line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Net::ManageSieve; |
2
|
|
|
|
|
|
|
|
3
|
|
|
|
|
|
|
=head1 NAME |
4
|
|
|
|
|
|
|
|
5
|
|
|
|
|
|
|
Net::ManageSieve - ManageSieve Protocol Client |
6
|
|
|
|
|
|
|
|
7
|
|
|
|
|
|
|
=head1 SYNOPSIS |
8
|
|
|
|
|
|
|
|
9
|
|
|
|
|
|
|
use Net::ManageSieve; |
10
|
|
|
|
|
|
|
|
11
|
|
|
|
|
|
|
# Constructors |
12
|
|
|
|
|
|
|
$sieve = Net::ManageSieve->new('localhost'); |
13
|
|
|
|
|
|
|
$sieve = Net::ManageSieve->new('localhost', Timeout => 60); |
14
|
|
|
|
|
|
|
|
15
|
|
|
|
|
|
|
=head1 DESCRIPTION |
16
|
|
|
|
|
|
|
|
17
|
|
|
|
|
|
|
This module implements a client interface to the ManageSieve protocol |
18
|
|
|
|
|
|
|
(L). This |
19
|
|
|
|
|
|
|
documentation assumes that you are familiar with the concepts of the |
20
|
|
|
|
|
|
|
protocol. |
21
|
|
|
|
|
|
|
|
22
|
|
|
|
|
|
|
A new Net::ManageSieve object must be created with the I method. Once |
23
|
|
|
|
|
|
|
this has been done, all ManageSieve commands are accessed through |
24
|
|
|
|
|
|
|
this object. |
25
|
|
|
|
|
|
|
|
26
|
|
|
|
|
|
|
I: ManageSieve allows one to manipulate scripts on a host running a |
27
|
|
|
|
|
|
|
ManageSieve service, this module does not perform, validate or something |
28
|
|
|
|
|
|
|
like that Sieve scipts themselves. |
29
|
|
|
|
|
|
|
|
30
|
|
|
|
|
|
|
This module works in taint mode. |
31
|
|
|
|
|
|
|
|
32
|
|
|
|
|
|
|
=head1 EXAMPLES |
33
|
|
|
|
|
|
|
|
34
|
|
|
|
|
|
|
This example prints the capabilities of the server known as mailhost: |
35
|
|
|
|
|
|
|
|
36
|
|
|
|
|
|
|
#!/usr/local/bin/perl -w |
37
|
|
|
|
|
|
|
|
38
|
|
|
|
|
|
|
use Net::ManageSieve; |
39
|
|
|
|
|
|
|
|
40
|
|
|
|
|
|
|
$sieve = Net::ManageSieve->new('mailhost'); |
41
|
|
|
|
|
|
|
print "$k=$v\n" while ($k, $v) = each %{ $sieve->capabilities }; |
42
|
|
|
|
|
|
|
$sieve->logout; |
43
|
|
|
|
|
|
|
|
44
|
|
|
|
|
|
|
This example lists all storred scripts on the server and requires TLS: |
45
|
|
|
|
|
|
|
|
46
|
|
|
|
|
|
|
#!/usr/local/bin/perl -w |
47
|
|
|
|
|
|
|
|
48
|
|
|
|
|
|
|
use Net::ManageSieve; |
49
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
my $sieve = Net::ManageSieve->new('mailhost', tls => 'require') |
51
|
|
|
|
|
|
|
or die "$@\n"; |
52
|
|
|
|
|
|
|
print "Cipher: ", $sieve->get_cipher(), "\n"; |
53
|
|
|
|
|
|
|
$sieve->login('user', 'password') |
54
|
|
|
|
|
|
|
or die "Login: ".$sieve->error()."\n"; |
55
|
|
|
|
|
|
|
my $scripts = $sieve->listscripts |
56
|
|
|
|
|
|
|
or die "List: ".$sieve->error()."\n"; |
57
|
|
|
|
|
|
|
my $activeScript = pop(@$scripts); |
58
|
|
|
|
|
|
|
print "$_\n" for sort @$scripts; |
59
|
|
|
|
|
|
|
print $activeScript |
60
|
|
|
|
|
|
|
? 'active script: ' . $activeScript |
61
|
|
|
|
|
|
|
: 'no script active' |
62
|
|
|
|
|
|
|
, "\n"; |
63
|
|
|
|
|
|
|
$sieve->logout; |
64
|
|
|
|
|
|
|
|
65
|
|
|
|
|
|
|
=head1 ERROR HANDLING |
66
|
|
|
|
|
|
|
|
67
|
|
|
|
|
|
|
By default all functions return C on failure and set an |
68
|
|
|
|
|
|
|
error description into C<$@>, which can be retrieved with the |
69
|
|
|
|
|
|
|
method C as well. |
70
|
|
|
|
|
|
|
|
71
|
|
|
|
|
|
|
The constructor accepts the setting C, which alters this |
72
|
|
|
|
|
|
|
behaviour by changing the step to assign C<$@>: |
73
|
|
|
|
|
|
|
If its value is: |
74
|
|
|
|
|
|
|
|
75
|
|
|
|
|
|
|
=over 4 |
76
|
|
|
|
|
|
|
|
77
|
|
|
|
|
|
|
=item C |
78
|
|
|
|
|
|
|
|
79
|
|
|
|
|
|
|
the program carps the error description. |
