1 /*
2 * PHP Sendmail for Windows.
3 *
4 * This file is rewritten specifically for PHPFI. Some functionality
5 * has been removed (MIME and file attachments). This code was
6 * modified from code based on code written by Jarle Aase.
7 *
8 * This class is based on the original code by Jarle Aase, see below:
9 * wSendmail.cpp It has been striped of some functionality to match
10 * the requirements of phpfi.
11 *
12 * Very simple SMTP Send-mail program for sending command-line level
13 * emails and CGI-BIN form response for the Windows platform.
14 *
15 * The complete wSendmail package with source code can be located
16 * from http://www.jgaa.com
17 *
18 */
19
20 #include "php.h" /*php specific */
21 #include <stdio.h>
22 #include <stdlib.h>
23 #include <winsock2.h>
24 #include "time.h"
25 # include <Ws2tcpip.h>
26 #include <string.h>
27 #include <math.h>
28 #include <malloc.h>
29 #include <winbase.h>
30 #include "sendmail.h"
31 #include "php_ini.h"
32 #include "inet.h"
33
34 #include "php_win32_globals.h"
35
36 #include "ext/pcre/php_pcre.h"
37 #include "ext/standard/php_string.h"
38 #include "ext/date/php_date.h"
39
40 #define SENDMAIL_DEBUG 0
41
42 /*enum
43 {
44 DO_CONNECT = WM_USER +1
45 };
46 */
47
48 /* '*error_message' has to be passed around from php_mail() */
49 #define SMTP_ERROR_RESPONSE_SPEC "SMTP server response: %s"
50 /* Convenient way to handle error messages from the SMTP server.
51 response is ecalloc()d in Ack() itself and efree()d here
52 because the content is in *error_message now */
53 #define SMTP_ERROR_RESPONSE(response) { \
54 if (response && error_message) { \
55 *error_message = ecalloc(1, sizeof(SMTP_ERROR_RESPONSE_SPEC) + strlen(response)); \
56 snprintf(*error_message, sizeof(SMTP_ERROR_RESPONSE_SPEC) + strlen(response), SMTP_ERROR_RESPONSE_SPEC, response); \
57 efree(response); \
58 } \
59 }
60 #define SMTP_SKIP_SPACE(str) { while (isspace(*str)) { str++; } }
61
62
63 char seps[] = " ,\t\n";
64 char *php_mailer = "PHP 7 WIN32";
65
66 /* Error messages */
67 static char *ErrorMessages[] =
68 {
69 {"Success"}, /* 0 */
70 {"Bad arguments from form"}, /* 1 */
71 {"Unable to open temporary mailfile for read"},
72 {"Failed to Start Sockets"},
73 {"Failed to Resolve Host"},
74 {"Failed to obtain socket handle"}, /* 5 */
75 {"Failed to connect to mailserver, verify your \"SMTP\" setting in php.ini"},
76 {"Failed to Send"},
77 {"Failed to Receive"},
78 {"Server Error"},
79 {"Failed to resolve the host IP name"}, /* 10 */
80 {"Out of memory"},
81 {"Unknown error"},
82 {"Bad Message Contents"},
83 {"Bad Message Subject"},
84 {"Bad Message destination"}, /* 15 */
85 {"Bad Message Return Path"},
86 {"Bad Mail Host"},
87 {"Bad Message File"},
88 {"\"sendmail_from\" not set in php.ini or custom \"From:\" header missing"},
89 {"Mailserver rejected our \"sendmail_from\" setting"}, /* 20 */
90 {"Error while trimming mail header with PCRE, please file a bug report at https://github.com/php/php-src/issues"} /* 21 */
91 };
92
93 /* This pattern converts all single occurrences of \n (Unix)
94 * without a leading \r to \r\n and all occurrences of \r (Mac)
95 * without a trailing \n to \r\n
96 * Thx to Nibbler from ircnet/#linuxger
97 */
98 #define PHP_WIN32_MAIL_UNIFY_PATTERN "/(\r\n?)|\n/"
99 #define PHP_WIN32_MAIL_UNIFY_REPLACE "\r\n"
100
101 /* This pattern removes \r\n from the start of the string,
102 * \r\n from the end of the string and also makes sure every line
103 * is only wrapped with a single \r\n (thus reduces multiple
104 * occurrences of \r\n between lines to a single \r\n) */
105 #define PHP_WIN32_MAIL_RMVDBL_PATTERN "/^\r\n|(\r\n)+$/m"
106 #define PHP_WIN32_MAIL_RMVDBL_REPLACE ""
107
108 /* This pattern escapes \n. inside the message body. It prevents
109 * premature end of message if \n.\n or \r\n.\r\n is encountered
110 * and ensures that \n. sequences are properly displayed in the
111 * message body. */
112 #define PHP_WIN32_MAIL_DOT_PATTERN "\n."
113 #define PHP_WIN32_MAIL_DOT_REPLACE "\n.."
