From db1a87cd6c506f2afbd1a37c64cb56ae11120b49 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Fri, 17 Dec 2010 10:07:04 -0500
Subject: [PATCH] Update branch for 0.5-rc release

---
 program/include/rcmail.php |   62 ++++++++++++++++++++-----------
 1 files changed, 40 insertions(+), 22 deletions(-)

diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index 1b11ca3..0eecd8d 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -501,8 +501,8 @@
     // can save time detecting them using NAMESPACE and LIST
     $options = array(
       'auth_method' => $this->config->get('imap_auth_type', 'check'),
-      'delimiter'   => isset($_SESSION['imap_delimiter']) ? $_SESSION['imap_delimiter'] : $this->config->get('imap_delimiter'),
-      'rootdir'     => isset($_SESSION['imap_root']) ? $_SESSION['imap_root'] : $this->config->get('imap_root'),
+      'auth_cid'    => $this->config->get('imap_auth_cid'),
+      'auth_pw'     => $this->config->get('imap_auth_pw'),
       'debug_mode'  => (bool) $this->config->get('imap_debug', 0),
       'force_caps'  => (bool) $this->config->get('imap_force_caps'),
       'timeout'     => (int) $this->config->get('imap_timeout', 0),
@@ -542,7 +542,7 @@
     if ($_SESSION['imap_host'] && !$this->imap->conn->connected()) {
       if (!$this->imap->connect($_SESSION['imap_host'], $_SESSION['username'], $this->decrypt($_SESSION['password']), $_SESSION['imap_port'], $_SESSION['imap_ssl'])) {
         if ($this->output)
-          $this->output->show_message($this->imap->error_code == -1 ? 'imaperror' : 'sessionerror', 'error');
+          $this->output->show_message($this->imap->get_error_code() == -1 ? 'imaperror' : 'sessionerror', 'error');
       }
       else {
         $this->set_imap_prop();
@@ -678,10 +678,26 @@
         $username .= '@'.rcube_parse_host($config['username_domain']);
     }
 
+    // Convert username to lowercase. If IMAP backend
+    // is case-insensitive we need to store always the same username (#1487113)
+    if ($config['login_lc']) {
+      $username = mb_strtolower($username);
+    }
+
     // try to resolve email address from virtuser table
-    if (strpos($username, '@'))
-      if ($virtuser = rcube_user::email2user($username))
-        $username = $virtuser;
+    if (strpos($username, '@') && ($virtuser = rcube_user::email2user($username))) {
+      $username = $virtuser;
+    }
+
+    // Here we need IDNA ASCII
+    // Only rcube_contacts class is using domain names in Unicode
+    $host = idn_to_ascii($host);
+    if (strpos($username, '@')) {
+      // lowercase domain name
+      list($local, $domain) = explode('@', $username);
+      $username = $local . '@' . mb_strtolower($domain);
+      $username = idn_to_ascii($username);
+    }
 
     // user already registered -> overwrite username
     if ($user = rcube_user::query($username, $host))
@@ -690,18 +706,18 @@
     if (!$this->imap)
       $this->imap_init();
 
-    // Here we need IDNA ASCII
-    // Only rcube_contacts class is using domain names in Unicode
-    $host = idn_to_ascii($host);
-    if (strpos($username, '@'))
-      $username = idn_to_ascii($username);
-
     // try IMAP login
     if (!($imap_login = $this->imap->connect($host, $username, $pass, $imap_port, $imap_ssl))) {
-      // lowercase username if it's an e-mail address (#1484473)
+      // try with lowercase
       $username_lc = mb_strtolower($username);
-      if ($username_lc != $username && ($imap_login = $this->imap->connect($host, $username_lc, $pass, $imap_port, $imap_ssl)))
-        $username = $username_lc;
+      if ($username_lc != $username) {
+        // try to find user record again -> overwrite username
+        if (!$user && ($user = rcube_user::query($username_lc, $host)))
+          $username_lc = $user->data['username'];
+
+        if ($imap_login = $this->imap->connect($host, $username_lc, $pass, $imap_port, $imap_ssl))
+          $username = $username_lc;
+      }
     }
 
     // exit if IMAP login failed
@@ -778,16 +794,12 @@
     if ($default_folders = $this->config->get('default_imap_folders')) {
       $this->imap->set_default_mailboxes($default_folders);
     }
-    if (!empty($_SESSION['mbox'])) {
+    if (isset($_SESSION['mbox'])) {
       $this->imap->set_mailbox($_SESSION['mbox']);
     }
     if (isset($_SESSION['page'])) {
       $this->imap->set_page($_SESSION['page']);
     }
-
-    // cache IMAP root and delimiter in session for performance reasons
-    $_SESSION['imap_root'] = $this->imap->root_dir;
-    $_SESSION['imap_delimiter'] = $this->imap->delimiter;
   }
 
 
@@ -1203,8 +1215,14 @@
     if (function_exists('mcrypt_module_open') &&
         ($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, "")))
     {
-      $iv = substr($cipher, 0, mcrypt_enc_get_iv_size($td));
-      $cipher = substr($cipher, mcrypt_enc_get_iv_size($td));
+      $iv_size = mcrypt_enc_get_iv_size($td);
+      $iv = substr($cipher, 0, $iv_size);
+
+      // session corruption? (#1485970)
+      if (strlen($iv) < $iv_size)
+        return '';
+
+      $cipher = substr($cipher, $iv_size);
       mcrypt_generic_init($td, $this->config->get_crypto_key($key), $iv);
       $clear = mdecrypt_generic($td, $cipher);
       mcrypt_generic_deinit($td);

--
Gitblit v1.9.1