80
|
|
|
|
|
|
|
|
81
|
|
|
|
|
|
|
If C is enabled, too, the description is printed twice. |
82
|
|
|
|
|
|
|
|
83
|
|
|
|
|
|
|
=item C |
84
|
|
|
|
|
|
|
|
85
|
|
|
|
|
|
|
the program croaks. |
86
|
|
|
|
|
|
|
|
87
|
|
|
|
|
|
|
=item is a CODE ref |
88
|
|
|
|
|
|
|
|
89
|
|
|
|
|
|
|
this subroutine is called with the arguments: |
90
|
|
|
|
|
|
|
|
91
|
|
|
|
|
|
|
&code_ref ( $object, $error_message ) |
92
|
|
|
|
|
|
|
|
93
|
|
|
|
|
|
|
The return value controls, whether or not the error message will be |
94
|
|
|
|
|
|
|
assigned to C<$@>. Private functions may just signal that an error |
95
|
|
|
|
|
|
|
occurred, but keep C<$@> unchanged. In this case C<$@> remains unchanged, |
96
|
|
|
|
|
|
|
if code_ref returns true. |
97
|
|
|
|
|
|
|
|
98
|
|
|
|
|
|
|
I: Even if the code ref returns false, C<$@> might bi clobberred |
99
|
|
|
|
|
|
|
by called modules. This is especially true in the C constructor. |
100
|
|
|
|
|
|
|
|
101
|
|
|
|
|
|
|
=item otherwise |
102
|
|
|
|
|
|
|
|
103
|
|
|
|
|
|
|
the default behaviour is retained by setting C<$@>. |
104
|
|
|
|
|
|
|
|
105
|
|
|
|
|
|
|
=back |
106
|
|
|
|
|
|
|
|
107
|
|
|
|
|
|
|
=cut |
108
|
|
|
|
|
|
|
|
109
|
|
|
|
|
|
|
require 5.001; |
110
|
|
|
|
|
|
|
|
111
|
1
|
|
|
1
|
|
1400
|
use strict; |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
41
|
|
112
|
1
|
|
|
1
|
|
6
|
use vars qw($VERSION @ISA); |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
66
|
|
113
|
1
|
|
|
1
|
|
1126
|
use Socket 1.3; |
|
1
|
|
|
|
|
5313
|
|
|
1
|
|
|
|
|
723
|
|
114
|
1
|
|
|
1
|
|
11
|
use Carp; |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
61
|
|
115
|
1
|
|
|
1
|
|
944
|
use IO::Socket; |
|
1
|
|
|
|
|
23416
|
|
|
1
|
|
|
|
|
5
|
|
116
|
1
|
|
|
1
|
|
2967460
|
use Encode; |
|
1
|
|
|
|
|
1468111
|
|
|
1
|
|
|
|
|
7353
|
|
117
|
|
|
|
|
|
|
|
118
|
|
|
|
|
|
|
$VERSION = "0.13"; |
119
|
|
|
|
|
|
|
|
120
|
|
|
|
|
|
|
@ISA = qw(); |
121
|
|
|
|
|
|
|
|
122
|
|
|
|
|
|
|
=head1 CONSTRUCTOR |
123
|
|
|
|
|
|
|
|
124
|
|
|
|
|
|
|
=over 4 |
125
|
|
|
|
|
|
|
|
126
|
|
|
|
|
|
|
=item new ( [ HOST ] [, OPTIONS ] ) |
127
|
|
|
|
|
|
|
|
128
|
|
|
|
|
|
|
This is the constructor for a new Net::ManageSieve object. C is the |
129
|
|
|
|
|
|
|
name of the remote host to which an ManageSieve connection is required. |
130
|
|
|
|
|
|
|
|
131
|
|
|
|
|
|
|
C is optional. If C is not given then it may instead be |
132
|
|
|
|
|
|
|
passed as the C option described below. If neither is given then |
133
|
|
|
|
|
|
|
C will be used. |
134
|
|
|
|
|
|
|
|
135
|
|
|
|
|
|
|
C are passed in a hash like fashion, using key and value pairs. |
136
|
|
|
|
|
|
|
Possible options are: |
137
|
|
|
|
|
|
|
|
138
|
|
|
|
|
|
|
B - ManageSieve host to connect to. It may be a single scalar, |
139
|
|
|
|
|
|
|
as defined for the C option in L, or a |
140
|
|
|
|
|
|
|
reference to an array with hosts to try in turn. The L method |
141
|
|
|
|
|
|
|
will return the value which was used to connect to the host. |
142
|
|
|
|
|
|
|
|
143
|
|
|
|
|
|
|
B and B - These parameters are passed directly |
144
|
|
|
|
|
|
|
to IO::Socket to allow binding the socket to a local port. |
145
|
|
|
|
|
|
|
|
146
|
|
|
|
|
|
|
B - Maximum time, in seconds, to wait for a response from the |
147
|
|
|
|
|
|
|
ManageSieve server (default: 120) |
148
|
|
|
|
|
|
|
|
149
|
|
|
|
|
|
|
B - Select a port on the remote host to connect to (default is 2000) |