114
115 /* This function is meant to unify the headers passed to to mail()
116 * This means, use PCRE to transform single occurrences of \n or \r in \r\n
117 * As a second step we also eliminate all \r\n occurrences which are:
118 * 1) At the start of the header
119 * 2) At the end of the header
120 * 3) Two or more occurrences in the header are removed so only one is left
121 *
122 * Returns NULL on error, or the new char* buffer on success.
123 * You have to take care and efree() the buffer on your own.
124 */
php_win32_mail_trim_header(const char * header)125 static zend_string *php_win32_mail_trim_header(const char *header)
126 {
127 zend_string *result, *result2;
128 zend_string *replace;
129 zend_string *regex;
130
131 if (!header) {
132 return NULL;
133 }
134
135 replace = zend_string_init(PHP_WIN32_MAIL_UNIFY_REPLACE, strlen(PHP_WIN32_MAIL_UNIFY_REPLACE), 0);
136 regex = zend_string_init(PHP_WIN32_MAIL_UNIFY_PATTERN, sizeof(PHP_WIN32_MAIL_UNIFY_PATTERN)-1, 0);
137
138 result = php_pcre_replace(regex,
139 NULL, header, strlen(header),
140 replace,
141 -1,
142 NULL);
143
144 zend_string_release_ex(replace, 0);
145 zend_string_release_ex(regex, 0);
146
147 if (NULL == result) {
148 return NULL;
149 }
150
151 replace = zend_string_init(PHP_WIN32_MAIL_RMVDBL_PATTERN, strlen(PHP_WIN32_MAIL_RMVDBL_PATTERN), 0);
152 regex = zend_string_init(PHP_WIN32_MAIL_RMVDBL_PATTERN, sizeof(PHP_WIN32_MAIL_RMVDBL_PATTERN)-1, 0);
153
154 result2 = php_pcre_replace(regex,
155 result, ZSTR_VAL(result), ZSTR_LEN(result),
156 replace,
157 -1,
158 NULL);
159 zend_string_release_ex(replace, 0);
160 zend_string_release_ex(regex, 0);
161 zend_string_release_ex(result, 0);
162
163 return result2;
164 }
165
166 /*********************************************************************
167 // Name: TSendMail
168 // Input: 1) host: Name of the mail host where the SMTP server resides
169 // max accepted length of name = 256
170 // 2) appname: Name of the application to use in the X-mailer
171 // field of the message. if NULL is given the application
172 // name is used as given by the GetCommandLine() function
173 // max accepted length of name = 100
174 // Output: 1) error: Returns the error code if something went wrong or
175 // SUCCESS otherwise.
176 //
177 // See SendText() for additional args!
178 //********************************************************************/
TSendMail(const char * host,int * error,char ** error_message,const char * headers,const char * Subject,const char * mailTo,const char * data,char * mailCc,char * mailBcc,char * mailRPath)179 PHPAPI int TSendMail(const char *host, int *error, char **error_message,
180 const char *headers, const char *Subject, const char *mailTo, const char *data,
181 char *mailCc, char *mailBcc, char *mailRPath)
182 {
183 int ret;
184 char *RPath = NULL;
185 zend_string *headers_lc = NULL, *headers_trim = NULL; /* headers_lc is only created if we've a header at all */
186 const char *pos1 = NULL, *pos2 = NULL;
187
188 if (host == NULL) {
189 *error = BAD_MAIL_HOST;
190 return FAILURE;
191 } else if (strlen(host) >= HOST_NAME_LEN) {
192 *error = BAD_MAIL_HOST;
193 return FAILURE;
194 } else {
195 strcpy(PW32G(mail_host), host);
196 }
197
198 if (headers) {
199 char *pos = NULL;
200
201 /* Use PCRE to trim the header into the right format */
202 if (NULL == (headers_trim = php_win32_mail_trim_header(headers))) {
203 *error = W32_SM_PCRE_ERROR;
204 return FAILURE;
205 }
206
207 /* Create a lowercased header for all the searches so we're finally case
208 * insensitive when searching for a pattern. */
209 headers_lc = zend_string_tolower(headers_trim);
210 }
211
212 /* Fall back to sendmail_from php.ini setting */
213 if (mailRPath && *mailRPath) {
214 RPath = estrdup(mailRPath);
215 } else if (INI_STR("sendmail_from")) {
216 RPath = estrdup(INI_STR("sendmail_from"));
217 } else if (headers_lc) {
218 int found = 0;
219 const char *lookup = ZSTR_VAL(headers_lc);
220
221 while (lookup) {
222 pos1 = strstr(lookup, "from:");
223
224 if (!pos1) {
225 break;
226 } else if (pos1 != ZSTR_VAL(headers_lc) && *(pos1-1) != '\n') {
227 if (strlen(pos1) >= sizeof("from:")) {
228 lookup = pos1 + sizeof("from:");
