Projekte/web-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Twig, Tests, AES,

Browse Source
This commit is contained in:
Roman
2021-12-08 16:53:43 +01:00
parent 25d47f7528
commit 918244125c
74 changed files with 5350 additions and 1515 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
core/External/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
vendor/

5
core/External/PHPMailer/Exception.php vendored
View File

@@ -1,4 +1,5 @@
<?php
/**
* PHPMailer Exception class.
* PHP Version 5.5.
@@ -9,7 +10,7 @@
* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
* @author Brent R. Matzelle (original founder)
* @copyright 2012 - 2017 Marcus Bointon
* @copyright 2012 - 2020 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
@@ -34,6 +35,6 @@ class Exception extends \Exception
*/
public function errorMessage()
{
return '<strong>' . htmlspecialchars($this->getMessage()) . "</strong><br />\n";
return '<strong>' . htmlspecialchars($this->getMessage(), ENT_COMPAT | ENT_HTML401) . "</strong><br />\n";
}
}

5
core/External/PHPMailer/OAuth.php vendored
View File

@@ -1,4 +1,5 @@
<?php
/**
* PHPMailer - PHP email creation and transport class.
* PHP Version 5.5.
@@ -9,7 +10,7 @@
* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
* @author Brent R. Matzelle (original founder)
* @copyright 2012 - 2015 Marcus Bointon
* @copyright 2012 - 2020 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
@@ -122,7 +123,7 @@ class OAuth
*/
public function getOauth64()
{
// Get a new token if it's not available or has expired
//Get a new token if it's not available or has expired
if (null === $this->oauthToken || $this->oauthToken->hasExpired()) {
$this->oauthToken = $this->getToken();
}