150
|
|
|
|
|
|
|
|
151
|
|
|
|
|
|
|
B or B - enable debugging if true (default OFF) |
152
|
|
|
|
|
|
|
|
153
|
|
|
|
|
|
|
I: All of the above options are passed through to L. |
154
|
|
|
|
|
|
|
|
155
|
|
|
|
|
|
|
B - issue STARTTLS right after connect. If B is a HASH ref, |
156
|
|
|
|
|
|
|
the mode is in member C, otherwise C itself is the mode and |
157
|
|
|
|
|
|
|
an empty SSL option HASH is passed to L. The C may be |
158
|
|
|
|
|
|
|
one of C to fail, if TLS negotiation fails, or C, |
159
|
|
|
|
|
|
|
C or C, if TLS is to attempt, but a failure is ignored. |
160
|
|
|
|
|
|
|
(Aliases: B, B) |
161
|
|
|
|
|
|
|
|
162
|
|
|
|
|
|
|
B - Changes the error handling of all functions that would |
163
|
|
|
|
|
|
|
otherwise return undef and set C<$@>. See section ERROR HANDLING |
164
|
|
|
|
|
|
|
(Aliases: B) |
165
|
|
|
|
|
|
|
|
166
|
|
|
|
|
|
|
Example: |
167
|
|
|
|
|
|
|
|
168
|
|
|
|
|
|
|
$sieve = Net::ManageSieve->new('mailhost', |
169
|
|
|
|
|
|
|
Timeout => 30, |
170
|
|
|
|
|
|
|
); |
171
|
|
|
|
|
|
|
|
172
|
|
|
|
|
|
|
use the first host one can connect to successfully C on port |
173
|
|
|
|
|
|
|
C<2000>, the default port, then C on port C<2008>. |
174
|
|
|
|
|
|
|
|
175
|
|
|
|
|
|
|
$sieve = Net::ManageSieve->new(Host => [ 'mailhost', 'localhost:2008' ], |
176
|
|
|
|
|
|
|
Timeout => 30, |
177
|
|
|
|
|
|
|
tls => { |
178
|
|
|
|
|
|
|
mode => require, |
179
|
|
|
|
|
|
|
SSL_ca_path => '/usr/ssl/cert', |
180
|
|
|
|
|
|
|
} |
181
|
|
|
|
|
|
|
); |
182
|
|
|
|
|
|
|
|
183
|
|
|
|
|
|
|
=back |
184
|
|
|
|
|
|
|
|
185
|
|
|
|
|
|
|
=cut |
186
|
|
|
|
|
|
|
|
187
|
|
|
|
|
|
|
sub _decodeCap ($$) { |
188
|
0
|
|
|
0
|
|
|
my $self = shift; |
189
|
0
|
|
|
|
|
|
my $cap = shift; |
190
|
|
|
|
|
|
|
|
191
|
0
|
0
|
|
|
|
|
if(ref($cap) eq 'ARRAY') { |
192
|
0
|
|
|
|
|
|
$self->{capabilities} = { }; |
193
|
0
|
|
|
|
|
|
while(my $c = shift(@$cap)) { |
194
|
0
|
0
|
|
|
|
|
next if ref($c); |
195
|
0
|
|
|
|
|
|
$c = lc($c); # capability-name |
196
|
0
|
|
|
|
|
|
my @v; |
197
|
0
|
|
|
|
|
|
while(my $v = shift(@$cap)) { # quaff even multiple tokens |
198
|
0
|
0
|
|
|
|
|
last if ref($v);#CRLF # standard allows one |
199
|
0
|
|
|
|
|
|
push(@v, $v); # optional value |
200
|
|
|
|
|
|
|
} # lasr CRLF had been quaffed by ok() already |
201
|
0
|
0
|
|
|
|
|
$self->{capabilities}->{$c} |
202
|
|
|
|
|
|
|
= scalar(@v)? join(',', @v) |
203
|
|
|
|
|
|
|
: '0 but true'; |
204
|
|
|
|
|
|
|
} |
205
|
|
|
|
|
|
|
} |
206
|
|
|
|
|
|
|
|
207
|
0
|
|
|
|
|
|
return $self; |
208
|
|
|
|
|
|
|
} |
209
|
|
|
|
|
|
|
|
210
|
|
|
|
|
|
|
sub new { |
211
|
0
|
|
|
0
|
1
|
|
my $self = shift; |
212
|
0
|
|
0
|
|
|
|
my $type = ref($self) || $self; |
213
|
0
|
|
|
|
|
|
$self = bless {}, $type; |
214
|
|
|
|
|
|
|
|
215
|
0
|
|
|
|
|
|
my ($host,%arg); |
216
|
0
|
0
|
|
|
|
|
if(@_ % 2) { |
217
|
0
|
|
|
|
|
|
$host = shift ; |
218
|
0
|
|
|
|
|
|
%arg = @_; |
219
|
|
|
|
|
|
|
} else { |
220
|
0
|
|
|
|
|
|
%arg = @_; |
221
|
0
|
|
|
|
|
|
$host = delete $arg{Host}; |
222
|
|
|
|
|
|
|
} |
223
|
0
|
|
0
|
|
|
|
$host ||= 'localhost'; |
224
|
0
|
|
0
|
|
|
|
$arg{Proto} ||= 'tcp'; |
225
|
0
|
|
0
|
|
|
|
$arg{Port} ||= 'managesieve(2000)'; |
226
|
0
|
|
|
|
|
|
$arg{PeerPort} = $arg{Port}; |
227
|
0
|
0
|
|
|
|
|
$arg{Timeout} = 120 unless defined $arg{Timeout}; |
228
|
0
|
|
|
|
|
|
$self->{timeout} = $arg{Timeout}; |
229
|
0
|
|
|
|
|
|
$self->{_last_response} = 'OK no response, yet'; |