229 continue;
230 } else {
231 break;
232 }
233 }
234
235 found = 1;
236
237 /* Real offset is memaddress from the original headers + difference of
238 * string found in the lowercase headers + 5 characters to jump over
239 * the from: */
240 pos1 = headers + (pos1 - lookup) + 5;
241 if (NULL == (pos2 = strstr(pos1, "\r\n"))) {
242 RPath = estrndup(pos1, strlen(pos1));
243 } else {
244 RPath = estrndup(pos1, pos2 - pos1);
245 }
246
247 break;
248 }
249
250 if (!found) {
251 if (headers) {
252 zend_string_release(headers_trim);
253 zend_string_release(headers_lc);
254 }
255 *error = W32_SM_SENDMAIL_FROM_NOT_SET;
256 return FAILURE;
257 }
258 }
259
260 /* attempt to connect with mail host */
261 *error = MailConnect();
262 if (*error != 0) {
263 if (RPath) {
264 efree(RPath);
265 }
266 if (headers) {
267 zend_string_release(headers_trim);
268 zend_string_release(headers_lc);
269 }
270 /* 128 is safe here, the specifier in snprintf isn't longer than that */
271 *error_message = ecalloc(1, HOST_NAME_LEN + 128);
272 snprintf(*error_message, HOST_NAME_LEN + 128,
273 "Failed to connect to mailserver at \"%s\" port " ZEND_ULONG_FMT ", verify your \"SMTP\" "
274 "and \"smtp_port\" setting in php.ini or use ini_set()",
275 PW32G(mail_host), !INI_INT("smtp_port") ? 25 : INI_INT("smtp_port"));
276 return FAILURE;
277 } else {
278 ret = SendText(RPath, Subject, mailTo, mailCc, mailBcc, data, headers ? ZSTR_VAL(headers_trim) : NULL, headers ? ZSTR_VAL(headers_lc) : NULL, error_message);
279 TSMClose();
280 if (RPath) {
281 efree(RPath);
282 }
283 if (headers) {
284 zend_string_release(headers_trim);
285 zend_string_release(headers_lc);
286 }
287 if (ret != SUCCESS) {
288 *error = ret;
289 return FAILURE;
290 }
291 return SUCCESS;
292 }
293 }
294
295 //********************************************************************
296 // Name: TSendMail::~TSendMail
297 // Input:
298 // Output:
299 // Description: DESTRUCTOR
300 // Author/Date: jcar 20/9/96
301 // History:
302 //********************************************************************/
TSMClose(void)303 PHPAPI void TSMClose(void)
304 {
305 Post("QUIT\r\n");
306 Ack(NULL);
307 /* to guarantee that the cleanup is not made twice and
308 compromise the rest of the application if sockets are used
309 elsewhere
310 */
311
312 shutdown(PW32G(mail_socket), 0);
313 closesocket(PW32G(mail_socket));
314 }
315
316
317 /*********************************************************************
318 // Name: char *GetSMErrorText
319 // Input: Error index returned by the member functions
320 // Output: pointer to a string containing the error description
321 // Description:
322 // Author/Date: jcar 20/9/96
323 // History:
324 //*******************************************************************/
GetSMErrorText(int index)325 PHPAPI char *GetSMErrorText(int index)
326 {
327 if (MIN_ERROR_INDEX <= index && index < MAX_ERROR_INDEX) {
328 return (ErrorMessages[index]);
329
330 } else {
331 return (ErrorMessages[UNKNOWN_ERROR]);
332
333 }
334 }
335
336 /* strtok_r like, but recognizes quoted-strings */
find_address(char * list,char ** state)337 static char *find_address(char *list, char **state)
338 {
339 bool in_quotes = 0;
340 char *p = list;
341
342 if (list == NULL) {
343 if (*state == NULL) {
344 return NULL;
345 }
346 p = list = *state;
347 }
348 *state = NULL;
349 while ((p = strpbrk(p, ",\"\\")) != NULL) {
350 if (*p == '\\' && in_quotes) {
351 if (p[1] == '\0') {
352 /* invalid address; let SMTP server deal with it */
353 break;
354 }
355 p++;
356 } else if (*p == '"') {
357 in_quotes = !in_quotes;
358 } else if (*p == ',' && !in_quotes) {
359 *p = '\0';
360 *state = p + 1;
361 break;
362 }
363 p++;
364 }
365 return list;
366 }
367
368 /*********************************************************************
369 // Name: SendText
370 // Input: 1) RPath: return path of the message
371 // Is used to fill the "Return-Path" and the
372 // "X-Sender" fields of the message.
373 // 2) Subject: Subject field of the message. If NULL is given
374 // the subject is set to "No Subject"
375 // 3) mailTo: Destination address
376 // 4) data: Null terminated string containing the data to be send.
