From 30cc01f89daea932d15a1a505d25b543913664ac Mon Sep 17 00:00:00 2001 From: Aleksander Machniak Date: Wed, 28 Nov 2012 20:21:09 +0100 Subject: Use Delivered-To header as a last resort for identity selection (#1488840) --- CHANGELOG | 1 + program/lib/Roundcube/rcube_imap_generic.php | 10 ++++++---- program/lib/Roundcube/rcube_storage.php | 1 + program/steps/mail/compose.inc | 15 ++++++++++++--- 4 files changed, 20 insertions(+), 7 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 4f6dc1778..140ff6423 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Use Delivered-To header as a last resort for identity selection (#1488840) - Fix XSS vulnerability using Flash files (#1488828) - Fix absolute positioning in HTML messages (#1488819) - Fix cache (in)validation after setting \Deleted flag diff --git a/program/lib/Roundcube/rcube_imap_generic.php b/program/lib/Roundcube/rcube_imap_generic.php index 70fd6eb2c..ae0bfdd6c 100644 --- a/program/lib/Roundcube/rcube_imap_generic.php +++ b/program/lib/Roundcube/rcube_imap_generic.php @@ -2206,10 +2206,13 @@ class rcube_imap_generic } break; default: - if (strlen($field) > 2) { - $result[$id]->others[$field] = $string; + if (strlen($field) < 3) { + break; } - break; + if ($result[$id]->others[$field]) { + $string = array_merge((array)$result[$id]->others[$field], (array)$string); + } + $result[$id]->others[$field] = $string; } } } @@ -2217,7 +2220,6 @@ class rcube_imap_generic // VANISHED response (QRESYNC RFC5162) // Sample: * VANISHED (EARLIER) 300:310,405,411 - else if (preg_match('/^\* VANISHED [()EARLIER]*/i', $line, $match)) { $line = substr($line, strlen($match[0])); $v_data = $this->tokenizeResponse($line, 1); diff --git a/program/lib/Roundcube/rcube_storage.php b/program/lib/Roundcube/rcube_storage.php index 1556aae41..245d911c0 100644 --- a/program/lib/Roundcube/rcube_storage.php +++ b/program/lib/Roundcube/rcube_storage.php @@ -64,6 +64,7 @@ abstract class rcube_storage 'MAIL-FOLLOWUP-TO', 'MAIL-REPLY-TO', 'RETURN-PATH', + 'DELIVERED-TO', ); const UNKNOWN = 0; diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc index 92ec88f1b..60662b382 100644 --- a/program/steps/mail/compose.inc +++ b/program/steps/mail/compose.inc @@ -298,7 +298,6 @@ else if (count($MESSAGE->identities)) { $from_idx = null; $found_idx = null; $default_identity = 0; // default identity is always first on the list - $return_path = $MESSAGE->headers->others['return-path']; // Select identity foreach ($MESSAGE->identities as $idx => $ident) { @@ -332,8 +331,8 @@ else if (count($MESSAGE->identities)) { $from_idx = $found_idx; } - // Fallback using Return-Path - if ($from_idx === null && $return_path) { + // Try Return-Path + if ($from_idx === null && ($return_path = $MESSAGE->headers->others['return-path'])) { foreach ($MESSAGE->identities as $idx => $ident) { if (strpos($return_path, str_replace('@', '=', $ident['email_ascii']).'@') !== false) { $from_idx = $idx; @@ -342,6 +341,16 @@ else if (count($MESSAGE->identities)) { } } + // Fallback using Delivered-To + if ($from_idx === null && ($delivered_to = $MESSAGE->headers->others['delivered-to'])) { + foreach ($MESSAGE->identities as $idx => $ident) { + if (in_array($ident['email_ascii'], $delivered_to)) { + $from_idx = $idx; + break; + } + } + } + $ident = $MESSAGE->identities[$from_idx !== null ? $from_idx : $default_identity]; $from_id = $ident['identity_id']; -- cgit v1.2.3