230
|
0
|
|
|
|
|
|
$self->{_last_error} = ''; |
231
|
0
|
|
|
|
|
|
$self->{_last_command} = ''; |
232
|
0
|
0
|
0
|
|
|
|
$self->{_debug} = 1 if $arg{Debug} || $arg{debug}; |
233
|
0
|
|
0
|
|
|
|
$self->{_on_fail} = delete $arg{on_fail} || delete $arg{On_fail}; |
234
|
0
|
|
0
|
|
|
|
$self->{_tls} = delete $arg{tls} || delete $arg{Tls} || delete $arg{TLS}; |
235
|
|
|
|
|
|
|
|
236
|
0
|
0
|
|
|
|
|
foreach my $h (@{ref($host) ? $host : [ $host ]}) { |
|
0
|
|
|
|
|
|
|
237
|
0
|
|
|
|
|
|
$arg{PeerAddr} = $h; |
238
|
0
|
0
|
|
|
|
|
if($self->{fh} = IO::Socket::INET->new(%arg)) { |
239
|
0
|
|
|
|
|
|
$self->{host} = $h; |
240
|
0
|
|
|
|
|
|
last; |
241
|
|
|
|
|
|
|
} |
242
|
|
|
|
|
|
|
} |
243
|
|
|
|
|
|
|
|
244
|
0
|
0
|
|
|
|
|
unless(defined $self->{host}) { |
245
|
0
|
|
|
|
|
|
my $err = $@; |
246
|
0
|
0
|
|
|
|
|
$err = 'failed to connect to host(s): '.$! unless defined $err; |
247
|
0
|
|
|
|
|
|
$self->_set_error($err); |
248
|
0
|
|
|
|
|
|
return undef; |
249
|
|
|
|
|
|
|
} |
250
|
|
|
|
|
|
|
|
251
|
0
|
|
|
|
|
|
$self->{fh}->autoflush(1); |
252
|
|
|
|
|
|
|
|
253
|
|
|
|
|
|
|
# Read the capabilities |
254
|
0
|
|
|
|
|
|
my $cap = $self->_response(); |
255
|
0
|
0
|
|
|
|
|
return undef unless $self->ok($cap); |
256
|
0
|
|
|
|
|
|
$self->_decodeCap($cap); |
257
|
|
|
|
|
|
|
|
258
|
0
|
0
|
|
|
|
|
if(my $mode = $self->{_tls}) { |
259
|
0
|
|
|
|
|
|
my $tls; |
260
|
0
|
0
|
|
|
|
|
if(ref($mode) eq 'HASH') { |
261
|
0
|
|
|
|
|
|
$tls = $mode; |
262
|
0
|
|
0
|
|
|
|
$mode = delete $tls->{mode} || 'auto'; |
263
|
|
|
|
|
|
|
} else { |
264
|
0
|
|
|
|
|
|
$tls = { }; # no arguments |
265
|
|
|
|
|
|
|
} |
266
|
|
|
|
|
|
|
|
267
|
0
|
0
|
0
|
|
|
|
if($mode && $mode =~ /\A(?:require|auto|yes|on|y)\Z/) { |
268
|
0
|
|
|
|
|
|
my $rc = $self->starttls(%$tls); |
269
|
0
|
0
|
0
|
|
|
|
if(!$rc && $mode eq 'require') { |
270
|
0
|
|
|
|
|
|
my $err = $@; |
271
|
0
|
0
|
|
|
|
|
$err = 'unknown error' unless defined $err; |
272
|
0
|
|
|
|
|
|
$self->_set_error('failed to enable TLS: '.$err); |
273
|
0
|
|
|
|
|
|
return undef; |
274
|
|
|
|
|
|
|
} |
275
|
|
|
|
|
|
|
} |
276
|
|
|
|
|
|
|
} |
277
|
|
|
|
|
|
|
|
278
|
0
|
|
|
|
|
|
return $self; |
279
|
|
|
|
|
|
|
} |
280
|
|
|
|
|
|
|
|
281
|
|
|
|
|
|
|
=head1 METHODS |
282
|
|
|
|
|
|
|
|
283
|
|
|
|
|
|
|
Unless otherwise stated all methods return either a I or I |
284
|
|
|
|
|
|
|
value, with I meaning that the operation was a success. When |
285
|
|
|
|
|
|
|
a method states that it returns a value, failure will be returned as |
286
|
|
|
|
|
|
|
I or an empty list. The error is specified in C<$@> and can be |
287
|
|
|
|
|
|
|
returned with the L method. Please see section ERROR HANDLING |
288
|
|
|
|
|
|
|
for an alternative error handling scheme. |
289
|
|
|
|
|
|
|
|
290
|
|
|
|
|
|
|
=over 4 |
291
|
|
|
|
|
|
|
|
292
|
|
|
|
|
|
|
=item close () |
293
|
|
|
|
|
|
|
|
294
|
|
|
|
|
|
|
Closes the connection to the server. Any already cached data is kept |
295
|
|
|
|
|
|
|
active, though, there should be no pending data, if an user calls this |
296
|
|
|
|
|
|
|
function. |
297
|
|
|
|
|
|
|
|
298
|
|
|
|
|
|
|
=cut |
299
|
|
|
|
|
|
|
|
300
|
|
|
|
|
|
|
sub close { |
301
|
0
|
|
|
0
|
1
|
|
my $self = shift; |
302
|
0
|
0
|
|
|
|
|
return undef unless $self->{fh}; |
303
|
0
|
|
|
|
|
|
my $rc = $self->{fh}->close(); |
304
|
0
|
|
|
|
|
|
delete $self->{fh}; |
305
|
0
|
|
|
|
|
|
