From d282d07dfba94b5395d1dd989bdb958c972bb7cf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 16 Oct 2017 11:05:58 +0300 Subject: [ci skip] Use INTL_IDNA_VARIANT_UCS46 to convert non-ASCII domain names in emails Close #5300 --- system/libraries/Email.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'system/libraries/Email.php') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 0e9cf0574..48726b769 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -1036,7 +1036,8 @@ class CI_Email { { if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) { - $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos)); + $variant = defined('INTL_IDNA_VARIANT_UTS46') ? INTL_IDNA_VARIANT_UTS46 : INTL_IDNA_VARIANT_2003; + $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos), $variant); } return (bool) filter_var($email, FILTER_VALIDATE_EMAIL); @@ -1853,7 +1854,8 @@ class CI_Email { { if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) { - $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos)); + $variant = defined('INTL_IDNA_VARIANT_UTS46') ? INTL_IDNA_VARIANT_UTS46 : INTL_IDNA_VARIANT_2003; + $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos), $variant); } return (filter_var($email, FILTER_VALIDATE_EMAIL) === $email && preg_match('#\A[a-z0-9._+-]+@[a-z0-9.-]{1,253}\z#i', $email)); -- cgit v1.2.3-24-g4f1b From 4541bf930e715917622dc2d225bf5517f99db35a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 9 Nov 2017 17:27:59 +0200 Subject: [ci skip] Fix patch for #5300 --- system/libraries/Email.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Email.php') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 48726b769..3b1da8de0 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -1037,7 +1037,7 @@ class CI_Email { if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) { $variant = defined('INTL_IDNA_VARIANT_UTS46') ? INTL_IDNA_VARIANT_UTS46 : INTL_IDNA_VARIANT_2003; - $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos), $variant); + $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos), 0, $variant); } return (bool) filter_var($email, FILTER_VALIDATE_EMAIL); @@ -1855,7 +1855,7 @@ class CI_Email { if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) { $variant = defined('INTL_IDNA_VARIANT_UTS46') ? INTL_IDNA_VARIANT_UTS46 : INTL_IDNA_VARIANT_2003; - $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos), $variant); + $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos), 0, $variant); } return (filter_var($email, FILTER_VALIDATE_EMAIL) === $email && preg_match('#\A[a-z0-9._+-]+@[a-z0-9.-]{1,253}\z#i', $email)); -- cgit v1.2.3-24-g4f1b From 4fd2d49461cd871a99a63c51563b8aee3d023abd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 9 Nov 2017 20:38:33 +0200 Subject: More on #5003 --- system/libraries/Email.php | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'system/libraries/Email.php') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 3b1da8de0..948cdb5c2 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -1034,10 +1034,13 @@ class CI_Email { */ public function valid_email($email) { - if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) + if (function_exists('idn_to_ascii') && strpos($email, '@')) { - $variant = defined('INTL_IDNA_VARIANT_UTS46') ? INTL_IDNA_VARIANT_UTS46 : INTL_IDNA_VARIANT_2003; - $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos), 0, $variant); + list($account, $domain) = explode('@', $email, 2); + $domain = is_php('5.4') + ? idn_to_ascii($domain, 0, INTL_IDNA_VARIANT_UTS46) + : idn_to_ascii($domain); + $email = $account.'@'.$domain; } return (bool) filter_var($email, FILTER_VALIDATE_EMAIL); @@ -1852,10 +1855,13 @@ class CI_Email { */ protected function _validate_email_for_shell(&$email) { - if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) + if (function_exists('idn_to_ascii') && strpos($email, '@')) { - $variant = defined('INTL_IDNA_VARIANT_UTS46') ? INTL_IDNA_VARIANT_UTS46 : INTL_IDNA_VARIANT_2003; - $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos), 0, $variant); + list($account, $domain) = explode('@', $email, 2); + $domain = is_php('5.4') + ? idn_to_ascii($domain, 0, INTL_IDNA_VARIANT_UTS46) + : idn_to_ascii($domain); + $email = $account.'@'.$domain; } return (filter_var($email, FILTER_VALIDATE_EMAIL) === $email && preg_match('#\A[a-z0-9._+-]+@[a-z0-9.-]{1,253}\z#i', $email)); -- cgit v1.2.3-24-g4f1b From fbe4d79ca0a70f404dce628d66deeaa3d90a2225 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 27 Dec 2017 19:49:03 +0200 Subject: Merge pull request #5367 from carusogabriel/clean-elses Clean elses --- system/libraries/Email.php | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'system/libraries/Email.php') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 948cdb5c2..8fefcbab9 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -961,10 +961,8 @@ class CI_Email { { return 'plain-attach'; } - else - { - return 'plain'; - } + + return 'plain'; } // -------------------------------------------------------------------- @@ -2267,10 +2265,8 @@ class CI_Email { usleep(250000); continue; } - else - { - $timestamp = 0; - } + + $timestamp = 0; } if ($result === FALSE) -- cgit v1.2.3-24-g4f1b From cce6bd170f24cf0f10ca0b58150d0324433a66be Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 9 Jan 2018 11:32:02 +0200 Subject: [ci skip] Merge pull request #5376 from jim-parry/copyright-update Annual copyright update Conflicts resolved: system/libraries/Cache/drivers/Cache_apcu.php --- system/libraries/Email.