1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
--- avelsieve/include/managesieve.lib.php.orig 2016-03-17 16:47:45 UTC
+++ avelsieve/include/managesieve.lib.php
@@ -713,6 +713,20 @@ class sieve {
return true;
}
+ /**
+ * Neil Darlow - 2009/03/26
+ * Changes to Sieve servers to be compliant with draft-managesieve-09.txt
+ * break authenticate() which cannot handle the capability strings received
+ * after AUTHENTICATE under a TLS encrypted session. We ignore capability
+ * strings for each SASL mechanism.
+ */
+ function ignore_capabilities()
+ {
+ if ($this->capabilities['starttls']) do {
+ $line = fgets($this->fp, 1024);
+ } while (strncmp($line, 'OK', 2));
+ }
+
/**
* Perform SASL authentication to SIEVE server.
*
@@ -729,6 +743,7 @@ class sieve {
$this->len=strlen($auth);
fputs($this->fp, 'AUTHENTICATE "PLAIN" {' . $this->len . '+}' . "\r\n");
+ $this->ignore_capabilities();
fputs($this->fp, "$auth\r\n");
$this->line=fgets($this->fp,1024);
@@ -745,6 +760,7 @@ class sieve {
// SASL DIGEST-MD5 support works with timsieved 1.1.0
// follows rfc2831 for generating the $response to $challenge
fputs($this->fp, "AUTHENTICATE \"DIGEST-MD5\"\r\n");
+ $this->ignore_capabilities();
// $clen is length of server challenge, we ignore it.
$clen = fgets($this->fp, 1024);
// read for 2048, rfc2831 max length allowed
@@ -796,6 +812,7 @@ class sieve {
// CRAM-MD5 does not support proxy of $auth by $user
// requires php mhash extension
fputs($this->fp, "AUTHENTICATE \"CRAM-MD5\"\r\n");
+ $this->ignore_capabilities();
// $clen is the length of the challenge line the server gives us
$clen = fgets($this->fp, 1024);
// read for 1024, should be long enough?
@@ -821,6 +838,7 @@ class sieve {
$pass=base64_encode($this->pass);
fputs($this->fp, "AUTHENTICATE \"LOGIN\"\r\n");
+ $this->ignore_capabilities();
fputs($this->fp, "{".strlen($login)."+}\r\n");
fputs($this->fp, "$login\r\n");
fputs($this->fp, "{".strlen($pass)."+}\r\n");
|