882
core/External/PHPMailer/PHPMailer.php vendored
View File

File diff suppressed because it is too large Load Diff

101
core/External/PHPMailer/POP3.php vendored
View File

@@ -1,4 +1,5 @@
<?php
/**
* PHPMailer POP-Before-SMTP Authentication Class.
* PHP Version 5.5.
@@ -9,7 +10,7 @@
* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
* @author Brent R. Matzelle (original founder)
* @copyright 2012 - 2019 Marcus Bointon
* @copyright 2012 - 2020 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
@@ -45,7 +46,7 @@ class POP3
*
* @var string
*/
const VERSION = '6.1.4';
const VERSION = '6.5.1';
/**
* Default POP3 port number.
@@ -62,12 +63,16 @@ class POP3
const DEFAULT_TIMEOUT = 30;
/**
* Debug display level.
* Options: 0 = no, 1+ = yes.
* POP3 class debug output mode.
* Debug output level.
* Options:
* @see POP3::DEBUG_OFF: No output
* @see POP3::DEBUG_SERVER: Server messages, connection/server errors
* @see POP3::DEBUG_CLIENT: Client and Server messages, connection/server errors
*
* @var int
*/
public $do_debug = 0;
public $do_debug = self::DEBUG_OFF;
/**
* POP3 mail server hostname.
@@ -130,6 +135,28 @@ class POP3
*/
const LE = "\r\n";
/**
* Debug level for no output.
*
* @var int
*/
const DEBUG_OFF = 0;
/**
* Debug level to show server -> client messages
* also shows clients connection errors or errors from server
*
* @var int
*/
const DEBUG_SERVER = 1;
/**
* Debug level to show client -> server and server -> client messages.
*
* @var int
*/
const DEBUG_CLIENT = 2;
/**
* Simple static wrapper for all-in-one POP before SMTP.
*
@@ -172,13 +199,13 @@ class POP3
public function authorise($host, $port = false, $timeout = false, $username = '', $password = '', $debug_level = 0)
{
$this->host = $host;
// If no port value provided, use default
//If no port value provided, use default
if (false === $port) {
$this->port = static::DEFAULT_PORT;
} else {
$this->port = (int) $port;
}
// If no timeout value provided, use default
//If no timeout value provided, use default
if (false === $timeout) {
$this->tval = static::DEFAULT_TIMEOUT;
} else {
@@ -187,9 +214,9 @@ class POP3
$this->do_debug = $debug_level;
$this->username = $username;
$this->password = $password;
// Reset the error log
//Reset the error log
$this->errors = [];
// connect
//Connect
$result = $this->connect($this->host, $this->port, $this->tval);
if ($result) {
$login_result = $this->login($this->username, $this->password);
@@ -199,7 +226,7 @@ class POP3
return true;
}
}
// We need to disconnect regardless of whether the login succeeded
//We need to disconnect regardless of whether the login succeeded
$this->disconnect();
return false;
@@ -216,7 +243,7 @@ class POP3
*/
public function connect($host, $port = false, $tval = 30)
{
// Are we already connected?
//Are we already connected?
if ($this->connected) {
return true;
}
@@ -229,20 +256,22 @@ class POP3
$port = static::DEFAULT_PORT;
}
// connect to the POP3 server
//Connect to the POP3 server
$errno = 0;
$errstr = '';
$this->pop_conn = fsockopen(
$host, // POP3 Host
$port, // Port #
$errno, // Error Number
$errstr, // Error Message
$host, //POP3 Host
$port, //Port #
$errno, //Error Number
$errstr, //Error Message
$tval
); // Timeout (seconds)
// Restore the error handler
); //Timeout (seconds)
//Restore the error handler
restore_error_handler();
// Did we connect?
//Did we connect?
if (false === $this->pop_conn) {
// It would appear not...
//It would appear not...
$this->setError(
"Failed to connect to server $host on port $port. errno: $errno; errstr: $errstr"
);
@@ -250,14 +279,14 @@ class POP3
return false;
}
// Increase the stream time-out
//Increase the stream time-out
stream_set_timeout($this->pop_conn, $tval, 0);
// Get the POP3 server response
//Get the POP3 server response
$pop3_response = $this->getResponse();
// Check for the +OK
//Check for the +OK
if ($this->checkResponse($pop3_response)) {
// The connection is established and the POP3 server is talking
//The connection is established and the POP3 server is talking
$this->connected = true;
return true;
@@ -279,6 +308,7 @@ class POP3
{
if (!$this->connected) {
$this->setError('Not connected to POP3 server');
return false;
}
if (empty($username)) {
$username = $this->username;
@@ -287,11 +317,11 @@ class POP3
$password = $this->password;
}
// Send the Username
//Send the Username
$this->sendString("USER $username" . static::LE);
$pop3_response = $this->getResponse();
if ($this->checkResponse($pop3_response)) {
// Send the Password
//Send the Password
$this->sendString("PASS $password" . static::LE);
$pop3_response = $this->getResponse();
if ($this->checkResponse($pop3_response)) {
@@ -308,6 +338,15 @@ class POP3
public function disconnect()
{
$this->sendString('QUIT');
// RFC 1939 shows POP3 server sending a +OK response to the QUIT command.
// Try to get it. Ignore any failures here.
try {
$this->getResponse();
} catch (Exception $e) {
//Do nothing
}
//The QUIT command may cause the daemon to exit, which will kill our connection
//So ignore errors here
try {
@@ -315,6 +354,10 @@ class POP3
} catch (Exception $e) {
//Do nothing
}
// Clean up attributes.
$this->connected = false;
$this->pop_conn = false;
}
/**
@@ -327,7 +370,7 @@ class POP3
protected function getResponse($size = 128)
{
$response = fgets($this->pop_conn, $size);
if ($this->do_debug >= 1) {
if ($this->do_debug >= self::DEBUG_SERVER) {
echo 'Server -> Client: ', $response;
}
@@ -344,7 +387,7 @@ class POP3
protected function sendString($string)
{
if ($this->pop_conn) {
if ($this->do_debug >= 2) { //Show client messages when debug >= 2
if ($this->do_debug >= self::DEBUG_CLIENT) { //Show client messages when debug >= 2
echo 'Client -> Server: ', $string;
}
@@ -382,7 +425,7 @@ class POP3
protected function setError($error)
{
$this->errors[] = $error;
if ($this->do_debug >= 1) {
if ($this->do_debug >= self::DEBUG_SERVER) {
echo '<pre>';
foreach ($this->errors as $e) {
print_r($e);

