From f06aa8058b7e32ba32d4551074b6e0b8a300f751 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Mon, 21 Oct 2013 15:02:40 -0400
Subject: [PATCH] Bump version after security fix
---
program/include/rcube_imap.php | 332 ++++++++++++++++++++++++++++++++++++-------------------
1 files changed, 216 insertions(+), 116 deletions(-)
diff --git a/program/include/rcube_imap.php b/program/include/rcube_imap.php
index ec9db57..5fab3b4 100644
--- a/program/include/rcube_imap.php
+++ b/program/include/rcube_imap.php
@@ -212,6 +212,8 @@
/**
* Check connection state, connect if not connected.
+ *
+ * @return bool Connection state.
*/
public function check_connection()
{
@@ -402,15 +404,56 @@
*/
public function check_permflag($flag)
{
- $flag = strtoupper($flag);
- $imap_flag = $this->conn->flags[$flag];
+ $flag = strtoupper($flag);
+ $imap_flag = $this->conn->flags[$flag];
+ $perm_flags = $this->get_permflags($this->folder);
- if ($this->folder !== null) {
- $this->check_connection();
+ return in_array_nocase($imap_flag, $perm_flags);
+ }
+
+
+ /**
+ * Returns PERMANENTFLAGS of the specified folder
+ *
+ * @param string $folder Folder name
+ *
+ * @return array Flags
+ */
+ public function get_permflags($folder)
+ {
+ if (!strlen($folder)) {
+ return array();
}
- // @TODO: cache permanent flags (?)
+/*
+ Checking PERMANENTFLAGS is rather rare, so we disable caching of it
+ Re-think when we'll use it for more than only MDNSENT flag
- return (in_array_nocase($imap_flag, $this->conn->data['PERMANENTFLAGS']));
+ $cache_key = 'mailboxes.permanentflags.' . $folder;
+ $permflags = $this->get_cache($cache_key);
+
+ if ($permflags !== null) {
+ return explode(' ', $permflags);
+ }
+*/
+ if (!$this->check_connection()) {
+ return array();
+ }
+
+ if ($this->conn->select($folder)) {
+ $permflags = $this->conn->data['PERMANENTFLAGS'];
+ }
+ else {
+ return array();
+ }
+
+ if (!is_array($permflags)) {
+ $permflags = array();
+ }
+/*
+ // Store permflags as string to limit cached object size
+ $this->update_cache($cache_key, implode(' ', $permflags));
+*/
+ return $permflags;
}
@@ -564,8 +607,8 @@
{
$mode = strtoupper($mode);
- // count search set
- if ($this->search_string && $folder == $this->folder && ($mode == 'ALL' || $mode == 'THREADS') && !$force) {
+ // count search set, assume search set is always up-to-date (don't check $force flag)
+ if ($this->search_string && $folder == $this->folder && ($mode == 'ALL' || $mode == 'THREADS')) {
if ($mode == 'ALL') {
return $this->search_set->count_messages();
}
@@ -972,8 +1015,8 @@
$a_msg_headers, $this->sort_field, $this->sort_order);
// only return the requested part of the set
- $a_msg_headers = array_slice(array_values($a_msg_headers),
- $from, min($cnt-$to, $this->page_size));
+ $slice_length = min($this->page_size, $cnt - ($to > $cnt ? $from : $to));
+ $a_msg_headers = array_slice(array_values($a_msg_headers), $from, $slice_length);
if ($slice) {
$a_msg_headers = array_slice($a_msg_headers, -$slice, $slice);
@@ -1211,7 +1254,9 @@
}
// use message index sort as default sorting
else if (!$sort_field) {
+ // use search result from count() if possible
if ($this->options['skip_deleted'] && !empty($this->icache['undeleted_idx'])
+ && $this->icache['undeleted_idx']->get_parameters('ALL') !== null
&& $this->icache['undeleted_idx']->get_parameters('MAILBOX') == $folder
) {
$index = $this->icache['undeleted_idx'];
@@ -1344,21 +1389,21 @@
*
* @return rcube_result_index Search result (UIDs)
*/
- public function search_once($mailbox = null, $str = 'ALL')
+ public function search_once($folder = null, $str = 'ALL')
{
if (!$str) {
return 'ALL';
}
- if (!strlen($mailbox)) {
- $mailbox = $this->mailbox;
+ if (!strlen($folder)) {
+ $folder = $this->folder;
}
if (!$this->check_connection()) {
return new rcube_result_index();
}
- $index = $this->conn->search($mailbox, $str, true);
+ $index = $this->conn->search($folder, $str, true);
return $index;
}
@@ -2083,14 +2128,17 @@
/**
* Sends the whole message source to stdout
+ *
+ * @param int $uid Message UID
+ * @param bool $formatted Enables line-ending formatting
*/
