); + } + if (PEAR::isError($error = $this->_sock->write($cmd . "\r\n"))) { + return PEAR::raiseError( + 'Failed to write to socket: ' . $error->getMessage() + ); + } + $this->_debug("C: $cmd"); + } + + /** + * Sends a string response to the server. + * + * @param string $str The string to send. + * + * @return void + */ + function _sendStringResponse($str) + { + return $this->_sendCmd('{' . $this->_getLineLength($str) . "+}\r\n" . $str); + } + + /** + * Receives a single line from the server. + * + * @return string The server response line. + */ + function _recvLn() + { + if (PEAR::isError($lastline = $this->_sock->gets(8192))) { + return PEAR::raiseError( + 'Failed to read from socket: ' . $lastline->getMessage() + ); + } + + $lastline = rtrim($lastline); + $this->_debug("S: $lastline"); + + if ($lastline === '') { + return PEAR::raiseError('Failed to read from socket'); + } + + return $lastline; + } + + /** + * Receives x bytes from the server. + * + * @param int $length Number of bytes to read + * + * @return string The server response. + */ + function _recvBytes($length) + { + $response = ''; + $response_length = 0; + + while ($response_length < $length) { + $response .= $this->_sock->read($length - $response_length); + $response_length = $this->_getLineLength($response); + } + + $this->_debug("S: " . rtrim($response)); + + return $response; + } + + /** + * Send a command and retrieves a response from the server. + * + * @param string $cmd The command to send. + * @param boolean $auth Whether this is an authentication command. + * + * @return string|PEAR_Error Reponse string if an OK response, PEAR_Error + * if a NO response. + */ + function _doCmd($cmd = '', $auth = false) + { + $referralCount = 0; + while ($referralCount < $this->_maxReferralCount) { + if (strlen($cmd)) { + if (PEAR::isError($error = $this->_sendCmd($cmd))) { + return $error; + } + } + + $response = ''; + while (true) { + if (PEAR::isError($line = $this->_recvLn())) { + return $line; + } + $uc_line = $this->_toUpper($line); + + if ('OK' == substr($uc_line, 0, 2)) { + $response .= $line; + return rtrim($response); + } + + if ('NO' == substr($uc_line, 0, 2)) { + // Check for string literal error message. + if (preg_match('/{([0-9]+)}$/i', $line, $matches)) { + $line = substr($line, 0, -(strlen($matches[1])+2)) + . str_replace( + "\r\n", ' ', $this->_recvBytes($matches[1] + 2) + ); + } + return PEAR::raiseError(trim($response . substr($line, 2)), 3); + } + + if ('BYE' == substr($uc_line, 0, 3)) { + if (PEAR::isError($error = $this->disconnect(false))) { + return PEAR::raiseError( + 'Cannot handle BYE, the error was: ' + . $error->getMessage(), + 4 + ); + } + // Check for referral, then follow it. Otherwise, carp an + // error. + if (preg_match('/^bye \(referral "(sieve:\/\/)?([^"]+)/i', $line, $matches)) { + // Replace the old host with the referral host + // preserving any protocol prefix. + $this->_data['host'] = preg_replace( + '/\w+(?!(\w|\:\/\/)).*/', $matches[2], + $this->_data['host'] + ); + if (PEAR::isError($error = $this->_handleConnectAndLogin())) { + return PEAR::raiseError( + 'Cannot follow referral to ' + . $this->_data['host'] . ', the error was: ' + . $error->getMessage(), + 5 + ); + } + break; + } + return PEAR::raiseError(trim($response . $line), 6); + } + + if (preg_match('/^{([0-9]+)}/i', $line, $matches)) { + // Matches literal string responses. + $line = $this->_recvBytes($matches[1] + 2); + + if (!$auth) { + // Receive the pending OK only if we aren't + // authenticating since string responses during + // authentication don't need an OK. + $this->_recvLn(); + } + return $line; + } + + if ($auth) { + // String responses during authentication don't need an + // OK. + $response .= $line; + return rtrim($response); + } + + $response .= $line . "\r\n"; + $referralCount++; + } + } + + return PEAR::raiseError('Max referral count (' . $referralCount . ') reached. Cyrus murder loop error?', 7); + } + + /** + * Returns the name of the best authentication method that the server + * has advertised. + * + * @param string $userMethod Only consider this method as available. + * + * @return string The name of the best supported authentication method or + * a PEAR_Error object on failure. + */ + function _getBestAuthMethod($userMethod = null) + { + if (!isset($this->_capability['sasl'])) { + return PEAR::raiseError('This server doesn\'t support any authentication methods. SASL problem?'); + } + if (!