237
core/External/PHPMailer/SMTP.php vendored
View File

@@ -1,4 +1,5 @@
<?php
/**
* PHPMailer RFC821 SMTP email transport class.
* PHP Version 5.5.
@@ -9,7 +10,7 @@
* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
* @author Brent R. Matzelle (original founder)
* @copyright 2012 - 2019 Marcus Bointon
* @copyright 2012 - 2020 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
@@ -34,7 +35,7 @@ class SMTP
*
* @var string
*/
const VERSION = '6.1.4';
const VERSION = '6.5.1';
/**
* SMTP line break constant.
@@ -185,6 +186,7 @@ class SMTP
'Amazon_SES' => '/[\d]{3} Ok (.*)/',
'SendGrid' => '/[\d]{3} Ok: queued as (.*)/',
'CampaignMonitor' => '/[\d]{3} 2.0.0 OK:([a-zA-Z\d]{48})/',
'Haraka' => '/[\d]{3} Message Queued \((.*)\)/',
];
/**
@@ -311,17 +313,11 @@ class SMTP
*/
public function connect($host, $port = null, $timeout = 30, $options = [])
{
static $streamok;
//This is enabled by default since 5.0.0 but some providers disable it
//Check this once and cache the result
if (null === $streamok) {
$streamok = function_exists('stream_socket_client');
}
// Clear errors to avoid confusion
//Clear errors to avoid confusion
$this->setError('');
// Make sure we are __not__ connected
//Make sure we are __not__ connected
if ($this->connected()) {
// Already connected, generate error
//Already connected, generate error
$this->setError('Already connected to a server');
return false;
@@ -329,18 +325,66 @@ class SMTP
if (empty($port)) {
$port = self::DEFAULT_PORT;
}
// Connect to the SMTP server
//Connect to the SMTP server
$this->edebug(
"Connection: opening to $host:$port, timeout=$timeout, options=" .
(count($options) > 0 ? var_export($options, true) : 'array()'),
self::DEBUG_CONNECTION
);
$this->smtp_conn = $this->getSMTPConnection($host, $port, $timeout, $options);
if ($this->smtp_conn === false) {
//Error info already set inside `getSMTPConnection()`
return false;
}
$this->edebug('Connection: opened', self::DEBUG_CONNECTION);
//Get any announcement
$this->last_reply = $this->get_lines();
$this->edebug('SERVER -> CLIENT: ' . $this->last_reply, self::DEBUG_SERVER);
$responseCode = (int)substr($this->last_reply, 0, 3);
if ($responseCode === 220) {
return true;
}
//Anything other than a 220 response means something went wrong
//RFC 5321 says the server will wait for us to send a QUIT in response to a 554 error
//https://tools.ietf.org/html/rfc5321#section-3.1
if ($responseCode === 554) {
$this->quit();
}
//This will handle 421 responses which may not wait for a QUIT (e.g. if the server is being shut down)
$this->edebug('Connection: closing due to error', self::DEBUG_CONNECTION);
$this->close();
return false;
}
/**
* Create connection to the SMTP server.
*
* @param string $host SMTP server IP or host name
* @param int $port The port number to connect to
* @param int $timeout How long to wait for the connection to open
* @param array $options An array of options for stream_context_create()
*
* @return false|resource
*/
protected function getSMTPConnection($host, $port = null, $timeout = 30, $options = [])
{
static $streamok;
//This is enabled by default since 5.0.0 but some providers disable it
//Check this once and cache the result
if (null === $streamok) {
$streamok = function_exists('stream_socket_client');
}
$errno = 0;
$errstr = '';
if ($streamok) {
$socket_context = stream_context_create($options);
set_error_handler([$this, 'errorHandler']);
$this->smtp_conn = stream_socket_client(
$connection = stream_socket_client(
$host . ':' . $port,
$errno,
$errstr,
@@ -348,7 +392,6 @@ class SMTP
STREAM_CLIENT_CONNECT,
$socket_context
);
restore_error_handler();
} else {
//Fall back to fsockopen which should work in more places, but is missing some features
$this->edebug(
@@ -356,17 +399,18 @@ class SMTP
self::DEBUG_CONNECTION
);
set_error_handler([$this, 'errorHandler']);
$this->smtp_conn = fsockopen(
$connection = fsockopen(
$host,
$port,
$errno,
$errstr,
$timeout
);
restore_error_handler();
}
// Verify we connected properly
if (!is_resource($this->smtp_conn)) {
restore_error_handler();
//Verify we connected properly
if (!is_resource($connection)) {
$this->setError(
'Failed to connect to server',
'',
@@ -381,22 +425,19 @@ class SMTP
return false;
}
$this->edebug('Connection: opened', self::DEBUG_CONNECTION);
// SMTP server can take longer to respond, give longer timeout for first read
// Windows does not have support for this timeout function
//SMTP server can take longer to respond, give longer timeout for first read
//Windows does not have support for this timeout function
if (strpos(PHP_OS, 'WIN') !== 0) {
$max = (int) ini_get('max_execution_time');
// Don't bother if unlimited
if (0 !== $max && $timeout > $max) {
$max = (int)ini_get('max_execution_time');
//Don't bother if unlimited, or if set_time_limit is disabled
if (0 !== $max && $timeout > $max && strpos(ini_get('disable_functions'), 'set_time_limit') === false) {
@set_time_limit($timeout);
}
stream_set_timeout($this->smtp_conn, $timeout, 0);
stream_set_timeout($connection, $timeout, 0);
}
// Get any announcement
$announce = $this->get_lines();