377 // 5,6) headers of the message. Note that the second
378 // parameter, headers_lc, is actually a lowercased version of
379 // headers. The should match exactly (in terms of length),
380 // only differ in case
381 // Output: Error code or SUCCESS
382 // Description:
383 // Author/Date: jcar 20/9/96
384 // History:
385 //*******************************************************************/
SendText(char * RPath,const char * Subject,const char * mailTo,char * mailCc,char * mailBcc,const char * data,const char * headers,char * headers_lc,char ** error_message)386 static int SendText(char *RPath, const char *Subject, const char *mailTo, char *mailCc, char *mailBcc, const char *data,
387 const char *headers, char *headers_lc, char **error_message)
388 {
389 int res;
390 char *p;
391 char *tempMailTo, *token, *token_state;
392 const char *pos1, *pos2;
393 char *server_response = NULL;
394 char *stripped_header = NULL;
395 zend_string *data_cln;
396
397 /* check for NULL parameters */
398 if (data == NULL)
399 return (BAD_MSG_CONTENTS);
400 if (mailTo == NULL)
401 return (BAD_MSG_DESTINATION);
402 if (RPath == NULL)
403 return (BAD_MSG_RPATH);
404
405 /* simple checks for the mailto address */
406 /* have ampersand ? */
407 /* mfischer, 20020514: I commented this out because it really
408 seems bogus. Only a username for example may still be a
409 valid address at the destination system.
410 if (strchr(mailTo, '@') == NULL)
411 return (BAD_MSG_DESTINATION);
412 */
413
414 snprintf(PW32G(mail_buffer), sizeof(PW32G(mail_buffer)), "HELO %s\r\n", PW32G(mail_local_host));
415
416 /* in the beginning of the dialog */
417 /* attempt reconnect if the first Post fail */
418 if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
419 int err = MailConnect();
420 if (0 != err) {
421 return (FAILED_TO_SEND);
422 }
423
424 if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
425 return (res);
426 }
427 }
428 if ((res = Ack(&server_response)) != SUCCESS) {
429 SMTP_ERROR_RESPONSE(server_response);
430 return (res);
431 }
432
433 SMTP_SKIP_SPACE(RPath);
434 FormatEmailAddress(PW32G(mail_buffer), RPath, "MAIL FROM:<%s>\r\n");
435 if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
436 return (res);
437 }
438 if ((res = Ack(&server_response)) != SUCCESS) {
439 SMTP_ERROR_RESPONSE(server_response);
440 return W32_SM_SENDMAIL_FROM_MALFORMED;
441 }
442
443 tempMailTo = estrdup(mailTo);
444 /* Send mail to all rcpt's */
445 token = find_address(tempMailTo, &token_state);
446 while (token != NULL)
447 {
448 SMTP_SKIP_SPACE(token);
449 FormatEmailAddress(PW32G(mail_buffer), token, "RCPT TO:<%s>\r\n");
450 if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
451 efree(tempMailTo);
452 return (res);
453 }
454 if ((res = Ack(&server_response)) != SUCCESS) {
455 SMTP_ERROR_RESPONSE(server_response);
456 efree(tempMailTo);
457 return (res);
458 }
459 token = find_address(NULL, &token_state);
460 }
461 efree(tempMailTo);
462
463 if (mailCc && *mailCc) {
464 tempMailTo = estrdup(mailCc);
465 /* Send mail to all rcpt's */
466 token = find_address(tempMailTo, &token_state);
467 while (token != NULL)
468 {
469 SMTP_SKIP_SPACE(token);
470 FormatEmailAddress(PW32G(mail_buffer), token, "RCPT TO:<%s>\r\n");
471 if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
472 efree(tempMailTo);
473 return (res);
474 }
475 if ((res = Ack(&server_response)) != SUCCESS) {
476 SMTP_ERROR_RESPONSE(server_response);
477 efree(tempMailTo);
478 return (res);
479 }
480 token = find_address(NULL, &token_state);
481 }
482 efree(tempMailTo);
483 }
484 /* Send mail to all Cc rcpt's */
485 else if (headers && (pos1 = strstr(headers_lc, "cc:")) && ((pos1 == headers_lc) || (*(pos1-1) == '\n'))) {
486 /* Real offset is memaddress from the original headers + difference of
487 * string found in the lowercase headers + 3 characters to jump over
488 * the cc: */
489 pos1 = headers + (pos1 - headers_lc) + 3;
490 if (NULL == (pos2 = strstr(pos1, "\r\n"))) {
491 tempMailTo = estrndup(pos1, strlen(pos1));
492 } else {
493 char *pos3;
494 while (pos2[2] == ' ' || pos2[2] == '\t') {
495 pos3 = strstr(pos2 + 2, "\r\n");
496 if (pos3 != NULL) {
497 pos2 = pos3;
498 } else {
499 pos2 += strlen(pos2);
500 break;
501 }
502 }
503 tempMailTo = estrndup(pos1, pos2 - pos1);
504 }
505
506 token = find_address(tempMailTo, &token_state);
507 while (token != NULL)
508 {
509 SMTP_SKIP_SPACE(token);
510 FormatEmailAddress(PW32G(mail_buffer), token, "RCPT TO:<%s>\r\n");
511 if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
512 efree(tempMailTo);
513 return (res);
514 }
515 if ((res = Ack(&server_response)) != SUCCESS) {
516 SMTP_ERROR_RESPONSE(server_response);
517 efree(tempMailTo);
518 return (res);
519 }
520 token = find_address(NULL,&token_state);
521 }
522 efree(tempMailTo);