return $rc; # we keep locally cached data intentionally |
306
|
|
|
|
|
|
|
} |
307
|
|
|
|
|
|
|
|
308
|
|
|
|
|
|
|
=item starttls ( %SSL_opts ) |
309
|
|
|
|
|
|
|
|
310
|
|
|
|
|
|
|
Initiates a TLS session, may be used only before any |
311
|
|
|
|
|
|
|
authentication. |
312
|
|
|
|
|
|
|
|
313
|
|
|
|
|
|
|
The C is a HASH containing any options you can |
314
|
|
|
|
|
|
|
pass to L<< IO::Socket::SSL->new() >>. No one is passed by default. |
315
|
|
|
|
|
|
|
|
316
|
|
|
|
|
|
|
In order to detect in the later run, if the connection is encrypted, |
317
|
|
|
|
|
|
|
use the C function. |
318
|
|
|
|
|
|
|
|
319
|
|
|
|
|
|
|
Return: $self or C on failure - the socket is still |
320
|
|
|
|
|
|
|
functioning, but is not encrypted. |
321
|
|
|
|
|
|
|
|
322
|
|
|
|
|
|
|
=cut |
323
|
|
|
|
|
|
|
|
324
|
|
|
|
|
|
|
sub starttls { |
325
|
0
|
|
|
0
|
1
|
|
my $self = shift; |
326
|
0
|
0
|
|
|
|
|
unless(scalar(@_) % 2 == 0) { |
327
|
0
|
|
|
|
|
|
$@ = 'The argument list must be a HASH'; |
328
|
0
|
|
|
|
|
|
return undef; |
329
|
|
|
|
|
|
|
} |
330
|
0
|
|
|
|
|
|
my %opts = @_; |
331
|
|
|
|
|
|
|
|
332
|
0
|
0
|
|
|
|
|
return undef unless $self->ok($self->_command("STARTTLS")); |
333
|
|
|
|
|
|
|
|
334
|
|
|
|
|
|
|
# Initiate TLS |
335
|
0
|
0
|
|
|
|
|
unless(defined &IO::Socket::SSL::new) { |
336
|
0
|
|
|
|
|
|
eval { require IO::Socket::SSL }; |
|
0
|
|
|
|
|
|
|
337
|
0
|
0
|
|
|
|
|
if($@) { |
338
|
0
|
|
|
|
|
|
$self->_set_error('cannot find module IO::Socket::SSL', 'skipAd'); |
339
|
0
|
|
|
|
|
|
return undef; |
340
|
|
|
|
|
|
|
} |
341
|
|
|
|
|
|
|
} |
342
|
|
|
|
|
|
|
|
343
|
0
|
|
|
|
|
|
IO::Socket::SSL->start_SSL($self->{fh} , %opts); |
344
|
|
|
|
|
|
|
# In-place upgrade of socket |
345
|
0
|
0
|
|
|
|
|
return undef unless ref($self->{fh}) eq 'IO::Socket::SSL'; |
346
|
|
|
|
|
|
|
|
347
|
|
|
|
|
|
|
# success, state now is the same as right after connect |
348
|
0
|
|
|
|
|
|
my $cap = $self->_response(); |
349
|
0
|
0
|
|
|
|
|
return undef unless $self->ok($cap); |
350
|
0
|
|
|
|
|
|
$self->_decodeCap($cap); |
351
|
|
|
|
|
|
|
|
352
|
0
|
|
|
|
|
|
return $self; |
353
|
|
|
|
|
|
|
} |
354
|
|
|
|
|
|
|
|
355
|
|
|
|
|
|
|
=item encrypted () |
356
|
|
|
|
|
|
|
|
357
|
|
|
|
|
|
|
Returns C, if the connection is not encrypted, otherwise |
358
|
|
|
|
|
|
|
C. |
359
|
|
|
|
|
|
|
|
360
|
|
|
|
|
|
|
=cut |
361
|
|
|
|
|
|
|
|
362
|
|
|
|
|
|
|
sub encrypted { |
363
|
0
|
|
|
0
|
1
|
|
my $fh = $_[0]->{fh}; |
364
|
0
|
|
0
|
|
|
|
return $fh && ref($fh) && $fh->isa('IO::Socket::SSL'); |
365
|
|
|
|
|
|
|
} |
366
|
|
|
|
|
|
|
|
367
|
|
|
|
|
|
|
|
368
|
|
|
|
|
|
|
=item get_cipher (), dump_peer_certificate (), peer_certificate ($field) |
369
|
|
|
|
|
|
|
|
370
|
|
|
|
|
|
|
Returns C, if the connection is not encrypted, otherwise |
371
|
|
|
|
|
|
|
the functions directly calls the equally named function |
372
|
|
|
|
|
|
|
of L. |
373
|
|
|
|
|
|
|
|
374
|
|
|
|
|
|
|
=cut |
375
|
|
|
|
|
|
|
|
376
|
|
|
|
|
|
|
sub _encrypted { |
377
|
0
|
|
|
0
|
|
|
my $fh = $_[0]->{fh}; |
378
|
0
|
0
|
|
|
|
|
unless($fh) { |
379
|
0
|
|
|
|
|
|
$_[0]->_set_error('no connection opened'); |
380
|
0
|
|
|
|
|
|
return undef; |
381
|
|
|
|
|
|
|
} |
382
|
0
|
0
|
|
|
|
|
unless(encrypted($_[0])) { |
383
|
0
|
|
|
|
|
|
$_[0]->_set_error('connection not encrypted'); |
384
|
0
|
|
|
|
|
|
return undef; |
385
|
|
|
|
|
|
|
} |
386
|
0
|
|
|
|
|
|
return $fh; |
387
|
|
|
|
|
|