$this->edebug('SERVER -> CLIENT: ' . $announce, self::DEBUG_SERVER);
return true;
return $connection;
}
/**
@@ -420,7 +461,7 @@ class SMTP
$crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT;
}
// Begin encrypted connection
//Begin encrypted connection
set_error_handler([$this, 'errorHandler']);
$crypto_ok = stream_socket_enable_crypto(
$this->smtp_conn,
@@ -458,11 +499,11 @@ class SMTP
}
if (array_key_exists('EHLO', $this->server_caps)) {
// SMTP extensions are available; try to find a proper authentication method
//SMTP extensions are available; try to find a proper authentication method
if (!array_key_exists('AUTH', $this->server_caps)) {
$this->setError('Authentication is not allowed at this stage');
// 'at this stage' means that auth may be allowed after the stage changes
// e.g. after STARTTLS
//'at this stage' means that auth may be allowed after the stage changes
//e.g. after STARTTLS
return false;
}
@@ -506,22 +547,25 @@ class SMTP
}
switch ($authtype) {
case 'PLAIN':
// Start authentication
//Start authentication
if (!$this->sendCommand('AUTH', 'AUTH PLAIN', 334)) {
return false;
}
// Send encoded username and password
if (!$this->sendCommand(
'User & Password',
base64_encode("\0" . $username . "\0" . $password),
235
)
//Send encoded username and password
if (
//Format from https://tools.ietf.org/html/rfc4616#section-2
//We skip the first field (it's forgery), so the string starts with a null byte
!$this->sendCommand(
'User & Password',
base64_encode("\0" . $username . "\0" . $password),
235
)
) {
return false;
}
break;
case 'LOGIN':
// Start authentication
//Start authentication
if (!$this->sendCommand('AUTH', 'AUTH LOGIN', 334)) {
return false;
}
@@ -533,17 +577,17 @@ class SMTP
}
break;
case 'CRAM-MD5':
// Start authentication
//Start authentication
if (!$this->sendCommand('AUTH CRAM-MD5', 'AUTH CRAM-MD5', 334)) {
return false;
}
// Get the challenge
//Get the challenge
$challenge = base64_decode(substr($this->last_reply, 4));
// Build the response
//Build the response
$response = $username . ' ' . $this->hmac($challenge, $password);
// send encoded credentials
//send encoded credentials
return $this->sendCommand('Username', base64_encode($response), 235);
case 'XOAUTH2':
//The OAuth instance must be set up prior to requesting auth.
@@ -552,7 +596,7 @@ class SMTP
}
$oauth = $OAuth->getOauth64();
// Start authentication
//Start authentication
if (!$this->sendCommand('AUTH', 'AUTH XOAUTH2 ' . $oauth, 235)) {
return false;
}
@@ -582,15 +626,15 @@ class SMTP
return hash_hmac('md5', $data, $key);
}
// The following borrowed from
// http://php.net/manual/en/function.mhash.php#27225
//The following borrowed from
//http://php.net/manual/en/function.mhash.php#27225
// RFC 2104 HMAC implementation for php.
// Creates an md5 HMAC.
// Eliminates the need to install mhash to compute a HMAC
// by Lance Rushing
//RFC 2104 HMAC implementation for php.
//Creates an md5 HMAC.
//Eliminates the need to install mhash to compute a HMAC
//by Lance Rushing
$bytelen = 64; // byte length for md5
$bytelen = 64; //byte length for md5
if (strlen($key) > $bytelen) {
$key = pack('H*', md5($key));
}
@@ -613,7 +657,7 @@ class SMTP
if (is_resource($this->smtp_conn)) {
$sock_status = stream_get_meta_data($this->smtp_conn);
if ($sock_status['eof']) {
// The socket is valid but we are not connected
//The socket is valid but we are not connected
$this->edebug(
'SMTP NOTICE: EOF caught while checking if connected',
self::DEBUG_CLIENT
@@ -623,7 +667,7 @@ class SMTP
return false;
}
return true; // everything looks good
return true; //everything looks good
}
return false;
@@ -641,7 +685,7 @@ class SMTP
$this->server_caps = null;
$this->helo_rply = null;
if (is_resource($this->smtp_conn)) {
// close the connection and cleanup
//Close the connection and cleanup
fclose($this->smtp_conn);
$this->smtp_conn = null; //Makes for cleaner serialization
$this->edebug('Connection: closed', self::DEBUG_CONNECTION);
@@ -651,7 +695,7 @@ class SMTP
/**
* Send an SMTP DATA command.
* Issues a data command and sends the msg_data to the server,
* finializing the mail transaction. $msg_data is the message
* finalizing the mail transaction. $msg_data is the message
* that is to be send with the headers. Each header needs to be
* on a single line followed by a <CRLF> with the message headers
* and the message body being separated by an additional <CRLF>.
@@ -676,7 +720,7 @@ class SMTP
* NOTE: this does not count towards line-length limit.
*/
// Normalize line breaks before exploding
//Normalize line breaks before exploding
$lines = explode("\n", str_replace(["\r\n", "\r"], "\n", $msg_data));
/* To distinguish between a complete RFC822 message and a plain message body, we check if the first field
@@ -722,7 +766,8 @@ class SMTP
//Send the lines to the server
foreach ($lines_out as $line_out) {
//RFC2821 section 4.5.2
//Dot-stuffing as per RFC5321 section 4.5.2
//https://tools.ietf.org/html/rfc5321#section-4.5.2
if (!empty($line_out) && $line_out[0] === '.') {
$line_out = '.' . $line_out;
}
@@ -756,7 +801,16 @@ class SMTP