523 }
524
525 /* Send mail to all Bcc rcpt's
526 This is basically a rip of the Cc code above.
527 Just don't forget to remove the Bcc: from the header afterwards. */
528 if (mailBcc && *mailBcc) {
529 tempMailTo = estrdup(mailBcc);
530 /* Send mail to all rcpt's */
531 token = find_address(tempMailTo, &token_state);
532 while (token != NULL)
533 {
534 SMTP_SKIP_SPACE(token);
535 FormatEmailAddress(PW32G(mail_buffer), token, "RCPT TO:<%s>\r\n");
536 if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
537 efree(tempMailTo);
538 return (res);
539 }
540 if ((res = Ack(&server_response)) != SUCCESS) {
541 SMTP_ERROR_RESPONSE(server_response);
542 efree(tempMailTo);
543 return (res);
544 }
545 token = find_address(NULL, &token_state);
546 }
547 efree(tempMailTo);
548 }
549 else if (headers) {
550 if ((pos1 = strstr(headers_lc, "bcc:")) && (pos1 == headers_lc || *(pos1-1) == '\n')) {
551 /* Real offset is memaddress from the original headers + difference of
552 * string found in the lowercase headers + 4 characters to jump over
553 * the bcc: */
554 pos1 = headers + (pos1 - headers_lc) + 4;
555 if (NULL == (pos2 = strstr(pos1, "\r\n"))) {
556 tempMailTo = estrndup(pos1, strlen(pos1));
557 /* Later, when we remove the Bcc: out of the
558 header we know it was the last thing. */
559 pos2 = pos1;
560 } else {
561 const char *pos3 = pos2;
562 while (pos2[2] == ' ' || pos2[2] == '\t') {
563 pos3 = strstr(pos2 + 2, "\r\n");
564 if (pos3 != NULL) {
565 pos2 = pos3;
566 } else {
567 pos2 += strlen(pos2);
568 break;
569 }
570 }
571 tempMailTo = estrndup(pos1, pos2 - pos1);
572 if (pos3 == NULL) {
573 /* Later, when we remove the Bcc: out of the
574 header we know it was the last thing. */
575 pos2 = pos1;
576 }
577 }
578
579 token = find_address(tempMailTo, &token_state);
580 while (token != NULL)
581 {
582 SMTP_SKIP_SPACE(token);
583 FormatEmailAddress(PW32G(mail_buffer), token, "RCPT TO:<%s>\r\n");
584 if ((res = Post(PW32G(mail_buffer))) != SUCCESS) {
585 efree(tempMailTo);
586 return (res);
587 }
588 if ((res = Ack(&server_response)) != SUCCESS) {
589 SMTP_ERROR_RESPONSE(server_response);
590 efree(tempMailTo);
591 return (res);
592 }
593 token = find_address(NULL, &token_state);
594 }
595 efree(tempMailTo);
596
597 /* Now that we've identified that we've a Bcc list,
598 remove it from the current header. */
599 stripped_header = ecalloc(1, strlen(headers));
600 /* headers = point to string start of header
601 pos1 = pointer IN headers where the Bcc starts
602 '4' = Length of the characters 'bcc:'
603 Because we've added +4 above for parsing the Emails
604 we've to subtract them here. */
605 memcpy(stripped_header, headers, pos1 - headers - 4);
606 if (pos1 != pos2) {
607 /* if pos1 != pos2 , pos2 points to the rest of the headers.
608 Since pos1 != pos2 if "\r\n" was found, we know those characters
609 are there and so we jump over them (else we would generate a new header
610 which would look like "\r\n\r\n". */
611 memcpy(stripped_header + (pos1 - headers - 4), pos2 + 2, strlen(pos2) - 2);
612 }
613 }
614 }
615
616 /* Simplify the code that we create a copy of stripped_header no matter if
617 we actually strip something or not. So we've a single efree() later. */
618 if (headers && !stripped_header) {
619 stripped_header = estrndup(headers, strlen(headers));
620 }
621
622 if ((res = Post("DATA\r\n")) != SUCCESS) {
623 if (stripped_header) {
624 efree(stripped_header);
625 }
626 return (res);
627 }
628 if ((res = Ack(&server_response)) != SUCCESS) {
629 SMTP_ERROR_RESPONSE(server_response);
630 if (stripped_header) {
631 efree(stripped_header);
632 }
633 return (res);
634 }
635
636 /* send message header */
637 if (Subject == NULL) {
638 res = PostHeader(RPath, "No Subject", mailTo, stripped_header);
639 } else {
640 res = PostHeader(RPath, Subject, mailTo, stripped_header);
641 }
642 if (stripped_header) {
643 efree(stripped_header);
644 }
645 if (res != SUCCESS) {
646 return (res);
647 }
648
649 /* Escape \n. sequences
650 * We use php_str_to_str() and not php_str_replace_in_subject(), since the latter