$this->_capability['sasl']) { + return PEAR::raiseError('This server doesn\'t support any authentication methods.'); + } + + if ($userMethod) { + if (in_array($userMethod, $this->_capability['sasl'])) { + return $userMethod; + } + return PEAR::raiseError( + sprintf('No supported authentication method found. The server supports these methods: %s, but we want to use: %s', + implode(', ', $this->_capability['sasl']), + $userMethod)); + } + + foreach ($this->supportedAuthMethods as $method) { + if (in_array($method, $this->_capability['sasl'])) { + return $method; + } + } + + return PEAR::raiseError( + sprintf('No supported authentication method found. The server supports these methods: %s, but we only support: %s', + implode(', ', $this->_capability['sasl']), + implode(', ', $this->supportedAuthMethods))); + } + + /** + * Starts a TLS connection. + * + * @return boolean True on success, PEAR_Error on failure. + */ + function _startTLS() + { + if (PEAR::isError($res = $this->_doCmd('STARTTLS'))) { + return $res; + } + + if (!stream_socket_enable_crypto($this->_sock->fp, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) { + return PEAR::raiseError('Failed to establish TLS connection', 2); + } + + $this->_debug('STARTTLS negotiation successful'); + + // The server should be sending a CAPABILITY response after + // negotiating TLS. Read it, and ignore if it doesn't. + // Doesn't work with older timsieved versions + $regexp = '/^CYRUS TIMSIEVED V([0-9.]+)/'; + if (!preg_match($regexp, $this->_capability['implementation'], $matches) + || version_compare($matches[1], '2.3.10', '>=') + ) { + $this->_doCmd(); + } + + // RFC says we need to query the server capabilities again now that we + // are under encryption. + if (PEAR::isError($res = $this->_cmdCapability())) { + return PEAR::raiseError( + 'Failed to connect, server said: ' . $res->getMessage(), 2 + ); + } + + return true; + } + + /** + * Returns the length of a string. + * + * @param string $string A string. + * + * @return integer The length of the string. + */ + function _getLineLength($string) + { + if (extension_loaded('mbstring')) { + return mb_strlen($string, 'latin1'); + } else { + return strlen($string); + } + } + + /** + * Locale independant strtoupper() implementation. + * + * @param string $string The string to convert to lowercase. + * + * @return string The lowercased string, based on ASCII encoding. + */ + function _toUpper($string) + { + $language = setlocale(LC_CTYPE, 0); + setlocale(LC_CTYPE, 'C'); + $string = strtoupper($string); + setlocale(LC_CTYPE, $language); + return $string; + } + + /** + * Convert string into RFC's quoted-string or literal-c2s form + * + * @param string $string The string to convert. + * + * @return string Result string + */ + function _escape($string) + { + // Some implementations doesn't allow UTF-8 characters in quoted-string + // It's safe to use literal-c2s + if (preg_match('/[^\x01-\x09\x0B-\x0C\x0E-\x7F]/', $string)) { + return sprintf("{%d+}\r\n%s", $this->_getLineLength($string), $string); + } + + return '"' . addcslashes($string, '\\"') . '"'; + } + + /** + * Write debug text to the current debug output handler. + * + * @param string $message Debug message text. + * + * @return void + */ + function _debug($message) + { + if ($this->_debug) { + if ($this->_debug_handler) { + call_user_func_array($this->_debug_handler, array(&$this, $message)); + } else { + echo "$message\n"; + } + } + } +} diff --git a/plugins/managesieve/lib/rcube_sieve.php b/plugins/managesieve/lib/rcube_sieve.php new file mode 100644 index 000000000..2ed2e54bf --- /dev/null +++ b/plugins/managesieve/lib/rcube_sieve.php @@ -0,0 +1,387 @@ +<?php + +/** + * Classes for managesieve operations (using PEAR::Net_Sieve) + * + * Copyright (C) 2008-2011, The Roundcube Dev Team + * Copyright (C) 2011, Kolab Systems AG + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + * $Id$ + * + */ + +// Managesieve Protocol: RFC5804 + +define('SIEVE_ERROR_CONNECTION', 1); +define('SIEVE_ERROR_LOGIN', 2); +define('SIEVE_ERROR_NOT_EXISTS', 3); // script not exists +define('SIEVE_ERROR_INSTALL', 4); // script installation +define('SIEVE_ERROR_ACTIVATE', 5); // script activation +define('SIEVE_ERROR_DELETE', 6); // script deletion +define('SIEVE_ERROR_INTERNAL', 7); // internal error +define('SIEVE_ERROR_DEACTIVATE', 8); // script activation +define('SIEVE_ERROR_OTHER', 255); // other/unknown error + + +class rcube_sieve +{ + private $sieve; // Net_Sieve object + private $error = false; // error flag + private $list = array(); // scripts list + + public $script; // rcube_sieve_script object + public $current; // name of currently loaded script + private $exts; // array of supported extensions + + + /** + * Object constructor + * + * @param string Username (for managesieve login) + * @param string Password (for managesieve login) + * @param string Managesieve server hostname/address + * @param string Managesieve server port number + * @param string Managesieve authentication method + * @param boolean Enable/disable TLS use + * @param array Disabled extensions + * @param boolean Enable/disable debugging + * @param string Proxy authentication identifier + * @param string Proxy authentication password + */ + public function __construct($username, $password='', $host='localhost', $port=2000, + $auth_type=null, $usetls=true, $disabled=array(), $debug=false, + $auth_cid=null, $auth_pw=null) + { + $this->sieve = new Net_Sieve(); + + if ($debug) { + $this->sieve->setDebug(true, array($this, 'debug_handler')); + } + + if (PEAR::isError($this->sieve->connect($host, $port, null, $usetls))) { + return $this->_set_error(SIEVE_ERROR_CONNECTION); + } + + if (!empty($auth_cid)) { + $authz = $username; + $username = $auth_cid; + $password = $auth_pw; + } + + if (PEAR::isError($this->sieve->login($username, $password, + $auth_type ? strtoupper($auth_type) : null, $authz)) + ) { + return $this->_set_error(SIEVE_ERROR_LOGIN); + } + + $this->exts = $this->get_extensions(); + + // disable features by config + if (!empty($disabled)) { + // we're working on lower-cased names + $disabled = array_map('strtolower', (array) $disabled); + foreach ($disabled as $ext) { + if (($idx = array_search($ext, $this->exts)) !