public function hello($host = '')
{
//Try extended hello first (RFC 2821)
return $this->sendHello('EHLO', $host) or $this->sendHello('HELO', $host);
if ($this->sendHello('EHLO', $host)) {
return true;
}
//Some servers shut down the SMTP service here (RFC 5321)
if (substr($this->helo_rply, 0, 3) == '421') {
return false;
}
return $this->sendHello('HELO', $host);
}
/**
@@ -946,12 +1000,12 @@ class SMTP
$this->client_send($commandstring . static::LE, $command);
$this->last_reply = $this->get_lines();
// Fetch SMTP code and possible error code explanation
//Fetch SMTP code and possible error code explanation
$matches = [];
if (preg_match('/^([\d]{3})[ -](?:([\d]\\.[\d]\\.[\d]{1,2}) )?/', $this->last_reply, $matches)) {
$code = (int) $matches[1];
$code_ex = (count($matches) > 2 ? $matches[2] : null);
// Cut off error code from each response line
//Cut off error code from each response line
$detail = preg_replace(
"/{$code}[ -]" .
($code_ex ? str_replace('.', '\\.', $code_ex) . ' ' : '') . '/m',
@@ -959,7 +1013,7 @@ class SMTP
$this->last_reply
);
} else {
// Fall back to simple parsing if regex fails
//Fall back to simple parsing if regex fails
$code = (int) substr($this->last_reply, 0, 3);
$code_ex = null;
$detail = substr($this->last_reply, 4);
@@ -1058,8 +1112,10 @@ class SMTP
{
//If SMTP transcripts are left enabled, or debug output is posted online
//it can leak credentials, so hide credentials in all but lowest level
if (self::DEBUG_LOWLEVEL > $this->do_debug &&
in_array($command, ['User & Password', 'Username', 'Password'], true)) {
if (
self::DEBUG_LOWLEVEL > $this->do_debug &&
in_array($command, ['User & Password', 'Username', 'Password'], true)
) {
$this->edebug('CLIENT -> SERVER: [credentials hidden]', self::DEBUG_CLIENT);
} else {
$this->edebug('CLIENT -> SERVER: ' . $data, self::DEBUG_CLIENT);
@@ -1113,7 +1169,7 @@ class SMTP
if (!$this->server_caps) {
$this->setError('No HELO/EHLO was sent');
return;
return null;
}
if (!array_key_exists($name, $this->server_caps)) {
@@ -1125,7 +1181,7 @@ class SMTP
}
$this->setError('HELO handshake was used; No information about server extensions available');
return;
return null;
}
return $this->server_caps[$name];
@@ -1152,7 +1208,7 @@ class SMTP
*/
protected function get_lines()
{
// If the connection is bad, give up straight away
//If the connection is bad, give up straight away
if (!is_resource($this->smtp_conn)) {
return '';
}
@@ -1166,33 +1222,61 @@ class SMTP
$selW = null;
while (is_resource($this->smtp_conn) && !feof($this->smtp_conn)) {
//Must pass vars in here as params are by reference
if (!stream_select($selR, $selW, $selW, $this->Timelimit)) {
//solution for signals inspired by https://github.com/symfony/symfony/pull/6540
set_error_handler([$this, 'errorHandler']);
$n = stream_select($selR, $selW, $selW, $this->Timelimit);
restore_error_handler();
if ($n === false) {
$message = $this->getError()['detail'];
$this->edebug(
'SMTP -> get_lines(): timed-out (' . $this->Timeout . ' sec)',
'SMTP -> get_lines(): select failed (' . $message . ')',
self::DEBUG_LOWLEVEL
);
//stream_select returns false when the `select` system call is interrupted
//by an incoming signal, try the select again
if (stripos($message, 'interrupted system call') !== false) {
$this->edebug(
'SMTP -> get_lines(): retrying stream_select',
self::DEBUG_LOWLEVEL
);
$this->setError('');
continue;
}
break;
}
if (!$n) {
$this->edebug(
'SMTP -> get_lines(): select timed-out in (' . $this->Timelimit . ' sec)',
self::DEBUG_LOWLEVEL
);
break;
}
//Deliberate noise suppression - errors are handled afterwards
$str = @fgets($this->smtp_conn, self::MAX_REPLY_LENGTH);
$this->edebug('SMTP INBOUND: "' . trim($str) . '"', self::DEBUG_LOWLEVEL);
$data .= $str;
// If response is only 3 chars (not valid, but RFC5321 S4.2 says it must be handled),
// or 4th character is a space or a line break char, we are done reading, break the loop.
// String array access is a significant micro-optimisation over strlen
//If response is only 3 chars (not valid, but RFC5321 S4.2 says it must be handled),
//or 4th character is a space or a line break char, we are done reading, break the loop.
//String array access is a significant micro-optimisation over strlen
if (!isset($str[3]) || $str[3] === ' ' || $str[3] === "\r" || $str[3] === "\n") {
break;
}
// Timed-out? Log and break
//Timed-out? Log and break
$info = stream_get_meta_data($this->smtp_conn);
if ($info['timed_out']) {
$this->edebug(
'SMTP -> get_lines(): timed-out (' . $this->Timeout . ' sec)',
'SMTP -> get_lines(): stream timed-out (' . $this->Timeout . ' sec)',
self::DEBUG_LOWLEVEL
);
break;
}
// Now check if reads took too long
//Now check if reads took too long
if ($endtime && time() > $endtime) {
$this->edebug(
'SMTP -> get_lines(): timelimit reached (' .
@@ -1344,6 +1428,7 @@ class SMTP
} else {
$this->last_smtp_transaction_id = false;
foreach ($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
$matches = [];
if (preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
$this->last_smtp_transaction_id = trim($matches[1]);
break;