- public function print_raw_body($uid)
+ public function print_raw_body($uid, $formatted = true)
{
if (!$this->check_connection()) {
return;
}
- $this->conn->handlePartBody($this->folder, $uid, true, NULL, NULL, true);
+ $this->conn->handlePartBody($this->folder, $uid, true, null, null, true, null, $formatted);
}
@@ -2124,10 +2172,10 @@
$result = $this->conn->flag($folder, $uids, $flag);
}
- if ($result) {
+ if ($result && !$skip_cache) {
// reload message headers if cached
- // @TODO: update flags instead removing from cache
- if (!$skip_cache && ($mcache = $this->get_mcache_engine())) {
+ // update flags instead removing from cache
+ if ($mcache = $this->get_mcache_engine()) {
$status = strpos($flag, 'UN') !== 0;
$mflag = preg_replace('/^UN/', '', $flag);
$mcache->change_flag($folder, $all_mode ? null : explode(',', $uids),
@@ -2139,8 +2187,12 @@
$this->clear_messagecount($folder, 'SEEN');
$this->clear_messagecount($folder, 'UNSEEN');
}
- else if ($flag == 'DELETED') {
+ else if ($flag == 'DELETED' || $flag == 'UNDELETED') {
$this->clear_messagecount($folder, 'DELETED');
+ // remove cached messages
+ if ($this->options['skip_deleted']) {
+ $this->clear_message_cache($folder, $all_mode ? null : explode(',', $uids));
+ }
}
}
@@ -2162,6 +2214,10 @@
{
if (!strlen($folder)) {
$folder = $this->folder;
+ }
+
+ if (!$this->check_connection()) {
+ return false;
}
// make sure folder exists
@@ -2464,7 +2520,16 @@
return $a_mboxes;
}
- $a_mboxes = $this->_list_folders_subscribed($root, $name, $filter, $rights);
+ // Give plugins a chance to provide a list of folders
+ $data = rcmail::get_instance()->plugins->exec_hook('storage_folders',
+ array('root' => $root, 'name' => $name, 'filter' => $filter, 'mode' => 'LSUB'));
+
+ if (isset($data['folders'])) {
+ $a_mboxes = $data['folders'];
+ }
+ else {
+ $a_mboxes = $this->list_folders_subscribed_direct($root, $name);
+ }
if (!is_array($a_mboxes)) {
return array();
@@ -2493,74 +2558,74 @@
/**
- * protected method for folders listing (LSUB)
+ * Method for direct folders listing (LSUB)
*
* @param string $root Optional root folder
* @param string $name Optional name pattern
- * @param mixed $filter Optional filter
- * @param string $rights Optional ACL requirements
*
* @return array List of subscribed folders
* @see rcube_imap::list_folders_subscribed()
*/
- protected function _list_folders_subscribed($root='', $name='*', $filter=null, $rights=null)
+ public function list_folders_subscribed_direct($root='', $name='*')
{
- $a_defaults = $a_out = array();
-
- // Give plugins a chance to provide a list of folders
- $data = rcmail::get_instance()->plugins->exec_hook('storage_folders',
- array('root' => $root, 'name' => $name, 'filter' => $filter, 'mode' => 'LSUB'));
-
- if (isset($data['folders'])) {
- $a_folders = $data['folders'];
- }
- else if (!$this->check_connection()) {
+ if (!$this->check_connection()) {
return null;
}
- else {
- // Server supports LIST-EXTENDED, we can use selection options
- $config = rcmail::get_instance()->config;
- // #1486225: Some dovecot versions returns wrong result using LIST-EXTENDED
- if (!$config->get('imap_force_lsub') && $this->get_capability('LIST-EXTENDED')) {
- // This will also set folder options, LSUB doesn't do that
- $a_folders = $this->conn->listMailboxes($root, $name,
- NULL, array('SUBSCRIBED'));
- // unsubscribe non-existent folders, remove from the list
- if (is_array($a_folders) && $name == '*') {
- foreach ($a_folders as $idx => $folder) {
- if ($this->conn->data['LIST'] && ($opts = $this->conn->data['LIST'][$folder])
- && in_array('\\NonExistent', $opts)
- ) {
+ $config = rcmail::get_instance()->config;
+
+ // Server supports LIST-EXTENDED, we can use selection options
+ // #1486225: Some dovecot versions returns wrong result using LIST-EXTENDED
+ $list_extended = !$config->get('imap_force_lsub') && $this->get_capability('LIST-EXTENDED');
+ if ($list_extended) {
+ // This will also set folder options, LSUB doesn't do that
+ $a_folders = $this->conn->listMailboxes($root, $name,
+ NULL, array('SUBSCRIBED'));
+ }
+ else {
+ // retrieve list of folders from IMAP server using LSUB