== false) { + unset($this->exts[$idx]); + } + } + } + } + + public function __destruct() { + $this->sieve->disconnect(); + } + + /** + * Getter for error code + */ + public function error() + { + return $this->error ? $this->error : false; + } + + /** + * Saves current script into server + */ + public function save($name = null) + { + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + if (!$this->script) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + if (!$name) + $name = $this->current; + + $script = $this->script->as_text(); + + if (!$script) + $script = '/* empty script */'; + + if (PEAR::isError($this->sieve->installScript($name, $script))) + return $this->_set_error(SIEVE_ERROR_INSTALL); + + return true; + } + + /** + * Saves text script into server + */ + public function save_script($name, $content = null) + { + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + if (!$content) + $content = '/* empty script */'; + + if (PEAR::isError($this->sieve->installScript($name, $content))) + return $this->_set_error(SIEVE_ERROR_INSTALL); + + return true; + } + + /** + * Activates specified script + */ + public function activate($name = null) + { + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + if (!$name) + $name = $this->current; + + if (PEAR::isError($this->sieve->setActive($name))) + return $this->_set_error(SIEVE_ERROR_ACTIVATE); + + return true; + } + + /** + * De-activates specified script + */ + public function deactivate() + { + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + if (PEAR::isError($this->sieve->setActive(''))) + return $this->_set_error(SIEVE_ERROR_DEACTIVATE); + + return true; + } + + /** + * Removes specified script + */ + public function remove($name = null) + { + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + if (!$name) + $name = $this->current; + + // script must be deactivated first + if ($name == $this->sieve->getActive()) + if (PEAR::isError($this->sieve->setActive(''))) + return $this->_set_error(SIEVE_ERROR_DELETE); + + if (PEAR::isError($this->sieve->removeScript($name))) + return $this->_set_error(SIEVE_ERROR_DELETE); + + if ($name == $this->current) + $this->current = null; + + return true; + } + + /** + * Gets list of supported by server Sieve extensions + */ + public function get_extensions() + { + if ($this->exts) + return $this->exts; + + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + $ext = $this->sieve->getExtensions(); + // we're working on lower-cased names + $ext = array_map('strtolower', (array) $ext); + + if ($this->script) { + $supported = $this->script->get_extensions(); + foreach ($ext as $idx => $ext_name) + if (!in_array($ext_name, $supported)) + unset($ext[$idx]); + } + + return array_values($ext); + } + + /** + * Gets list of scripts from server + */ + public function get_scripts() + { + if (!$this->list) { + + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + $list = $this->sieve->listScripts(); + + if (PEAR::isError($list)) + return $this->_set_error(SIEVE_ERROR_OTHER); + + $this->list = $list; + } + + return $this->list; + } + + /** + * Returns active script name + */ + public function get_active() + { + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + return $this->sieve->getActive(); + } + + /** + * Loads script by name + */ + public function load($name) + { + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + if ($this->current == $name) + return true; + + $script = $this->sieve->getScript($name); + + if (PEAR::isError($script)) + return $this->_set_error(SIEVE_ERROR_OTHER); + + // try to parse from Roundcube format + $this->script = $this->_parse($script); + + $this->current = $name; + + return true; + } + + /** + * Loads script from text content + */ + public function load_script($script) + { + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + // try to parse from Roundcube format + $this->script = $this->_parse($script); + } + + /** + * Creates rcube_sieve_script object from text script + */ + private function _parse($txt) + { + // parse + $script = new rcube_sieve_script($txt, $this->exts); + + // fix/convert to Roundcube format + if (!empty($script->content)) { + // replace all elsif with if+stop, we support only ifs + foreach ($script->content as $idx => $rule) { + if (empty($rule['type']) || !preg_match('/^(if|elsif|else)$/', $rule['type'])) { + continue; + } + + $script->content[$idx]['type'] = 'if'; + + // 'stop' not found? + foreach ($rule['actions'] as $action) { + if (preg_match('/^(stop|vacation)$/', $action['type'])) { + continue 2; + } + } + if (empty($script->content[$idx+1]) || $script->content[$idx+1]['type'] != 'if') { + $script->content[$idx]['actions'][] = array('type' => 'stop'); + } + } + } + + return $script; + } + + /** + * Gets specified script as text + */ + public function get_script($name) + { + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + $content = $this->sieve->getScript($name); + + if (PEAR::isError($content)) + return $this->_set_error(SIEVE_ERROR_OTHER); + + return $content; + } + + /** + * Creates empty script or copy of other script + */ + public function copy($name, $copy) + { + if (!