|
} |
388
|
|
|
|
|
|
|
|
389
|
|
|
|
|
|
|
sub get_cipher { |
390
|
0
|
0
|
|
0
|
1
|
|
return undef unless &_encrypted; |
391
|
0
|
|
|
|
|
|
return $_[0]->{fh}->get_cipher(); |
392
|
|
|
|
|
|
|
} |
393
|
|
|
|
|
|
|
sub dump_peer_certificate { |
394
|
0
|
0
|
|
0
|
1
|
|
return undef unless &_encrypted; |
395
|
0
|
|
|
|
|
|
return $_[0]->{fh}->dump_peer_certificate(); |
396
|
|
|
|
|
|
|
} |
397
|
|
|
|
|
|
|
sub peer_certificate { |
398
|
0
|
0
|
|
0
|
1
|
|
return undef unless &_encrypted; |
399
|
0
|
|
|
|
|
|
shift; |
400
|
0
|
|
|
|
|
|
return $_[0]->{fh}->peer_certificate(@_); |
401
|
|
|
|
|
|
|
} |
402
|
|
|
|
|
|
|
|
403
|
|
|
|
|
|
|
=item auth (USER [, PASSWORD [, AUTHNAME ] ]) |
404
|
|
|
|
|
|
|
|
405
|
|
|
|
|
|
|
Authentificates as C. |
406
|
|
|
|
|
|
|
|
407
|
|
|
|
|
|
|
If the module L is available, this module is tried first. In |
408
|
|
|
|
|
|
|
this case, the C parameter may be a C object, that |
409
|
|
|
|
|
|
|
is not furtherly modified. If C is no C object, |
410
|
|
|
|
|
|
|
C is passed as C, C as C and C |
411
|
|
|
|
|
|
|
as C to C<< Authen::SASL->new() >>. If C is |
412
|
|
|
|
|
|
|
undefined, C is passed as C. This way you can |
413
|
|
|
|
|
|
|
authentificate against Cyrus: C. |
414
|
|
|
|
|
|
|
|
415
|
|
|
|
|
|
|
If L is I available or the initialization of it fails, |
416
|
|
|
|
|
|
|
this function attempts to authentificate via the C method. |
417
|
|
|
|
|
|
|
|
418
|
|
|
|
|
|
|
Aliases: C, C. |
419
|
|
|
|
|
|
|
|
420
|
|
|
|
|
|
|
=cut |
421
|
|
|
|
|
|
|
|
422
|
|
|
|
|
|
|
sub _encode_base64 { |
423
|
0
|
|
|
0
|
|
|
my $self = shift; |
424
|
|
|
|
|
|
|
|
425
|
0
|
0
|
|
|
|
|
unless(defined &MIME::Base64::encode_base64) { # Automatically load it |
426
|
0
|
|
|
|
|
|
eval { require MIME::Base64; }; |
|
0
|
|
|
|
|
|
|
427
|
0
|
0
|
|
|
|
|
if($@) { |
428
|
0
|
|
|
|
|
|
$self->_set_error('failed to load MIME::Base64: ' . $@); |
429
|
0
|
|
|
|
|
|
return undef; |
430
|
|
|
|
|
|
|
} |
431
|
|
|
|
|
|
|
} |
432
|
|
|
|
|
|
|
|
433
|
0
|
|
|
|
|
|
my $r = &MIME::Base64::encode_base64; |
434
|
0
|
0
|
|
|
|
|
$r and $r =~ s/[\s\r\n]+$//s; |
435
|
0
|
|
|
|
|
|
return $r; |
436
|
|
|
|
|
|
|
} |
437
|
|
|
|
|
|
|
sub auth { |
438
|
0
|
|
|
0
|
1
|
|
my ($self, $username, $password, $authname) = @_; |
439
|
|
|
|
|
|
|
|
440
|
0
|
0
|
|
|
|
|
if(my $mech = $self->{capabilities}{sasl}) { |
441
|
|
|
|
|
|
|
# If the server does not announce SASL, we try PLAIN anyway |
442
|
0
|
|
|
|
|
|
my $doSASL = 1; |
443
|
0
|
0
|
|
|
|
|
unless(defined &Authen::SASL::new) { # Automatically load it |
444
|
0
|
|
|
|
|
|
eval { require Authen::SASL; }; |
|
0
|
|
|
|
|
|
|
445
|
0
|
0
|
|
|
|
|
if($@) { |
446
|
0
|
|
|
|
|
|
$self->_set_error("failed to load Authen::SASL: $@\nFallback to PLAIN\n"); |
447
|
0
|
|
|
|
|
|
$doSASL = undef; |
448
|
|
|
|
|
|
|
} |
449
|
|
|
|
|
|
|
} |
450
|
0
|
0
|
|
|
|
|
if($doSASL) { |
451
|
0
|
|
|
|
|
|
my $sasl; |
452
|
0
|
0
|
0
|
|
|
|
if(ref($username) && UNIVERSAL::isa($username, 'Authen::SASL')) { |
453
|
0
|
|
|
|
|
|
$sasl = $username; |
454
|
|
|
|
|
|
|
# $sasl->mechanism($mech); |
455
|
|
|
|
|
|
|
} else { |
456
|
0
|
0
|
|
|
|
|
unless(length $username) { |
457
|
0
|
|
|
|
|
|
$self->_set_error("need username or Authen::SASL object"); |
458
|
0
|
|
|
|
|
|
return undef; |
459
|
|
|
|
|
|
|
} |
460
|
0
|
0
|
|
|
|
|
unless(defined $authname) { |
461
|
0
|
|
|
|
|
|
$authname = $username; |
462
|
|
|
|
|
|
|