164
core/External/ZipStream/File.php vendored
View File

@@ -26,16 +26,16 @@ namespace External\ZipStream {
private $content = '';
private $fileHandle = false;
private $lastModificationTimestamp;
private $crc32 = null;
private $fileSize = 0;
private $compressedSize = 0;
protected $fileSize = 0;
protected $compressedSize = 0;
private $offset = 0;
private $bitField = 0;
private $useCompression = true;
protected $useCompression = true;
private $deflateState = null;
//check for duplications //currently not used
private $sha256;
protected $crc32 = null;
protected $sha256;
public const BIT_NO_SIZE_IN_HEADER = 0b0000000000001000;
public const BIT_UTF8_NAMES = 0b0000100000000000;
@@ -45,12 +45,17 @@ namespace External\ZipStream {
$this->lastModificationTimestamp = time();
$this->crc32 = hash('crc32b', '', true);
$this->compressedSize = 0;
$this->fileSize = 0;
$this->bitField = 0;
$this->bitField |= self::BIT_NO_SIZE_IN_HEADER;
$this->bitField |= self::BIT_UTF8_NAMES;
$this->deflateState = deflate_init(ZLIB_ENCODING_RAW, ['level' => 9]);
$this->deflateState = deflate_init(ZLIB_ENCODING_RAW);
}
public function disableCompression() {
$this->useCompression = false;
}
public function setContent($content) {
@@ -68,13 +73,6 @@ namespace External\ZipStream {
$this->fileHandle = fopen($filename, 'rb');
}
public function loadFromBuffer($buf) {
$this->crc32 = hash('crc32b', $buf, true);
$this->sha256 = hash('sha256', $buf);
$this->fileSize = strlen($buf);
$this->content = $buf;
}
public function name() {
return $this->name;
}
@@ -101,14 +99,14 @@ namespace External\ZipStream {
($day);
}
public function readLocalFileHeader() {
public function readLocalFileHeader(bool $zip64 = false) {
if (!$this->useCompression) {
$this->compressedSize = $this->fileSize;
}
$header = "";
$header .= "\x50\x4b\x03\x04";
$header .= "\x14\x00"; //version 2.0 and MS-DOS compatible
$header .= $zip64 ? "\x2d\x00" : "\x14\x00"; //version 2.0 and MS-DOS compatible
$header .= pack("v", $this->bitField); //general purpose bit flag
if ($this->useCompression) {
$header .= "\x08\x00"; //compression Method - deflate
@@ -117,28 +115,59 @@ namespace External\ZipStream {
}
$header .= pack("v", $this->unixTimeToDosTime($this->lastModificationTimestamp)); //dos time
$header .= pack("v", $this->unixTimeToDosDate($this->lastModificationTimestamp)); //dos date
if ($this->bitField & self::BIT_NO_SIZE_IN_HEADER) {
$header .= pack("V", 0); //crc32
$header .= pack("V", 0); //compressed Size
$header .= pack("V", 0); //uncompressed Size
if ($zip64) {
if ($this->bitField & self::BIT_NO_SIZE_IN_HEADER) {
$header .= pack("V", 0); //crc32
} else {
$header .= strrev($this->crc32);
}
$header .= "\xFF\xFF\xFF\xFF"; //compressed Size
$header .= "\xFF\xFF\xFF\xFF"; //uncompressed Size
} else {
$header .= strrev($this->crc32);
$header .= pack("V", $this->compressedSize); //compressed Size
$header .= pack("V", $this->fileSize); //uncompressed Size
if ($this->bitField & self::BIT_NO_SIZE_IN_HEADER) {
$header .= pack("V", 0); //crc32
$header .= pack("V", 0); //compressed Size
$header .= pack("V", 0); //uncompressed Size
} else {
$header .= strrev($this->crc32);
$header .= pack("V", $this->compressedSize); //compressed Size
$header .= pack("V", $this->fileSize); //uncompressed Size
}
}
$header .= pack("v", strlen($this->name)); //filename
$header .= "\x00\x00"; //extra field length
$header .= $this->name;
if ($zip64) {
$header .= pack("v", 16+4); //extra field length (signatures + data)
$header .= $this->name;
$header .= pack("v", 0x0001); # Zip64 extended information extra field
$header .= pack("v", 16); // 2 * 8 byte
if ($this->bitField & self::BIT_NO_SIZE_IN_HEADER) {
$header .= pack("P", 0);
$header .= pack("P", 0);
} else {
$header .= pack("P", $this->compressedSize);
$header .= pack("P", $this->fileSize);
}
} else {
$header .= "\x00\x00"; //extra field length
$header .= $this->name;
}
return $header;
}