$this->sieve) + return $this->_set_error(SIEVE_ERROR_INTERNAL); + + if ($copy) { + $content = $this->sieve->getScript($copy); + + if (PEAR::isError($content)) + return $this->_set_error(SIEVE_ERROR_OTHER); + } + + return $this->save_script($name, $content); + } + + private function _set_error($error) + { + $this->error = $error; + return false; + } + + /** + * This is our own debug handler for connection + */ + public function debug_handler(&$sieve, $message) + { + write_log('sieve', preg_replace('/\r\n$/', '', $message)); + } +} diff --git a/plugins/managesieve/lib/rcube_sieve_script.php b/plugins/managesieve/lib/rcube_sieve_script.php new file mode 100644 index 000000000..92f979cfd --- /dev/null +++ b/plugins/managesieve/lib/rcube_sieve_script.php @@ -0,0 +1,1073 @@ +<?php + +/** + * Class for operations on Sieve scripts + * + * Copyright (C) 2008-2011, The Roundcube Dev Team + * Copyright (C) 2011, Kolab Systems AG + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + * $Id$ + * + */ + +class rcube_sieve_script +{ + public $content = array(); // script rules array + + private $vars = array(); // "global" variables + private $prefix = ''; // script header (comments) + private $supported = array( // Sieve extensions supported by class + 'fileinto', // RFC5228 + 'envelope', // RFC5228 + 'reject', // RFC5429 + 'ereject', // RFC5429 + 'copy', // RFC3894 + 'vacation', // RFC5230 + 'relational', // RFC3431 + 'regex', // draft-ietf-sieve-regex-01 + 'imapflags', // draft-melnikov-sieve-imapflags-06 + 'imap4flags', // RFC5232 + 'include', // draft-ietf-sieve-include-12 + 'variables', // RFC5229 + 'body', // RFC5173 + 'subaddress', // RFC5233 + // @TODO: enotify/notify, spamtest+virustest, mailbox, date + ); + + /** + * Object constructor + * + * @param string Script's text content + * @param array List of capabilities supported by server + */ + public function __construct($script, $capabilities=array()) + { + $capabilities = array_map('strtolower', (array) $capabilities); + + // disable features by server capabilities + if (!empty($capabilities)) { + foreach ($this->supported as $idx => $ext) { + if (!in_array($ext, $capabilities)) { + unset($this->supported[$idx]); + } + } + } + + // Parse text content of the script + $this->_parse_text($script); + } + + /** + * Adds rule to the script (at the end) + * + * @param string Rule name + * @param array Rule content (as array) + * + * @return int The index of the new rule + */ + public function add_rule($content) + { + // TODO: check this->supported + array_push($this->content, $content); + return sizeof($this->content)-1; + } + + public function delete_rule($index) + { + if(isset($this->content[$index])) { + unset($this->content[$index]); + return true; + } + return false; + } + + public function size() + { + return sizeof($this->content); + } + + public function update_rule($index, $content) + { + // TODO: check this->supported + if ($this->content[$index]) { + $this->content[$index] = $content; + return $index; + } + return false; + } + + /** + * Sets "global" variable + * + * @param string $name Variable name + * @param string $value Variable value + * @param array $mods Variable modifiers + */ + public function set_var($name, $value, $mods = array()) + { + // Check if variable exists + for ($i=0, $len=count($this->vars); $i<$len; $i++) { + if ($this->vars[$i]['name'] == $name) { + break; + } + } + + $var = array_merge($mods, array('name' => $name, 'value' => $value)); + $this->vars[$i] = $var; + } + + /** + * Unsets "global" variable + * + * @param string $name Variable name + */ + public function unset_var($name) + { + // Check if variable exists + foreach ($this->vars as $idx => $var) { + if ($var['name'] == $name) { + unset($this->vars[$idx]); + break; + } + } + } + + /** + * Gets the value of "global" variable + * + * @param string $name Variable name + * + * @return string Variable value + */ + public function get_var($name) + { + // Check if variable exists + for ($i=0, $len=count($this->vars); $i<$len; $i++) { + if ($this->vars[$i]['name'] == $name) { + return $this->vars[$i]['name']; + } + } + } + + /** + * Sets script header content + * + * @param string $text Header content + */ + public function set_prefix($text) + { + $this->prefix = $text; + } + + /** + * Returns script as text + */ + public function as_text() + { + $output = ''; + $exts = array(); + $idx = 0; + + if (!empty($this->vars)) { + if (in_array('variables', (array)$this->supported)) { + $has_vars = true; + array_push($exts, 'variables'); + } + foreach ($this->vars as $var) { + if (empty($has_vars)) { + // 'variables' extension not supported, put vars in comments + $output .