+ $a_folders = $this->conn->listSubscribed($root, $name);
+ }
+
+ if (!is_array($a_folders)) {
+ return array();
+ }
+
+ // #1486796: some server configurations doesn't return folders in all namespaces
+ if ($root == '' && $name == '*' && $config->get('imap_force_ns')) {
+ $this->list_folders_update($a_folders, ($list_extended ? 'ext-' : '') . 'subscribed');
+ }
+
+ if ($list_extended) {
+ // unsubscribe non-existent folders, remove from the list
+ // we can do this only when LIST response is available
+ if (is_array($a_folders) && $name == '*' && !empty($this->conn->data['LIST'])) {
+ foreach ($a_folders as $idx => $folder) {
+ if (($opts = $this->conn->data['LIST'][$folder])
+ && in_array('\\NonExistent', $opts)
+ ) {
+ $this->conn->unsubscribe($folder);
+ unset($a_folders[$idx]);
+ }
+ }
+ }
+ }
+ else {
+ // unsubscribe non-existent folders, remove them from the list,
+ // we can do this only when LIST response is available
+ if (is_array($a_folders) && $name == '*' && !empty($this->conn->data['LIST'])) {
+ foreach ($a_folders as $idx => $folder) {
+ if (!isset($this->conn->data['LIST'][$folder])
+ || in_array('\\Noselect', $this->conn->data['LIST'][$folder])
+ ) {
+ // Some servers returns \Noselect for existing folders
+ if (!$this->folder_exists($folder)) {
$this->conn->unsubscribe($folder);
unset($a_folders[$idx]);
}
}
}
}
- // retrieve list of folders from IMAP server using LSUB
- else {
- $a_folders = $this->conn->listSubscribed($root, $name);
-
- // unsubscribe non-existent folders, remove from the list
- if (is_array($a_folders) && $name == '*') {
- foreach ($a_folders as $idx => $folder) {
- if ($this->conn->data['LIST'] && ($opts = $this->conn->data['LIST'][$folder])
- && in_array('\\Noselect', $opts)
- ) {
- // Some servers returns \Noselect for existing folders
- if (!$this->folder_exists($folder)) {
- $this->conn->unsubscribe($folder);
- unset($a_folders[$idx]);
- }
- }
- }
- }
- }
- }
-
- if (!is_array($a_folders) || !sizeof($a_folders)) {
- $a_folders = array();
}
return $a_folders;
@@ -2602,7 +2667,7 @@
}
else {
// retrieve list of folders from IMAP server
- $a_mboxes = $this->_list_folders($root, $name);
+ $a_mboxes = $this->list_folders_direct($root, $name);
}
if (!is_array($a_mboxes)) {
@@ -2637,7 +2702,7 @@
/**
- * protected method for folders listing (LIST)
+ * Method for direct folders listing (LIST)
*
* @param string $root Optional root folder
* @param string $name Optional name pattern
@@ -2645,7 +2710,7 @@
* @return array List of folders
* @see rcube_imap::list_folders()
*/
- protected function _list_folders($root='', $name='*')
+ public function list_folders_direct($root='', $name='*')
{
if (!$this->check_connection()) {
return null;
@@ -2657,50 +2722,71 @@
return array();
}
- // #1486796: some server configurations doesn't
- // return folders in all namespaces, we'll try to detect that situation
- // and ask for these namespaces separately
- if ($root == '' && $name == '*') {
- $delim = $this->get_hierarchy_delimiter();
- $namespace = $this->get_namespace();
- $search = array();
+ $config = rcmail::get_instance()->config;
- // build list of namespace prefixes
- foreach ((array)$namespace as $ns) {
- if (is_array($ns)) {
- foreach ($ns as $ns_data) {
- if (strlen($ns_data[0])) {
- $search[] = $ns_data[0];
- }
- }
- }
- }
+ // #1486796: some server configurations doesn't return folders in all namespaces
+ if ($root == '' && $name == '*' && $config->get('imap_force_ns')) {
+ $this->list_folders_update($result);
+ }
- if (!empty($search)) {
- // go through all folders detecting namespace usage
- foreach ($result as $folder) {
- foreach ($search as $idx => $prefix) {
- if (strpos($folder, $prefix) === 0) {
- unset($search[$idx]);
- }
- }
- if (empty($search)) {
- break;
- }
- }
+ return $result;
+ }
- // get folders in hidden namespaces and add to the result
- foreach ($search as $prefix) {
- $list = $this->conn->listMailboxes($prefix, $name);
- if (!empty($list)) {
- $result = array_merge($result, $list);
+ /**
+ * Fix folders list by adding folders from other namespaces.