651 * uses ZVAL as it's parameters */
652 data_cln = php_str_to_str(data, strlen(data), PHP_WIN32_MAIL_DOT_PATTERN, sizeof(PHP_WIN32_MAIL_DOT_PATTERN) - 1,
653 PHP_WIN32_MAIL_DOT_REPLACE, sizeof(PHP_WIN32_MAIL_DOT_REPLACE) - 1);
654 if (!data_cln) {
655 data_cln = ZSTR_EMPTY_ALLOC();
656 }
657
658 /* send message contents in 1024 chunks */
659 {
660 char c, *e2, *e = ZSTR_VAL(data_cln) + ZSTR_LEN(data_cln);
661 p = ZSTR_VAL(data_cln);
662
663 while (e - p > 1024) {
664 e2 = p + 1024;
665 c = *e2;
666 *e2 = '\0';
667 if ((res = Post(p)) != SUCCESS) {
668 zend_string_free(data_cln);
669 return(res);
670 }
671 *e2 = c;
672 p = e2;
673 }
674 if ((res = Post(p)) != SUCCESS) {
675 zend_string_free(data_cln);
676 return(res);
677 }
678 }
679
680 zend_string_free(data_cln);
681
682 /*send termination dot */
683 if ((res = Post("\r\n.\r\n")) != SUCCESS)
684 return (res);
685 if ((res = Ack(&server_response)) != SUCCESS) {
686 SMTP_ERROR_RESPONSE(server_response);
687 return (res);
688 }
689
690 return (SUCCESS);
691 }
692
addToHeader(char ** header_buffer,const char * specifier,const char * string)693 static int addToHeader(char **header_buffer, const char *specifier, const char *string)
694 {
695 *header_buffer = erealloc(*header_buffer, strlen(*header_buffer) + strlen(specifier) + strlen(string) + 1);
696 sprintf(*header_buffer + strlen(*header_buffer), specifier, string);
697 return 1;
698 }
699
700 /*********************************************************************
701 // Name: PostHeader
702 // Input: 1) return path
703 // 2) Subject
704 // 3) destination address
705 // 4) headers
706 // Output: Error code or Success
707 // Description:
708 // Author/Date: jcar 20/9/96
709 // History:
710 //********************************************************************/
PostHeader(char * RPath,const char * Subject,const char * mailTo,char * xheaders)711 static int PostHeader(char *RPath, const char *Subject, const char *mailTo, char *xheaders)
712 {
713 /* Print message header according to RFC 822 */
714 /* Return-path, Received, Date, From, Subject, Sender, To, cc */
715
716 int res;
717 char *header_buffer;
718 char *headers_lc = NULL;
719 size_t i;
720
721 if (xheaders) {
722 size_t headers_lc_len;
723
724 headers_lc = estrdup(xheaders);
725 headers_lc_len = strlen(headers_lc);
726
727 for (i = 0; i < headers_lc_len; i++) {
728 headers_lc[i] = tolower(headers_lc[i]);
729 }
730 }
731
732 header_buffer = ecalloc(1, MAIL_BUFFER_SIZE);
733
734 if (!xheaders || !strstr(headers_lc, "date:")) {
735 time_t tNow = time(NULL);
736 zend_string *dt = php_format_date("r", 1, tNow, 1);
737
738 snprintf(header_buffer, MAIL_BUFFER_SIZE, "Date: %s\r\n", ZSTR_VAL(dt));
739 zend_string_free(dt);
740 }
741
742 if (!headers_lc || !strstr(headers_lc, "from:")) {
743 if (!addToHeader(&header_buffer, "From: %s\r\n", RPath)) {
744 goto PostHeader_outofmem;
745 }
746 }
747 if (!addToHeader(&header_buffer, "Subject: %s\r\n", Subject)) {
748 goto PostHeader_outofmem;
749 }
750
751 /* Only add the To: field from the $to parameter if isn't in the custom headers */
752 if ((headers_lc && (!strstr(headers_lc, "\r\nto:") && (strncmp(headers_lc, "to:", 3) != 0))) || !headers_lc) {
753 if (!addToHeader(&header_buffer, "To: %s\r\n", mailTo)) {
754 goto PostHeader_outofmem;
755 }
756 }
757 if (xheaders) {
758 if (!addToHeader(&header_buffer, "%s\r\n", xheaders)) {
759 goto PostHeader_outofmem;
760 }
761 }
762
763 if (headers_lc) {
764 efree(headers_lc);
765 }
766 if ((res = Post(header_buffer)) != SUCCESS) {
767 efree(header_buffer);
768 return (res);
769 }
770 efree(header_buffer);
771
772 if ((res = Post("\r\n")) != SUCCESS) {
773 return (res);
774 }
775
776 return (SUCCESS);
777
778 PostHeader_outofmem:
779 if (headers_lc) {
780 efree(headers_lc);
781 }
782 return OUT_OF_MEMORY;
783 }
784
785
786
787 /*********************************************************************
788 // Name: MailConnect
789 // Input: None
790 // Output: None
791 // Description: Connect to the mail host and receive the welcome message.