= sprintf("# %s %s\n", $var['name'], $var['value']); + } + else { + $output .= 'set '; + foreach (array_diff(array_keys($var), array('name', 'value')) as $opt) { + $output .= ":$opt "; + } + $output .= self::escape_string($var['name']) . ' ' . self::escape_string($var['value']) . ";\n"; + } + } + } + + // rules + foreach ($this->content as $rule) { + $extension = ''; + $script = ''; + $tests = array(); + $i = 0; + + // header + if (!empty($rule['name']) && strlen($rule['name'])) { + $script .= '# rule:[' . $rule['name'] . "]\n"; + } + + // constraints expressions + if (!empty($rule['tests'])) { + foreach ($rule['tests'] as $test) { + $tests[$i] = ''; + switch ($test['test']) { + case 'size': + $tests[$i] .= ($test['not'] ? 'not ' : ''); + $tests[$i] .= 'size :' . ($test['type']=='under' ? 'under ' : 'over ') . $test['arg']; + break; + + case 'true': + $tests[$i] .= ($test['not'] ? 'false' : 'true'); + break; + + case 'exists': + $tests[$i] .= ($test['not'] ? 'not ' : ''); + $tests[$i] .= 'exists ' . self::escape_string($test['arg']); + break; + + case 'header': + $tests[$i] .= ($test['not'] ? 'not ' : ''); + $tests[$i] .= 'header'; + + if (!empty($test['type'])) { + // relational operator + comparator + if (preg_match('/^(value|count)-([gteqnl]{2})/', $test['type'], $m)) { + array_push($exts, 'relational'); + array_push($exts, 'comparator-i;ascii-numeric'); + + $tests[$i] .= ' :' . $m[1] . ' "' . $m[2] . '" :comparator "i;ascii-numeric"'; + } + else { + $this->add_comparator($test, $tests[$i], $exts); + + if ($test['type'] == 'regex') { + array_push($exts, 'regex'); + } + + $tests[$i] .= ' :' . $test['type']; + } + } + + $tests[$i] .= ' ' . self::escape_string($test['arg1']); + $tests[$i] .= ' ' . self::escape_string($test['arg2']); + break; + + case 'address': + case 'envelope': + if ($test['test'] == 'envelope') { + array_push($exts, 'envelope'); + } + + $tests[$i] .= ($test['not'] ? 'not ' : ''); + $tests[$i] .= $test['test']; + + if (!empty($test['part'])) { + $tests[$i] .= ' :' . $test['part']; + if ($test['part'] == 'user' || $test['part'] == 'detail') { + array_push($exts, 'subaddress'); + } + } + + $this->add_comparator($test, $tests[$i], $exts); + + if (!empty($test['type'])) { + if ($test['type'] == 'regex') { + array_push($exts, 'regex'); + } + $tests[$i] .= ' :' . $test['type']; + } + + $tests[$i] .= ' ' . self::escape_string($test['arg1']); + $tests[$i] .= ' ' . self::escape_string($test['arg2']); + break; + + case 'body': + array_push($exts, 'body'); + + $tests[$i] .= ($test['not'] ? 'not ' : '') . 'body'; + + $this->add_comparator($test, $tests[$i], $exts); + + if (!empty($test['part'])) { + $tests[$i] .= ' :' . $test['part']; + + if (!empty($test['content']) && $test['part'] == 'content') { + $tests[$i] .= ' ' . self::escape_string($test['content']); + } + } + + if (!empty($test['type'])) { + if ($test['type'] == 'regex') { + array_push($exts, 'regex'); + } + $tests[$i] .= ' :' . $test['type']; + } + + $tests[$i] .= ' ' . self::escape_string($test['arg']); + break; + } + $i++; + } + } + + // disabled rule: if false #.... + if (!empty($tests)) { + $script .= 'if ' . ($rule['disabled'] ? 'false # ' : ''); + + if (count($tests) > 1) { + $tests_str = implode(', ', $tests); + } + else { + $tests_str = $tests[0]; + } + + if ($rule['join'] || count($tests) > 1) { + $script .= sprintf('%s (%s)', $rule['join'] ? 'allof' : 'anyof', $tests_str); + } + else { + $script .= $tests_str; + } + $script .= "\n{\n"; + } + + // action(s) + if (!empty($rule['actions'])) { + foreach ($rule['actions'] as $action) { + $action_script = ''; + + switch ($action['type']) { + + case 'fileinto': + array_push($exts, 'fileinto'); + $action_script .= 'fileinto '; + if ($action['copy']) { + $action_script .= ':copy '; + array_push($exts, 'copy'); + } + $action_script .= self::escape_string($action['target']); + break; + + case 'redirect': + $action_script .= 'redirect '; + if ($action['copy']) { + $action_script .= ':copy '; + array_push($exts, 'copy'); + } + $action_script .= self::escape_string($action['target']); + break; + + case 'reject': + case 'ereject': + array_push($exts, $action['type']); + $action_script .= $action['type'].' ' + . self::escape_string($action['target']); + break; + + case 'addflag': + case 'setflag': + case 'removeflag': + if (in_array('imap4flags', $this->supported)) + array_push($exts, 'imap4flags'); + else + array_push($exts, 'imapflags'); + + $action_script .= $action['type'].' ' + . self::escape_string($action['target']); + break; + + case 'keep': + case 'discard': + case 'stop': + $action_script .= $action['type']; + break; + + case 'include': + array_push($exts, 'include'); + $action_script .= 'include '; + foreach (array_diff(array_keys($action), array('target', 'type')) as $opt) { + $action_script .