} |
463
|
|
|
|
|
|
|
# for unknown reason to pass in a space |
464
|
|
|
|
|
|
|
# separated string leads to the problem |
465
|
|
|
|
|
|
|
# that $client->mechnism returns the same |
466
|
|
|
|
|
|
|
# string, but ought to return the _used_ |
467
|
|
|
|
|
|
|
# mechnism only therefore, we use the |
468
|
|
|
|
|
|
|
# first one of the list |
469
|
|
|
|
|
|
|
# 2008-04-25 ska |
470
|
0
|
|
|
|
|
|
$mech =~ s/\s.*//; |
471
|
|
|
|
|
|
|
# $mech = "LOGIN"; |
472
|
0
|
|
|
|
|
|
$sasl = Authen::SASL->new(mechanism=> "".$mech, # without "". the behaviour is funny |
473
|
|
|
|
|
|
|
callback => { user => $username, |
474
|
|
|
|
|
|
|
pass => $password, |
475
|
|
|
|
|
|
|
password => $password, # needed it to work properly |
476
|
|
|
|
|
|
|
authname => $authname, |
477
|
|
|
|
|
|
|
} |
478
|
|
|
|
|
|
|
); |
479
|
|
|
|
|
|
|
} |
480
|
|
|
|
|
|
|
|
481
|
|
|
|
|
|
|
# draft-martin-managesieve-08: service := 'sieve' |
482
|
0
|
|
|
|
|
|
my $client = $sasl->client_new('sieve', $self->{host}, 0); |
483
|
|
|
|
|
|
|
# I did understood the documentation that way that |
484
|
|
|
|
|
|
|
# 'undef' means error, this is wrong. client_start() returns |
485
|
|
|
|
|
|
|
# undef for no initial client response. |
486
|
0
|
|
|
|
|
|
my $msg = $client->client_start; |
487
|
0
|
0
|
|
|
|
|
if($client->mechanism) { |
488
|
0
|
0
|
|
|
|
|
if($msg) { |
489
|
|
|
|
|
|
|
return undef |
490
|
0
|
0
|
|
|
|
|
unless defined($msg = $self->_encode_base64($msg,'')); |
491
|
0
|
|
|
|
|
|
$msg = ' "' . $msg . '"'; |
492
|
|
|
|
|
|
|
} else { |
493
|
0
|
|
|
|
|
|
$msg = ''; # Empty initial request |
494
|
|
|
|
|
|
|
# Force to load MIME::Encode |
495
|
0
|
0
|
|
|
|
|
return undef unless defined $self->_encode_base64('z'); |
496
|
|
|
|
|
|
|
} |
497
|
|
|
|
|
|
|
# Initial response |
498
|
0
|
0
|
|
|
|
|
$self->_send_command( |
499
|
|
|
|
|
|
|
'Authenticate "'. $client->mechanism . '"' . $msg) |
500
|
|
|
|
|
|
|
or return undef; |
501
|
0
|
|
|
|
|
|
while($msg = $self->_token()) { |
502
|
0
|
0
|
|
|
|
|
if(ref($msg)) { # end of command received OK|NO |
503
|
0
|
0
|
|
|
|
|
next if $msg->[0] eq "\n"; #CRLF is a token |
504
|
0
|
|
|
|
|
|
$msg = $self->ok([ $msg ]); |
505
|
0
|
|
|
|
|
|
last; |
506
|
|
|
|
|
|
|
} |
507
|
|
|
|
|
|
|
# MIME::Base64 is definitely loaded here |
508
|
|
|
|
|
|
|
$self->_write( |
509
|
0
|
|
|
|
|
|
'"' . $self->_encode_base64( |
510
|
|
|
|
|
|
|
$client->client_step( |
511
|
|
|
|
|
|
|
MIME::Base64::decode_base64($msg) |
512
|
|
|
|
|
|
|
), '' |
513
|
|
|
|
|
|
|
) . "\"\r\n" |
514
|
|
|
|
|
|
|
); |
515
|
|
|
|
|
|
|
} |
516
|
|
|
|
|
|
|
|
517
|
0
|
0
|
|
|
|
|
return $msg if $msg; |
518
|
0
|
|
|
|
|
|
$self->_set_error('SASL authentification failed'); |
519
|
0
|
|
|
|
|
|
return undef; |
520
|
|
|
|
|
|
|
} |
521
|
0
|
|
|
|
|
|
$self->_set_error("start of SASL failed"); |
522
|
|
|
|
|
|
|
# Circumvent SASL problems by falling back to plain PLAIN |
523
|
|
|
|
|
|
|
} |
524
|
|
|
|
|
|
|
} |
525
|
|
|
|
|
|
|
|
526
|
0
|
|
|
|
|
|
my $r = $self->_encode_base64( |
527
|
|
|
|
|
|
|
join("\0", ($username, $username, $password)) |
528
|
|
|
|
|
|
|
, ''); |
529
|
0
|
0
|
|
|
|
|
return undef unless defined $r; |
530
|
0
|
|
|
|
|
|
return $self->ok($self->_command('Authenticate "PLAIN" "'.$r.'"')); |
531
|
|
|
|
|
|
|
} |
532
|
0
|
|
|
0
|
0
|
|
sub login { goto &auth; } |
533
|
0
|
|
|
0
|
0
|
|
sub authentificate { goto &auth; } |
534
|
|
|
|
|
|
|
|
535
|
|