792 // Author/Date: jcar 20/9/96
793 // History:
794 //********************************************************************/
MailConnect()795 static int MailConnect()
796 {
797
798 int res, namelen;
799 short portnum;
800 struct hostent *ent;
801 IN_ADDR addr;
802 #ifdef HAVE_IPV6
803 IN6_ADDR addr6;
804 #endif
805 SOCKADDR_IN sock_in;
806
807 #if SENDMAIL_DEBUG
808 return 0;
809 #endif
810
811 /* Create Socket */
812 if ((PW32G(mail_socket) = socket(PF_INET, SOCK_STREAM, 0)) == INVALID_SOCKET) {
813 return (FAILED_TO_OBTAIN_SOCKET_HANDLE);
814 }
815
816 /* Get our own host name */
817 if (gethostname(PW32G(mail_local_host), HOST_NAME_LEN)) {
818 closesocket(PW32G(mail_socket));
819 return (FAILED_TO_GET_HOSTNAME);
820 }
821
822 ent = gethostbyname(PW32G(mail_local_host));
823
824 if (!ent) {
825 closesocket(PW32G(mail_socket));
826 return (FAILED_TO_GET_HOSTNAME);
827 }
828
829 namelen = (int)strlen(ent->h_name);
830
831 #ifdef HAVE_IPV6
832 if (inet_pton(AF_INET, ent->h_name, &addr) == 1 || inet_pton(AF_INET6, ent->h_name, &addr6) == 1)
833 #else
834 if (inet_pton(AF_INET, ent->h_name, &addr) == 1)
835 #endif
836 {
837 if (namelen + 2 >= HOST_NAME_LEN) {
838 closesocket(PW32G(mail_socket));
839 return (FAILED_TO_GET_HOSTNAME);
840 }
841
842 strcpy(PW32G(mail_local_host), "[");
843 strcpy(PW32G(mail_local_host) + 1, ent->h_name);
844 strcpy(PW32G(mail_local_host) + namelen + 1, "]");
845 } else {
846 if (namelen >= HOST_NAME_LEN) {
847 closesocket(PW32G(mail_socket));
848 return (FAILED_TO_GET_HOSTNAME);
849 }
850
851 strcpy(PW32G(mail_local_host), ent->h_name);
852 }
853
854 /* Resolve the servers IP */
855 /*
856 if (!isdigit(PW32G(mail_host)[0])||!gethostbyname(PW32G(mail_host)))
857 {
858 return (FAILED_TO_RESOLVE_HOST);
859 }
860 */
861
862 portnum = (short) INI_INT("smtp_port");
863 if (!portnum) {
864 portnum = 25;
865 }
866
867 /* Connect to server */
868 sock_in.sin_family = AF_INET;
869 sock_in.sin_port = htons(portnum);
870 sock_in.sin_addr.S_un.S_addr = GetAddr(PW32G(mail_host));
871
872 if (connect(PW32G(mail_socket), (LPSOCKADDR) & sock_in, sizeof(sock_in))) {
873 closesocket(PW32G(mail_socket));
874 return (FAILED_TO_CONNECT);
875 }
876
877 /* receive Server welcome message */
878 res = Ack(NULL);
879 return (res);
880 }
881
882
883 /*********************************************************************
884 // Name: Post
885 // Input:
886 // Output:
887 // Description:
888 // Author/Date: jcar 20/9/96
889 // History:
890 //********************************************************************/
Post(LPCSTR msg)891 static int Post(LPCSTR msg)
892 {
893 int len = (int)strlen(msg);
894 int slen;
895 int index = 0;
896
897 #if SENDMAIL_DEBUG
898 if (msg)
899 printf("POST: '%s'\n", msg);
900 return (SUCCESS);
901 #endif
902
903 while (len > 0) {
904 if ((slen = send(PW32G(mail_socket), msg + index, len, 0)) < 1)
905 return (FAILED_TO_SEND);
906 len -= slen;
907 index += slen;
908 }
909 return (SUCCESS);
910 }
911
912
913
914 /*********************************************************************
915 // Name: Ack
916 // Input:
917 // Output:
918 // Description:
919 // Get the response from the server. We only want to know if the
920 // last command was successful.