= ":$opt "; + } + $action_script .= self::escape_string($action['target']); + break; + + case 'set': + array_push($exts, 'variables'); + $action_script .= 'set '; + foreach (array_diff(array_keys($action), array('name', 'value', 'type')) as $opt) { + $action_script .= ":$opt "; + } + $action_script .= self::escape_string($action['name']) . ' ' . self::escape_string($action['value']); + break; + + case 'vacation': + array_push($exts, 'vacation'); + $action_script .= 'vacation'; + if (!empty($action['days'])) + $action_script .= " :days " . $action['days']; + if (!empty($action['addresses'])) + $action_script .= " :addresses " . self::escape_string($action['addresses']); + if (!empty($action['subject'])) + $action_script .= " :subject " . self::escape_string($action['subject']); + if (!empty($action['handle'])) + $action_script .= " :handle " . self::escape_string($action['handle']); + if (!empty($action['from'])) + $action_script .= " :from " . self::escape_string($action['from']); + if (!empty($action['mime'])) + $action_script .= " :mime"; + $action_script .= " " . self::escape_string($action['reason']); + break; + } + + if ($action_script) { + $script .= !empty($tests) ? "\t" : ''; + $script .= $action_script . ";\n"; + } + } + } + + if ($script) { + $output .= $script . (!empty($tests) ? "}\n" : ''); + $idx++; + } + } + + // requires + if (!empty($exts)) + $output = 'require ["' . implode('","', array_unique($exts)) . "\"];\n" . $output; + + if (!empty($this->prefix)) { + $output = $this->prefix . "\n\n" . $output; + } + + return $output; + } + + /** + * Returns script object + * + */ + public function as_array() + { + return $this->content; + } + + /** + * Returns array of supported extensions + * + */ + public function get_extensions() + { + return array_values($this->supported); + } + + /** + * Converts text script to rules array + * + * @param string Text script + */ + private function _parse_text($script) + { + $prefix = ''; + $options = array(); + + while ($script) { + $script = trim($script); + $rule = array(); + + // Comments + while (!empty($script) && $script[0] == '#') { + $endl = strpos($script, "\n"); + $line = $endl ? substr($script, 0, $endl) : $script; + + // Roundcube format + if (preg_match('/^# rule:\[(.*)\]/', $line, $matches)) { + $rulename = $matches[1]; + } + // KEP:14 variables + else if (preg_match('/^# (EDITOR|EDITOR_VERSION) (.+)$/', $line, $matches)) { + $this->set_var($matches[1], $matches[2]); + } + // Horde-Ingo format + else if (!empty($options['format']) && $options['format'] == 'INGO' + && preg_match('/^# (.*)/', $line, $matches) + ) { + $rulename = $matches[1]; + } + else if (empty($options['prefix'])) { + $prefix .= $line . "\n"; + } + + $script = ltrim(substr($script, strlen($line) + 1)); + } + + // handle script header + if (empty($options['prefix'])) { + $options['prefix'] = true; + if ($prefix && strpos($prefix, 'horde.org/ingo')) { + $options['format'] = 'INGO'; + } + } + + // Control structures/blocks + if (preg_match('/^(if|else|elsif)/i', $script)) { + $rule = $this->_tokenize_rule($script); + if (strlen($rulename) && !empty($rule)) { + $rule['name'] = $rulename; + } + } + // Simple commands + else { + $rule = $this->_parse_actions($script, ';'); + if (!empty($rule[0]) && is_array($rule)) { + // set "global" variables + if ($rule[0]['type'] == 'set') { + unset($rule[0]['type']); + $this->vars[] = $rule[0]; + } + else { + $rule = array('actions' => $rule); + } + } + } + + $rulename = ''; + + if (!empty($rule)) { + $this->content[] = $rule; + } + } + + if (!empty($prefix)) { + $this->prefix = trim($prefix); + } + } + + /** + * Convert text script fragment to rule object + * + * @param string Text rule + * + * @return array Rule data + */ + private function _tokenize_rule(&$content) + { + $cond = strtolower(self::tokenize($content, 1)); + + if ($cond != 'if' && $cond != 'elsif' && $cond != 'else') { + return null; + } + + $disabled = false; + $join = false; + + // disabled rule (false + comment): if false # ..... + if (preg_match('/^\s*false\s+#/i', $content)) { + $content = preg_replace('/^\s*false\s+#\s*/i', '', $content); + $disabled = true; + } + + while (strlen($content)) { + $tokens = self::tokenize($content, true); + $separator = array_pop($tokens); + + if (!empty($tokens)) { + $token = array_shift($tokens); + } + else { + $token = $separator; + } + + $token = strtolower($token); + + if ($token == 'not') { + $not = true; + $token = strtolower(array_shift($tokens)); + } + else { + $not = false; + } + + switch ($token) { + case 'allof': + $join = true; + break; + case 'anyof': + break; + + case 'size': + $size = array('test' => 'size', 'not' => $not); + for ($i=0, $len=count($tokens); $i<$len; $i++) { + if (!is_array($tokens[$i]) + && preg_match('/^:(under|over)$/i', $tokens[$i]) + ) { + $size['type'] = strtolower(substr($tokens[$i], 1)); + } + else { + $size['arg'] = $tokens[$i]; + } + } + + $tests[] = $size; + break; + + case 'header': + $header = array('test' => 'header', 