|
|
|
|
|
=item logout () |
536
|
|
|
|
|
|
|
|
537
|
|
|
|
|
|
|
Sends the C command to the server and closes the |
538
|
|
|
|
|
|
|
connection to the server. |
539
|
|
|
|
|
|
|
|
540
|
|
|
|
|
|
|
Aliases: C, C. |
541
|
|
|
|
|
|
|
|
542
|
|
|
|
|
|
|
=cut |
543
|
|
|
|
|
|
|
|
544
|
|
|
|
|
|
|
sub logout { |
545
|
0
|
|
|
0
|
1
|
|
my ($self) = @_; |
546
|
|
|
|
|
|
|
|
547
|
0
|
0
|
|
|
|
|
return 1 unless $self->{fh}; |
548
|
0
|
|
|
|
|
|
my $rc = $self->_command("LOGOUT"); |
549
|
0
|
|
|
|
|
|
$self->close(); |
550
|
0
|
|
|
|
|
|
return $self->ok($rc, 'bye'); |
551
|
|
|
|
|
|
|
} |
552
|
0
|
|
|
0
|
0
|
|
sub quit { goto &logout; } |
553
|
0
|
|
|
0
|
0
|
|
sub bye { goto &logout; } |
554
|
|
|
|
|
|
|
|
555
|
|
|
|
|
|
|
=item host () |
556
|
|
|
|
|
|
|
|
557
|
|
|
|
|
|
|
Returns the remote host of the connection. |
558
|
|
|
|
|
|
|
|
559
|
|
|
|
|
|
|
=cut |
560
|
|
|
|
|
|
|
|
561
|
|
|
|
|
|
|
sub host { |
562
|
0
|
|
|
0
|
1
|
|
my ($self) = @_; |
563
|
|
|
|
|
|
|
|
564
|
0
|
|
|
|
|
|
return $self->{host}; |
565
|
|
|
|
|
|
|
} |
566
|
|
|
|
|
|
|
|
567
|
|
|
|
|
|
|
=item capabilities ([reget]) |
568
|
|
|
|
|
|
|
|
569
|
|
|
|
|
|
|
Returns the capabilities as HASH ref, e.g.: |
570
|
|
|
|
|
|
|
|
571
|
|
|
|
|
|
|
{ |
572
|
|
|
|
|
|
|
'starttls' => 1, |
573
|
|
|
|
|
|
|
'sasl' => 'PLAIN LOGIN', |
574
|
|
|
|
|
|
|
'implementation' => 'dovecot', |
575
|
|
|
|
|
|
|
'sieve' => 'fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex' |
576
|
|
|
|
|
|
|
}; |
577
|
|
|
|
|
|
|
|
578
|
|
|
|
|
|
|
If the argument C is specified and is boolean C, |
579
|
|
|
|
|
|
|
the capabilities are reaquired from the server using |
580
|
|
|
|
|
|
|
the I command. |
581
|
|
|
|
|
|
|
Note: The initial capabilities may be different from the set |
582
|
|
|
|
|
|
|
acquired later. |
583
|
|
|
|
|
|
|
|
584
|
|
|
|
|
|
|
=cut |
585
|
|
|
|
|
|
|
|
586
|
|
|
|
|
|
|
sub capabilities { |
587
|
0
|
|
|
0
|
1
|
|
my ($self, $reget) = @_; |
588
|
|
|
|
|
|
|
|
589
|
0
|
0
|
|
|
|
|
if($reget) { |
590
|
0
|
0
|
|
|
|
|
my $cap = $self->_command("CAPABILITY") or return undef; |
591
|
0
|
0
|
|
|
|
|
return undef unless $self->ok($cap); |
592
|
0
|
|
|
|
|
|
$self->_decodeCap($cap); |
593
|
|
|
|
|
|
|
} |
594
|
0
|
|
|
|
|
|
return $self->{capabilities}; |
595
|
|
|
|
|
|
|
} |
596
|
|
|
|
|
|
|
|
597
|
|
|
|
|
|
|
=item havespace (NAME, SIZE) |
598
|
|
|
|
|
|
|
|
599
|
|
|
|
|
|
|
Return whether or not a script with the specified size (and name) |
600
|
|
|
|
|
|
|
might fit into the space of the user on the server. |
601
|
|
|
|
|
|
|
|
602
|
|
|
|
|
|
|
Due to various reasons, the result of this function is not very |
603
|
|
|
|
|
|
|
reliable, because in the meantime lots of changes may take place |
604
|
|
|
|
|
|
|
on the server. |
605
|
|
|
|
|
|
|
|
606
|
|
|
|
|
|
|
=cut |
607
|
|
|
|
|
|
|
|
608
|
|
|
|
|
|
|
sub havespace { |
609
|
0
|
|
|
0
|
1
|
|
my ($self, $name, $size) = @_; |
610
|
|
|
|
|
|
|
|
611
|
0
|
0
|
|
|
|
|
unless($size =~ /\A\d+\Z/) { |
612
|
0
|
|
|
|
|
|
$self->_set_error("size is not numeric: $size"); |
613
|
0
|
|
|
|
|
|
return undef; |
614
|
|
|
|
|
|
|
} |
615
|
0
|
0
|
|
|
|
|
return undef unless $name = $self->_chkName($name); |
616
|
0
|
|
|
|
|
|
return $self->ok($self->_command("HAVESPACE $name $size")); |
617
|
|
|
|
|
|
|
} |
618
|
|
|
|
|
|
|
|
619
|
|
|
|
|
|
|
=item putscript (NAME, SCRIPT) |
620
|
|
|
|
|
|
|
|
621
|
|
|
|
|
|
|
Stores the C |