921 // Author/Date: jcar 20/9/96
922 // History:
923 //********************************************************************/
Ack(char ** server_response)924 static int Ack(char **server_response)
925 {
926 ZEND_TLS char buf[MAIL_BUFFER_SIZE];
927 int rlen;
928 int Index = 0;
929 int Received = 0;
930
931 #if SENDMAIL_DEBUG
932 return (SUCCESS);
933 #endif
934
935 again:
936
937 if ((rlen = recv(PW32G(mail_socket), buf + Index, ((MAIL_BUFFER_SIZE) - 1) - Received, 0)) < 1) {
938 return (FAILED_TO_RECEIVE);
939 }
940 Received += rlen;
941 buf[Received] = 0;
942 /*err_msg fprintf(stderr,"Received: (%d bytes) %s", rlen, buf + Index); */
943
944 /* Check for newline */
945 Index += rlen;
946
947 /* SMTP RFC says \r\n is the only valid line ending, who are we to argue ;)
948 * The response code must contain at least 5 characters ex. 220\r\n */
949 if (Received < 5 || buf[Received - 1] != '\n' || buf[Received - 2] != '\r') {
950 goto again;
951 }
952
953 if (buf[0] > '3') {
954 /* If we've a valid pointer, return the SMTP server response so the error message contains more information */
955 if (server_response) {
956 int dec = 0;
957 /* See if we have something like \r, \n, \r\n or \n\r at the end of the message and chop it off */
958 if (Received > 2) {
959 if (buf[Received-1] == '\n' || buf[Received-1] == '\r') {
960 dec++;
961 if (buf[Received-2] == '\r' || buf[Received-2] == '\n') {
962 dec++;
963 }
964 }
965
966 }
967 *server_response = estrndup(buf, Received - dec);
968 }
969 return (SMTP_SERVER_ERROR);
970 }
971
972 return (SUCCESS);
973 }
974
975
976 /*********************************************************************
977 // Name: unsigned long GetAddr (LPSTR szHost)
978 // Input:
979 // Output:
980 // Description: Given a string, it will return an IP address.
981 // - first it tries to convert the string directly
982 // - if that fails, it tries o resolve it as a hostname
983 //
984 // WARNING: gethostbyname() is a blocking function
985 // Author/Date: jcar 20/9/96
986 // History:
987 //********************************************************************/
GetAddr(LPSTR szHost)988 static unsigned long GetAddr(LPSTR szHost)
989 {
990 LPHOSTENT lpstHost;
991 u_long lAddr = INADDR_ANY;
992
993 /* check that we have a string */
994 if (*szHost) {
995
996 /* check for a dotted-IP address string */
997 lAddr = inet_addr(szHost);
998
999 /* If not an address, then try to resolve it as a hostname */
1000 if ((lAddr == INADDR_NONE) && (strcmp(szHost, "255.255.255.255"))) {
1001
1002 lpstHost = gethostbyname(szHost);
1003 if (lpstHost) { /* success */
1004 lAddr = *((u_long FAR *) (lpstHost->h_addr));
1005 } else {
1006 lAddr = INADDR_ANY; /* failure */
1007 }
1008 }
1009 }
1010 return (lAddr);
1011 } /* end GetAddr() */
1012
1013 /* returns the contents of an angle-addr (caller needs to efree) or NULL */
get_angle_addr(char * address)1014 static char *get_angle_addr(char *address)
1015 {
1016 bool in_quotes = 0;
1017 char *p1 = address, *p2;
1018
1019 while ((p1 = strpbrk(p1, "<\"\\")) != NULL) {
1020 if (*p1 == '\\' && in_quotes) {
1021 if (p1[1] == '\0') {
1022 /* invalid address; let SMTP server deal with it */
1023 return NULL;
1024 }
1025 p1++;
1026 } else if (*p1 == '"') {
1027 in_quotes = !in_quotes;
1028 } else if (*p1 == '<' && !in_quotes) {
1029 break;
1030 }
1031 p1++;
1032 }
1033 if (p1 == NULL) return NULL;
1034 p2 = ++p1;
1035 while ((p2 = strpbrk(p2, ">\"\\")) != NULL) {
1036 if (*p2 == '\\' && in_quotes) {
1037 if (p2[1] == '\0') {
1038 /* invalid address; let SMTP server deal with it */
1039 return NULL;
1040 }
1041 p2++;
1042 } else if (*p2 == '"') {
1043 in_quotes = !in_quotes;
1044 } else if (*p2 == '>' && !in_quotes) {
1045 break;
1046 }
1047 p2++;
1048 }
1049 if (p2 == NULL) return NULL;
1050
1051 return estrndup(p1, p2 - p1);
1052 }
1053
1054 /*********************************************************************
1055 // Name: int FormatEmailAddress
1056 // Input:
1057 // Output:
1058 // Description: Formats the email address to remove any content outside
1059 // of the angle brackets < > as per RFC 2821.
1060 //
1061 // Returns the invalidly formatted mail address if the < > are
1062 // unbalanced (the SMTP server should reject it if it's out of spec.)
1063 //
1064 // Author/Date: garretts 08/18/2009
1065 // History:
1066 //********************************************************************/
FormatEmailAddress(char * Buf,char * EmailAddress,char * FormatString)1067 static int FormatEmailAddress(char* Buf, char* EmailAddress, char* FormatString) {
1068 char *tmpAddress;
1069 int result;
1070
1071 if ((tmpAddress = get_angle_addr(EmailAddress)) != NULL) {
1072 result = snprintf(Buf, MAIL_BUFFER_SIZE, FormatString, tmpAddress);
1073 efree(tmpAddress);
1074 return result;
1075 }
1076 return snprintf(Buf, MAIL_BUFFER_SIZE , FormatString , EmailAddress );
1077 } /* end FormatEmailAddress() */
1078