public function readDataDescriptor() {
public function readDataDescriptor(bool $zip64 = false) {
if (!$this->useCompression) {
$this->compressedSize = $this->fileSize;
}
$data = "";
$data .= "\x50\x4b\x07\x08";
$data .= strrev($this->crc32);
$data .= pack("V", $this->compressedSize); //compressed Size
$data .= pack("V", $this->fileSize); //uncompressed Size
$data .= $zip64 ? pack("P", $this->compressedSize) : pack("V", $this->compressedSize); //compressed Size
$data .= $zip64 ? pack("P", $this->fileSize) : pack("V", $this->fileSize); //uncompressed Size
return $data;
}
@@ -156,21 +185,28 @@ namespace External\ZipStream {
return $ret;
}
protected function compress($block) {
$ret = null;
if ($this->deflateState !== null) {
if (!empty($block)) {
$ret = deflate_add($this->deflateState, $block, ZLIB_NO_FLUSH);
} else {
$ret = deflate_add($this->deflateState, '', ZLIB_FINISH);
$this->deflateState = null;
}
$this->compressedSize += strlen($ret);
}
return $ret;
}
public function readFileData() {
$ret = null;
if ($this->useCompression) {
$block = $this->readFileDataImp();
if ($this->deflateState !== null) {
if ($block !== null) {
$ret = deflate_add($this->deflateState, $block, ZLIB_NO_FLUSH);
} else {
$ret = deflate_add($this->deflateState, '', ZLIB_FINISH);
$this->deflateState = null;
}
}
if ($ret !== null) {
$this->compressedSize += strlen($ret);
}
$ret = $this->compress($block);
} else {
$ret = $this->readFileDataImp();
}
@@ -181,27 +217,61 @@ namespace External\ZipStream {
$this->offset = $offset;
}
public function readCentralDirectoryHeader() {
public function readCentralDirectoryHeader(bool $zip64 = false) {
$maxInt32 = 0xFFFFFFFF;
$extraFields = "";
// Compressed Size
if ($zip64 && $this->compressedSize >= $maxInt32) {
$compressedSize = "\xFF\xFF\xFF\xFF";
$extraFields .= pack("P", $this->compressedSize);
} else {
$compressedSize = pack("V", $this->compressedSize);
}
// Uncompressed Size
if ($zip64 && $this->fileSize >= $maxInt32) {
$fileSize = "\xFF\xFF\xFF\xFF";
$extraFields .= pack("P", $this->fileSize);
} else {
$fileSize = pack("V", $this->fileSize);
}
// Offset
if ($zip64 && $this->offset >= $maxInt32) {
$offset = "\xFF\xFF\xFF\xFF";
$extraFields .= pack("P", $this->offset);
} else {
$offset = pack("V", $this->offset);
}
$header = "";
$header .= "\x50\x4b\x01\x02";
$header .= "\x14\x00"; //version 2.0 and MS-DOS compatible
$header .= "\x14\x00"; //version 2.0 and MS-DOS compatible
$header .= $zip64 ? "\x2d\x00" : "\x14\x00"; //version 2.0 and MS-DOS compatible
$header .= $zip64 ? "\x2d\x00" : "\x14\x00"; //version 2.0 and MS-DOS compatible
$header .= pack("v", $this->bitField); //general purpose bit flag
$header .= "\x00\x00"; //compression Method - no
$header .= $this->useCompression ? "\x08\x00" : "\x00\x00"; //compression Method - no
$header .= pack("v", $this->unixTimeToDosTime($this->lastModificationTimestamp)); //dos time
$header .= pack("v", $this->unixTimeToDosDate($this->lastModificationTimestamp)); //dos date
$header .= strrev($this->crc32);
$header .= pack("V", $this->compressedSize); //compressed Size
$header .= pack("V", $this->fileSize); //uncompressed Size
$header .= $compressedSize; //compressed Size
$header .= $fileSize; //uncompressed Size
$header .= pack("v", strlen($this->name)); //filename
$header .= "\x00\x00"; //extra field length
$header .= (strlen($extraFields) > 0) ? pack('v', strlen($extraFields) + 4) : "\x00\x00"; //extra field length
$header .= "\x00\x00"; //comment length
$header .= "\x00\x00"; //disk num start
$header .= "\x00\x00"; //int file attr
$header .= "\x00\x00\x00\x00"; //ext file attr
$header .= pack("V", $this->offset); //relative offset
$header .= $offset; //relative offset
$header .= $this->name;
if (strlen($extraFields) > 0) {
$header .= pack("v", 0x0001); # Zip64 extended information extra field
$header .= pack("v", strlen($extraFields));
$header .= $extraFields;
}
return $header;
}