'not' => $not, 'arg1' => '', 'arg2' => ''); + for ($i=0, $len=count($tokens); $i<$len; $i++) { + if (!is_array($tokens[$i]) && preg_match('/^:comparator$/i', $tokens[$i])) { + $header['comparator'] = $tokens[++$i]; + } + else if (!is_array($tokens[$i]) && preg_match('/^:(count|value)$/i', $tokens[$i])) { + $header['type'] = strtolower(substr($tokens[$i], 1)) . '-' . $tokens[++$i]; + } + else if (!is_array($tokens[$i]) && preg_match('/^:(is|contains|matches|regex)$/i', $tokens[$i])) { + $header['type'] = strtolower(substr($tokens[$i], 1)); + } + else { + $header['arg1'] = $header['arg2']; + $header['arg2'] = $tokens[$i]; + } + } + + $tests[] = $header; + break; + + case 'address': + case 'envelope': + $header = array('test' => $token, 'not' => $not, 'arg1' => '', 'arg2' => ''); + for ($i=0, $len=count($tokens); $i<$len; $i++) { + if (!is_array($tokens[$i]) && preg_match('/^:comparator$/i', $tokens[$i])) { + $header['comparator'] = $tokens[++$i]; + } + else if (!is_array($tokens[$i]) && preg_match('/^:(is|contains|matches|regex)$/i', $tokens[$i])) { + $header['type'] = strtolower(substr($tokens[$i], 1)); + } + else if (!is_array($tokens[$i]) && preg_match('/^:(localpart|domain|all|user|detail)$/i', $tokens[$i])) { + $header['part'] = strtolower(substr($tokens[$i], 1)); + } + else { + $header['arg1'] = $header['arg2']; + $header['arg2'] = $tokens[$i]; + } + } + + $tests[] = $header; + break; + + case 'body': + $header = array('test' => 'body', 'not' => $not, 'arg' => ''); + for ($i=0, $len=count($tokens); $i<$len; $i++) { + if (!is_array($tokens[$i]) && preg_match('/^:comparator$/i', $tokens[$i])) { + $header['comparator'] = $tokens[++$i]; + } + else if (!is_array($tokens[$i]) && preg_match('/^:(is|contains|matches|regex)$/i', $tokens[$i])) { + $header['type'] = strtolower(substr($tokens[$i], 1)); + } + else if (!is_array($tokens[$i]) && preg_match('/^:(raw|content|text)$/i', $tokens[$i])) { + $header['part'] = strtolower(substr($tokens[$i], 1)); + + if ($header['part'] == 'content') { + $header['content'] = $tokens[++$i]; + } + } + else { + $header['arg'] = $tokens[$i]; + } + } + + $tests[] = $header; + break; + + case 'exists': + $tests[] = array('test' => 'exists', 'not' => $not, + 'arg' => array_pop($tokens)); + break; + + case 'true': + $tests[] = array('test' => 'true', 'not' => $not); + break; + + case 'false': + $tests[] = array('test' => 'true', 'not' => !$not); + break; + } + + // goto actions... + if ($separator == '{') { + break; + } + } + + // ...and actions block + $actions = $this->_parse_actions($content); + + if ($tests && $actions) { + $result = array( + 'type' => $cond, + 'tests' => $tests, + 'actions' => $actions, + 'join' => $join, + 'disabled' => $disabled, + ); + } + + return $result; + } + + /** + * Parse body of actions section + * + * @param string $content Text body + * @param string $end End of text separator + * + * @return array Array of parsed action type/target pairs + */ + private function _parse_actions(&$content, $end = '}') + { + $result = null; + + while (strlen($content)) { + $tokens = self::tokenize($content, true); + $separator = array_pop($tokens); + + if (!empty($tokens)) { + $token = array_shift($tokens); + } + else { + $token = $separator; + } + + switch ($token) { + case 'discard': + case 'keep': + case 'stop': + $result[] = array('type' => $token); + break; + + case 'fileinto': + case 'redirect': + $copy = false; + $target = ''; + + for ($i=0, $len=count($tokens); $i<$len; $i++) { + if (strtolower($tokens[$i]) == ':copy') { + $copy = true; + } + else { + $target = $tokens[$i]; + } + } + + $result[] = array('type' => $token, 'copy' => $copy, + 'target' => $target); + break; + + case 'reject': + case 'ereject': + $result[] = array('type' => $token, 'target' => array_pop($tokens)); + break; + + case 'vacation': + $vacation = array('type' => 'vacation', 'reason' => array_pop($tokens)); + + for ($i=0, $len=count($tokens); $i<$len; $i++) { + $tok = strtolower($tokens[$i]); + if ($tok == ':days') { + $vacation['days'] = $tokens[++$i]; + } + else if ($tok == ':subject') { + $vacation['subject'] = $tokens[++$i]; + } + else if ($tok == ':addresses') { + $vacation['addresses'] = $tokens[++$i]; + } + else if ($tok == ':handle') { + $vacation['handle'] = $tokens[++$i]; + } + else if ($tok == ':from') { + $vacation['from'] = $tokens[++$i]; + } + else if ($tok == ':mime') { + $vacation['mime'] = true; + } + } + + $result[] = $vacation; + break; + + case 'setflag': + case 'addflag': + case 'removeflag': + $result[] = array('type' => $token, + // Flags list: last token (skip optional variable) + 'target' => $tokens[count($tokens)-1] + ); + break; + + case 'include': + $include = array('type' => 'include', 'target' => array_pop($tokens)); + + // Parameters: :once, :optional, :global, :personal + for ($i=0, $len=count($tokens); $i<$len; $i++) { + $tok = strtolower($tokens[$i]); + if ($tok[0] == ':') { + $include[substr($tok, 1)] = true; + } + } + + $result[] = $include; + break; + + case 'set': + $set = array('type' => 'set', 