+ * Needed on some servers eg. Courier IMAP
+ *
+ * @param array $result Reference to folders list
+ * @param string $type Listing type (ext-subscribed, subscribed or all)
+ */
+ private function list_folders_update(&$result, $type = null)
+ {
+ $delim = $this->get_hierarchy_delimiter();
+ $namespace = $this->get_namespace();
+ $search = array();
+
+ // build list of namespace prefixes
+ foreach ((array)$namespace as $ns) {
+ if (is_array($ns)) {
+ foreach ($ns as $ns_data) {
+ if (strlen($ns_data[0])) {
+ $search[] = $ns_data[0];
}
}
}
}
- return $result;
+ if (!empty($search)) {
+ // go through all folders detecting namespace usage
+ foreach ($result as $folder) {
+ foreach ($search as $idx => $prefix) {
+ if (strpos($folder, $prefix) === 0) {
+ unset($search[$idx]);
+ }
+ }
+ if (empty($search)) {
+ break;
+ }
+ }
+
+ // get folders in hidden namespaces and add to the result
+ foreach ($search as $prefix) {
+ if ($type == 'ext-subscribed') {
+ $list = $this->conn->listMailboxes('', $prefix . '*', null, array('SUBSCRIBED'));
+ }
+ else if ($type == 'subscribed') {
+ $list = $this->conn->listSubscribed('', $prefix . '*');
+ }
+ else {
+ $list = $this->conn->listMailboxes('', $prefix . '*');
+ }
+
+ if (!empty($list)) {
+ $result = array_merge($result, $list);
+ }
+ }
+ }
}
@@ -2841,11 +2927,11 @@
// get list of subscribed folders
if ((strpos($folder, '%') === false) && (strpos($folder, '*') === false)) {
- $a_subscribed = $this->_list_folders_subscribed('', $folder . $delm . '*');
+ $a_subscribed = $this->list_folders_subscribed('', $folder . $delm . '*');
$subscribed = $this->folder_exists($folder, true);
}
else {
- $a_subscribed = $this->_list_folders_subscribed();
+ $a_subscribed = $this->list_folders_subscribed();
$subscribed = in_array($folder, $a_subscribed);
}
@@ -2913,7 +2999,7 @@
if (strpos($c_mbox, $folder.$delm) === 0) {
$this->conn->unsubscribe($c_mbox);
if ($this->conn->deleteFolder($c_mbox)) {
- $this->clear_message_cache($c_mbox);
+ $this->clear_message_cache($c_mbox);
}
}
}
@@ -3175,10 +3261,9 @@
$options['name'] = $folder;
$options['attributes'] = $this->folder_attributes($folder, true);
$options['namespace'] = $this->folder_namespace($folder);
- $options['rights'] = $acl && !$options['is_root'] ? (array)$this->my_rights($folder) : array();
$options['special'] = in_array($folder, $this->default_folders);
- // Set 'noselect' and 'norename' flags
+ // Set 'noselect' flag
if (is_array($options['attributes'])) {
foreach ($options['attributes'] as $attrib) {
$attrib = strtolower($attrib);
@@ -3191,6 +3276,15 @@
$options['noselect'] = true;
}
+ // Get folder rights (MYRIGHTS)
+ if ($acl && !$options['noselect']) {
+ // skip shared roots
+ if (!$options['is_root'] || $options['namespace'] == 'personal') {
+ $options['rights'] = (array)$this->my_rights($folder);
+ }
+ }
+
+ // Set 'norename' flag
if (!empty($options['rights'])) {
$options['norename'] = !in_array('x', $options['rights']) && !in_array('d', $options['rights']);
@@ -3527,7 +3621,8 @@
{
if ($this->caching && !$this->cache) {
$rcmail = rcmail::get_instance();
- $ttl = $rcmail->config->get('message_cache_lifetime', '10d') - mktime();
+ $ttl = $rcmail->config->get('message_cache_lifetime', '10d');
+ $ttl = get_offset_time($ttl) - time();
$this->cache = $rcmail->get_cache('IMAP', $this->caching, $ttl);
}
@@ -3945,6 +4040,11 @@
return $this->delete_folder($folder);
}
+ function clear_mailbox($folder = null)
+ {
+ return $this->clear_folder($folder);
+ }
+
public function mailbox_exists($folder, $subscription=false)
{
return $this->folder_exists($folder, $subscription);
--
Gitblit v1.9.1