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Email.php') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 8fefcbab9..6a8bda70e 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2017, British Columbia Institute of Technology + * Copyright (c) 2014 - 2018, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 -- cgit v1.2.3-24-g4f1b From 221c09588be796ba352683cd7814af33501d4fa6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 22 Jan 2018 10:29:19 +0200 Subject: Fix a bug where INTL_IDNA_VARIANT_UTS46 was used while undeclared The constant was introduced in PHP 5.4, and is documented that way, but it actually depends on PHP being linked to ICU 4.6+, while the minimum requirement for compilation is 4.0 ... When this happens on PHP 7.2, an E_DEPRECATED notice will be emitted; there's currently a discussion on php-internals to resolve that issue. --- system/libraries/Email.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Email.php') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 6a8bda70e..967a0019a 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -1035,7 +1035,7 @@ class CI_Email { if (function_exists('idn_to_ascii') && strpos($email, '@')) { list($account, $domain) = explode('@', $email, 2); - $domain = is_php('5.4') + $domain = defined('INTL_IDNA_VARIANT_UTS46') ? idn_to_ascii($domain, 0, INTL_IDNA_VARIANT_UTS46) : idn_to_ascii($domain); $email = $account.'@'.$domain; -- cgit v1.2.3-24-g4f1b From 329dd039a211ed7634b45e2c908f7dc375b806a2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 22 Jan 2018 10:54:10 +0200 Subject: [ci skip] If possible, always negotiate for TLS 1.0, TLS 1.1, TLS 1.2 for SMTP connections in CI_Email --- system/libraries/Email.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'system/libraries/Email.php') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 967a0019a..71740ee5e 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -2074,7 +2074,19 @@ class CI_Email { $this->_send_command('hello'); $this->_send_command('starttls'); - $crypto = stream_socket_enable_crypto($this->_smtp_connect, TRUE, STREAM_CRYPTO_METHOD_TLS_CLIENT); + /** + * STREAM_CRYPTO_METHOD_TLS_CLIENT is quite the mess ... + * + * - On PHP <5.6 it doesn't even mean TLS, but SSL 2.0, and there's no option to use actual TLS + * - On PHP 5.6.0-5.6.6, >=7.2 it means negotiation with any of TLS 1.0, 1.1, 1.2 + * - On PHP 5.6.7-7.1.* it means only TLS 1.0 + * + * We want the negotiation, so we'll force it below ... + */ + $method = is_php('5.6') + ? STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT + : STREAM_CRYPTO_METHOD_TLS_CLIENT; + $crypto = stream_socket_enable_crypto($this->_smtp_connect, TRUE, $method); if ($crypto !== TRUE) { -- cgit v1.2.3-24-g4f1b From 7c71b8f571585655d24ce325fb0ec3deb6caa8e4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 27 Jan 2018 06:09:02 +0200 Subject: [ci skip] Apply the INTL_IDNA_VARIANT_UTS46 fix to CI_Email::_validate_email_for_shell() --- system/libraries/Email.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Email.php') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 71740ee5e..a53e7e72a 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -1856,7 +1856,7 @@ class CI_Email { if (function_exists('idn_to_ascii') && strpos($email, '@')) { list($account, $domain) = explode('@', $email, 2); - $domain = is_php('5.4') + $domain = defined('INTL_IDNA_VARIANT_UTS46') ? idn_to_ascii($domain, 0, INTL_IDNA_VARIANT_UTS46) : idn_to_ascii($domain); $email = $account.'@'.$domain; -- cgit v1.2.3-24-g4f1b From 32f8c936898a3619f225f614d03b1cdf7a7e2750 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 12 Jun 2018 16:25:44 +0300 Subject: Merge pull request #5510 from johndekroon/develop Only use the output of idn_to_ascii() if it worked properly --- system/libraries/Email.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'system/libraries/Email.php') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index a53e7e72a..cd74d6da1 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -1038,7 +1038,11 @@ class CI_Email { $domain = defined('INTL_IDNA_VARIANT_UTS46') ? idn_to_ascii($domain, 0, INTL_IDNA_VARIANT_UTS46) : idn_to_ascii($domain); - $email = $account.'@'.$domain; + + if ($domain !== FALSE) + { + $email = $account.'@'.$domain; + } } return (bool) filter_var($email, FILTER_VALIDATE_EMAIL); @@ -1859,7 +1863,11 @@ class CI_Email { $domain = defined('INTL_IDNA_VARIANT_UTS46') ? idn_to_ascii($domain, 0, INTL_IDNA_VARIANT_UTS46) : idn_to_ascii($domain); - $email = $account.'@'.$domain; + + if ($domain !== FALSE) + { + $email = $account.'@'.$domain; + } } return (filter_var($email, FILTER_VALIDATE_EMAIL) === $email && preg_match('#\A[a-z0-9._+-]+@[a-z0-9.-]{1,253}\z#i', $email)); -- cgit v1.2.3-24-g4f1b