'value' => array_pop($tokens), 'name' => array_pop($tokens)); + + // Parameters: :lower :upper :lowerfirst :upperfirst :quotewildcard :length + for ($i=0, $len=count($tokens); $i<$len; $i++) { + $tok = strtolower($tokens[$i]); + if ($tok[0] == ':') { + $set[substr($tok, 1)] = true; + } + } + + $result[] = $set; + break; + + case 'require': + // skip, will be build according to used commands + // $result[] = array('type' => 'require', 'target' => $tokens); + break; + + } + + if ($separator == $end) + break; + } + + return $result; + } + + /** + * + */ + private function add_comparator($test, &$out, &$exts) + { + if (empty($test['comparator'])) { + return; + } + + if ($test['comparator'] == 'i;ascii-numeric') { + array_push($exts, 'relational'); + array_push($exts, 'comparator-i;ascii-numeric'); + } + else if (!in_array($test['comparator'], array('i;octet', 'i;ascii-casemap'))) { + array_push($exts, 'comparator-' . $test['comparator']); + } + + // skip default comparator + if ($test['comparator'] != 'i;ascii-casemap') { + $out .= ' :comparator ' . self::escape_string($test['comparator']); + } + } + + /** + * Escape special chars into quoted string value or multi-line string + * or list of strings + * + * @param string $str Text or array (list) of strings + * + * @return string Result text + */ + static function escape_string($str) + { + if (is_array($str) && count($str) > 1) { + foreach($str as $idx => $val) + $str[$idx] = self::escape_string($val); + + return '[' . implode(',', $str) . ']'; + } + else if (is_array($str)) { + $str = array_pop($str); + } + + // multi-line string + if (preg_match('/[\r\n\0]/', $str) || strlen($str) > 1024) { + return sprintf("text:\n%s\n.\n", self::escape_multiline_string($str)); + } + // quoted-string + else { + return '"' . addcslashes($str, '\\"') . '"'; + } + } + + /** + * Escape special chars in multi-line string value + * + * @param string $str Text + * + * @return string Text + */ + static function escape_multiline_string($str) + { + $str = preg_split('/(\r?\n)/', $str, -1, PREG_SPLIT_DELIM_CAPTURE); + + foreach ($str as $idx => $line) { + // dot-stuffing + if (isset($line[0]) && $line[0] == '.') { + $str[$idx] = '.' . $line; + } + } + + return implode($str); + } + + /** + * Splits script into string tokens + * + * @param string &$str The script + * @param mixed $num Number of tokens to return, 0 for all + * or True for all tokens until separator is found. + * Separator will be returned as last token. + * @param int $in_list Enable to call recursively inside a list + * + * @return mixed Tokens array or string if $num=1 + */ + static function tokenize(&$str, $num=0, $in_list=false) + { + $result = array(); + + // remove spaces from the beginning of the string + while (($str = ltrim($str)) !== '' + && (!$num || $num === true || count($result) < $num) + ) { + switch ($str[0]) { + + // Quoted string + case '"': + $len = strlen($str); + + for ($pos=1; $pos<$len; $pos++) { + if ($str[$pos] == '"') { + break; + } + if ($str[$pos] == "\\") { + if ($str[$pos + 1] == '"' || $str[$pos + 1] == "\\") { + $pos++; + } + } + } + if ($str[$pos] != '"') { + // error + } + // we need to strip slashes for a quoted string + $result[] = stripslashes(substr($str, 1, $pos - 1)); + $str = substr($str, $pos + 1); + break; + + // Parenthesized list + case '[': + $str = substr($str, 1); + $result[] = self::tokenize($str, 0, true); + break; + case ']': + $str = substr($str, 1); + return $result; + break; + + // list/test separator + case ',': + // command separator + case ';': + // block/tests-list + case '(': + case ')': + case '{': + case '}': + $sep = $str[0]; + $str = substr($str, 1); + if ($num === true) { + $result[] = $sep; + break 2; + } + break; + + // bracket-comment + case '/': + if ($str[1] == '*') { + if ($end_pos = strpos($str, '*/')) { + $str = substr($str, $end_pos + 2); + } + else { + // error + $str = ''; + } + } + break; + + // hash-comment + case '#': + if ($lf_pos = strpos($str, "\n")) { + $str = substr($str, $lf_pos); + break; + } + else { + $str = ''; + } + + // String atom + default: + // empty or one character + if ($str === '' || $str === null) { + break 2; + } + if (strlen($str) < 2) { + $result[] = $str; + $str = ''; + break; + } + + // tag/identifier/number + if (preg_match('/^([a-z0-9:_]+)/i', $str, $m)) { + $str = substr($str, strlen($m[1])); + + if ($m[1] != 'text:') { + $result[] = $m[1]; + } + // multiline string + else { + // possible hash-comment after "text:" + if (preg_match('/^( |\t)*(#[^\n]+)?\n/', $str, $m)) { + $str = substr($str, strlen($m[0])); + } + // get text until alone dot in a line + if (preg_match('/^(.*)\r?\n\.\r?\n/sU', $str, $m)) { + $text = $m[1]; + // remove dot-stuffing + $text = str_replace("\n..", "\n.", $text); + $str = substr($str, strlen($m[0])); + } + else { + $text = ''; + } + + $result[] = $text; + } + } + // fallback, skip one character as infinite loop prevention + else { + $str = substr($str, 1); + } + + break; + } + } + + return $num === 1 ? (isset($result[0]) ? $result[0] : null) : $result; + } + +} |