46
core/External/ZipStream/FileStream.class.php vendored Normal file
View File

@@ -0,0 +1,46 @@
<?php
namespace External\ZipStream {
use HashContext;
use Objects\AesStream;
class FileStream extends File {
private AesStream $stream;
private HashContext $crc32ctx;
private HashContext $sha256ctx;
public function __construct(AesStream $stream, string $name) {
parent::__construct($name);
$this->stream = $stream;
$this->crc32ctx = hash_init('crc32b');
$this->sha256ctx = hash_init('sha256');
}
public function getStream(): AesStream {
return $this->stream;
}
public function finalize() {
$this->crc32 = hash_final($this->crc32ctx, true);
$this->sha256 = hash_final($this->sha256ctx);
return $this->compress(null);
}
public function processChunk($chunk) {
hash_update($this->crc32ctx, $chunk);
hash_update($this->sha256ctx, $chunk);
$this->fileSize += strlen($chunk);
if ($this->useCompression) {
$chunk = $this->compress($chunk);
}
return $chunk;
}
}
}

60
core/External/ZipStream/ZipStream.php vendored
View File

@@ -23,10 +23,12 @@
namespace External\ZipStream {
class ZipStream {
private $writer = null;
private $files = [];
private array $files = [];
private bool $zip64;
public function __construct($writer) {
public function __construct($writer, $zip64 = false) {
$this->writer = $writer;
$this->zip64 = $zip64;
}
public function saveFile($file) {
@@ -40,32 +42,66 @@ namespace External\ZipStream {
}
}
$file->setOffset($this->writer->offset());
$this->writer->write($file->readLocalFileHeader());
while (($buffer = $file->readFileData()) !== null) {
$this->writer->write($buffer);
$this->writer->write($file->readLocalFileHeader($this->zip64));
if ($file instanceof FileStream) {
$file->getStream()->setOutput(function ($chunk) use ($file) {
$this->writer->write($file->processChunk($chunk));
});
$file->getStream()->start();
$this->writer->write($file->finalize());
} else {
while (($buffer = $file->readFileData()) !== null) {
$this->writer->write($buffer);
}
}
$this->writer->write($file->readDataDescriptor());
$this->writer->write($file->readDataDescriptor($this->zip64));
$this->files[] = $file;
$file->closeHandle();
return true;
}
// Write end of central directory record
public function close() {
$size = 0;
$offset = $this->writer->offset();
foreach ($this->files as $file) {
$size += $this->writer->write($file->readCentralDirectoryHeader());
$size += $this->writer->write($file->readCentralDirectoryHeader($this->zip64));
}
$data = "";
if ($this->zip64) {
// Size = SizeOfFixedFields + SizeOfVariableData - 12.
$centralDirectorySize = 2*2 + 2*4 + 4*8;
$data .= "\x50\x4b\x06\x06";
$data .= pack("P", $centralDirectorySize);
$data .= "\x2d\x00"; // version 2.0 and MS-DOS compatible
$data .= "\x2d\x00"; // version 2.0 and MS-DOS compatible
$data .= "\x00\x00\x00\x00"; //number of disks
$data .= "\x00\x00\x00\x00"; //number of the disk with the start of the central directory
$data .= pack("P", count($this->files)); //total number of entries in the central directory on this disk
$data .= pack("P", count($this->files)); //total number of entries in the central directory
$data .= pack("P", $size); // size of the central directory
$data .= pack("P", $offset); //offset of start of central directory with respect to the starting disk number
// end of central directory locator
$data .= "\x50\x4b\x06\x07";
$data .= "\x00\x00\x00\x00";
$data .= pack("P", $this->writer->offset());
$data .= pack('V', 1); //number of disks
}
$data .= "\x50\x4b\x05\x06";
$data .= "\x00\x00"; //number of disks
$data .= "\x00\x00"; //number of the disk with the start of the central directory
$data .= pack("v", count($this->files)); //total number of entries in the central directory on this disk
$data .= pack("v", count($this->files)); //total number of entries in the central directory
$data .= pack("V", $size); //size of the central directory
$data .= pack("V", $offset); //offset of start of central directory with respect to the starting disk number
$data .= "\x0\x0"; //comment length
$data .= $this->zip64 ? "\xFF\xFF" : pack("v", count($this->files)); //total number of entries in the central directory on this disk
$data .= $this->zip64 ? "\xFF\xFF" : pack("v", count($this->files)); //total number of entries in the central directory
$data .= $this->zip64 ? "\xFF\xFF\xFF\xFF" : pack("V", $size); // size of the central directory
$data .= $this->zip64 ? "\xFF\xFF\xFF\xFF" : pack("V", $offset); //offset of start of central directory with respect to the starting disk number
$data .= "\x00\x00"; //comment length
$this->writer->write($data);
}
}

8
core/External/composer.json vendored Normal file
View File

@@ -0,0 +1,8 @@
{
"require": {
"twig/twig": "^3.0"
},
"require-dev": {
"phpunit/phpunit": "^9.5"
}
}

2269
core/External/composer.lock generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff