<?php
/** vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
// +----------------------------------------------------------------------+
// | PHP Version 5 and 7                                                  |
// +----------------------------------------------------------------------+
// | Copyright (c) 1997-2021 Jon Parise and Chuck Hagenbuch               |
// | All rights reserved.                                                 |
// |                                                                      |
// | Redistribution and use in source and binary forms, with or without   |
// | modification, are permitted provided that the following conditions   |
// | are met:                                                             |
// |                                                                      |
// | 1. Redistributions of source code must retain the above copyright    |
// |    notice, this list of conditions and the following disclaimer.     |
// |                                                                      |
// | 2. Redistributions in binary form must reproduce the above copyright |
// |    notice, this list of conditions and the following disclaimer in   |
// |    the documentation and/or other materials provided with the        |
// |    distribution.                                                     |
// |                                                                      |
// | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS  |
// | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT    |
// | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS    |
// | FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE       |
// | COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
// | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
// | BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;     |
// | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER     |
// | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT   |
// | LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN    |
// | ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE      |
// | POSSIBILITY OF SUCH DAMAGE.                                          |
// +----------------------------------------------------------------------+
// | Authors: Chuck Hagenbuch <chuck@horde.org>                           |
// |          Jon Parise <jon@php.net>                                    |
// |          Damian Alejandro Fernandez Sosa <damlists@cnba.uba.ar>      |
// +----------------------------------------------------------------------+

require_once 'PEAR.php';
require_once 'Net/Socket.php';

/**
 * Provides an implementation of the SMTP protocol using PEAR's
 * Net_Socket class.
 *
 * @package Net_SMTP
 * @author  Chuck Hagenbuch <chuck@horde.org>
 * @author  Jon Parise <jon@php.net>
 * @author  Damian Alejandro Fernandez Sosa <damlists@cnba.uba.ar>
 * @license http://opensource.org/licenses/bsd-license.php BSD-2-Clause
 *
 * @example basic.php A basic implementation of the Net_SMTP package.
 */
class Net_SMTP
{
    /**
     * The server to connect to.
     * @var string
     */
    public $host = 'localhost';

    /**
     * The port to connect to.
     * @var int
     */
    public $port = 25;

    /**
     * The value to give when sending EHLO or HELO.
     * @var string
     */
    public $localhost = 'localhost';

    /**
     * List of supported authentication methods, in preferential order.
     * @var array
     */
    public $auth_methods = array();

    /**
     * Use SMTP command pipelining (specified in RFC 2920) if the SMTP
     * server supports it.
     *
     * When pipeling is enabled, rcptTo(), mailFrom(), sendFrom(),
     * somlFrom() and samlFrom() do not wait for a response from the
     * SMTP server but return immediately.
     *
     * @var bool
     */
    public $pipelining = false;

    /**
     * Number of pipelined commands.
     * @var int
     */
    protected $pipelined_commands = 0;

    /**
     * Should debugging output be enabled?
     * @var boolean
     */
    protected $debug = false;

    /**
     * Debug output handler.
     * @var callback
     */
    protected $debug_handler = null;

    /**
     * The socket resource being used to connect to the SMTP server.
     * @var resource
     */
    protected $socket = null;

    /**
     * Array of socket options that will be passed to Net_Socket::connect().
     * @see stream_context_create()
     * @var array
     */
    protected $socket_options = null;

    /**
     * The socket I/O timeout value in seconds.
     * @var int
     */
    protected $timeout = 0;

    /**
     * The most recent server response code.
     * @var int
     */
    protected $code = -1;

    /**
     * The most recent server response arguments.
     * @var array
     */
    protected $arguments = array();

    /**
     * Stores the SMTP server's greeting string.
     * @var string
     */
    protected $greeting = null;

    /**
     * Stores detected features of the SMTP server.
     * @var array
     */
    protected $esmtp = array();

    /**
     * Instantiates a new Net_SMTP object, overriding any defaults
     * with parameters that are passed in.
     *
     * If you have SSL support in PHP, you can connect to a server
     * over SSL using an 'ssl://' prefix:
     *
     *   // 465 is a common smtps port.
     *   $smtp = new Net_SMTP('ssl://mail.host.com', 465);
     *   $smtp->connect();
     *
     * @param string  $host             The server to connect to.
     * @param integer $port             The port to connect to.
     * @param string  $localhost        The value to give when sending EHLO or HELO.
     * @param boolean $pipelining       Use SMTP command pipelining
     * @param integer $timeout          Socket I/O timeout in seconds.
     * @param array   $socket_options   Socket stream_context_create() options.
     * @param string  $gssapi_principal GSSAPI service principal name
     * @param string  $gssapi_cname     GSSAPI credentials cache
     *
     * @since 1.0
     */
    public function __construct($host = null, $port = null, $localhost = null,
        $pipelining = false, $timeout = 0, $socket_options = null,
        $gssapi_principal=null, $gssapi_cname=null
    ) {
        if (isset($host)) {
            $this->host = $host;
        }
        if (isset($port)) {
            $this->port = $port;
        }
        if (isset($localhost)) {
            $this->localhost = $localhost;
        }

        $this->pipelining       = $pipelining;
        $this->socket           = new Net_Socket();
        $this->socket_options   = $socket_options;
        $this->timeout          = $timeout;
        $this->gssapi_principal = $gssapi_principal;
        $this->gssapi_cname     = $gssapi_cname;

        /* If PHP krb5 extension is loaded, we enable GSSAPI method. */
        if (extension_loaded('krb5')) {
            $this->setAuthMethod('GSSAPI', array($this, 'authGSSAPI'));
        }

        /* Include the Auth_SASL package.  If the package is available, we
         * enable the authentication methods that depend upon it. */
        if (@include_once 'Auth/SASL.php') {
            $this->setAuthMethod('CRAM-MD5', array($this, 'authCramMD5'));
            $this->setAuthMethod('DIGEST-MD5', array($this, 'authDigestMD5'));
        }

        /* These standard authentication methods are always available. */
        $this->setAuthMethod('LOGIN', array($this, 'authLogin'), false);
        $this->setAuthMethod('PLAIN', array($this, 'authPlain'), false);
        $this->setAuthMethod('XOAUTH2', array($this, 'authXOAuth2'), false);
    }

    /**
     * Set the socket I/O timeout value in seconds plus microseconds.
     *
     * @param integer $seconds      Timeout value in seconds.
     * @param integer $microseconds Additional value in microseconds.
     *
     * @since 1.5.0
     */
    public function setTimeout($seconds, $microseconds = 0)
    {
        return $this->socket->setTimeout($seconds, $microseconds);
    }

    /**
     * Set the value of the debugging flag.
     *
     * @param boolean  $debug   New value for the debugging flag.
     * @param callback $handler Debug handler callback
     *
     * @since 1.1.0
     */
    public function setDebug($debug, $handler = null)
    {
        $this->debug         = $debug;
        $this->debug_handler = $handler;
    }

    /**
     * Write the given debug text to the current debug output handler.
     *
     * @param string $message Debug mesage text.
     *
     * @since 1.3.3
     */
    protected function debug($message)
    {
        if ($this->debug) {
            if ($this->debug_handler) {
                call_user_func_array(
                    $this->debug_handler, array(&$this, $message)
                );
            } else {
                echo "DEBUG: $message\n";
            }
        }
    }

    /**
     * Send the given string of data to the server.
     *
     * @param string $data The string of data to send.
     *
     * @return mixed The number of bytes that were actually written,
     *               or a PEAR_Error object on failure.
     *
     * @since 1.1.0
     */
    protected function send($data)
    {
        $this->debug("Send: $data");

        $result = $this->socket->write($data);
        if (!$result || PEAR::isError($result)) {
            $msg = $result ? $result->getMessage() : "unknown error";
            return PEAR::raiseError("Failed to write to socket: $msg");
        }

        return $result;
    }

    /**
     * Send a command to the server with an optional string of
     * arguments.  A carriage return / linefeed (CRLF) sequence will
     * be appended to each command string before it is sent to the
     * SMTP server - an error will be thrown if the command string
     * already contains any newline characters. Use send() for
     * commands that must contain newlines.
     *
     * @param string $command The SMTP command to send to the server.
     * @param string $args    A string of optional arguments to append
     *                        to the command.
     *
     * @return mixed The result of the send() call.
     *
     * @since 1.1.0
     */
    protected function put($command, $args = '')
    {
        if (!empty($args)) {
            $command .= ' ' . $args;
        }

        if (strcspn($command, "\r\n") !== strlen($command)) {
            return PEAR::raiseError('Commands cannot contain newlines');
        }

        return $this->send($command . "\r\n");
    }

    /**
     * Read a reply from the SMTP server.  The reply consists of a response
     * code and a response message.
     *
     * @param mixed $valid The set of valid response codes.  These
     *                     may be specified as an array of integer
     *                     values or as a single integer value.
     * @param bool  $later Do not parse the response now, but wait
     *                     until the last command in the pipelined
     *                     command group
     *
     * @return mixed True if the server returned a valid response code or
     *               a PEAR_Error object is an error condition is reached.
     *
     * @since 1.1.0
     *
     * @see getResponse
     */
    protected function parseResponse($valid, $later = false)
    {
        $this->code      = -1;
        $this->arguments = array();

        if ($later) {
            $this->pipelined_commands++;
            return true;
        }

        for ($i = 0; $i <= $this->pipelined_commands; $i++) {
            while ($line = $this->socket->readLine()) {
                $this->debug("Recv: $line");

                /* If we receive an empty line, the connection was closed. */
                if (empty($line)) {
                    $this->disconnect();
                    return PEAR::raiseError('Connection was closed');
                }

                /* Read the code and store the rest in the arguments array. */
                $code = substr($line, 0, 3);
                $this->arguments[] = trim(substr($line, 4));

                /* Check the syntax of the response code. */
                if (is_numeric($code)) {
                    $this->code = (int)$code;
                } else {
                    $this->code = -1;
                    break;
                }

                /* If this is not a multiline response, we're done. */
                if (substr($line, 3, 1) != '-') {
                    break;
                }
            }
        }

        $this->pipelined_commands = 0;

        /* Compare the server's response code with the valid code/codes. */
        if (is_int($valid) && ($this->code === $valid)) {
            return true;
        } elseif (is_array($valid) && in_array($this->code, $valid, true)) {
            return true;
        }

        return PEAR::raiseError('Invalid response code received from server', $this->code);
    }

    /**
     * Issue an SMTP command and verify its response.
     *
     * @param string $command The SMTP command string or data.
     * @param mixed  $valid   The set of valid response codes. These
     *                        may be specified as an array of integer
     *                        values or as a single integer value.
     *
     * @return mixed True on success or a PEAR_Error object on failure.
     *
     * @since 1.6.0
     */
    public function command($command, $valid)
    {
        if (PEAR::isError($error = $this->put($command))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse($valid))) {
            return $error;
        }

        return true;
    }

    /**
     * Return a 2-tuple containing the last response from the SMTP server.
     *
     * @return array A two-element array: the first element contains the
     *               response code as an integer and the second element
     *               contains the response's arguments as a string.
     *
     * @since 1.1.0
     */
    public function getResponse()
    {
        return array($this->code, join("\n", $this->arguments));
    }

    /**
     * Return the SMTP server's greeting string.
     *
     * @return string A string containing the greeting string, or null if
     *                a greeting has not been received.
     *
     * @since 1.3.3
     */
    public function getGreeting()
    {
        return $this->greeting;
    }

    /**
     * Attempt to connect to the SMTP server.
     *
     * @param int  $timeout    The timeout value (in seconds) for the
     *                         socket connection attempt.
     * @param bool $persistent Should a persistent socket connection
     *                         be used?
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.0
     */
    public function connect($timeout = null, $persistent = false)
    {
        $this->greeting = null;

        $result = $this->socket->connect(
            $this->host, $this->port, $persistent, $timeout, $this->socket_options
        );

        if (PEAR::isError($result)) {
            return PEAR::raiseError(
                'Failed to connect socket: ' . $result->getMessage()
            );
        }

        /*
         * Now that we're connected, reset the socket's timeout value for
         * future I/O operations.  This allows us to have different socket
         * timeout values for the initial connection (our $timeout parameter)
         * and all other socket operations.
         */
        if ($this->timeout > 0) {
            if (PEAR::isError($error = $this->setTimeout($this->timeout))) {
                return $error;
            }
        }

        if (PEAR::isError($error = $this->parseResponse(220))) {
            return $error;
        }

        /* Extract and store a copy of the server's greeting string. */
        list(, $this->greeting) = $this->getResponse();

        if (PEAR::isError($error = $this->negotiate())) {
            return $error;
        }

        return true;
    }

    /**
     * Attempt to disconnect from the SMTP server.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.0
     */
    public function disconnect()
    {
        if (PEAR::isError($error = $this->put('QUIT'))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse(221))) {
            return $error;
        }
        if (PEAR::isError($error = $this->socket->disconnect())) {
            return PEAR::raiseError(
                'Failed to disconnect socket: ' . $error->getMessage()
            );
        }

        return true;
    }

    /**
     * Attempt to send the EHLO command and obtain a list of ESMTP
     * extensions available, and failing that just send HELO.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     *
     * @since 1.1.0
     */
    protected function negotiate()
    {
        if (PEAR::isError($error = $this->put('EHLO', $this->localhost))) {
            return $error;
        }

        if (PEAR::isError($this->parseResponse(250))) {
            /* If the EHLO failed, try the simpler HELO command. */
            if (PEAR::isError($error = $this->put('HELO', $this->localhost))) {
                return $error;
            }
            if (PEAR::isError($this->parseResponse(250))) {
                return PEAR::raiseError('HELO was not accepted', $this->code);
            }

            return true;
        }

        foreach ($this->arguments as $argument) {
            $verb      = strtok($argument, ' ');
            $len       = strlen($verb);
            $arguments = substr($argument, $len + 1, strlen($argument) - $len - 1);
            $this->esmtp[$verb] = $arguments;
        }

        if (!isset($this->esmtp['PIPELINING'])) {
            $this->pipelining = false;
        }

        return true;
    }

    /**
     * Returns the name of the best authentication method that the server
     * has advertised.
     *
     * @return mixed Returns a string containing the name of the best
     *               supported authentication method or a PEAR_Error object
     *               if a failure condition is encountered.
     * @since 1.1.0
     */
    protected function getBestAuthMethod()
    {
        $available_methods = explode(' ', $this->esmtp['AUTH']);

        foreach ($this->auth_methods as $method => $callback) {
            if (in_array($method, $available_methods)) {
                return $method;
            }
        }

        return PEAR::raiseError('No supported authentication methods');
    }
    
    /**
     * Establish STARTTLS Connection.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, true on success, or false if SSL/TLS
     *               isn't available.
     * @since 1.10.0
     */
    public function starttls()
    {
        /* We can only attempt a TLS connection if one has been requested,
         * we're running PHP 5.1.0 or later, have access to the OpenSSL
         * extension, are connected to an SMTP server which supports the
         * STARTTLS extension, and aren't already connected over a secure
         * (SSL) socket connection. */
        if (version_compare(PHP_VERSION, '5.1.0', '>=')
            && extension_loaded('openssl') && isset($this->esmtp['STARTTLS'])
            && strncasecmp($this->host, 'ssl://', 6) !== 0
            ) {
                /* Start the TLS connection attempt. */
                if (PEAR::isError($result = $this->put('STARTTLS'))) {
                    return $result;
                }
                if (PEAR::isError($result = $this->parseResponse(220))) {
                    return $result;
                }
                if (isset($this->socket_options['ssl']['crypto_method'])) {
                    $crypto_method = $this->socket_options['ssl']['crypto_method'];
                } else {
                    /* STREAM_CRYPTO_METHOD_TLS_ANY_CLIENT constant does not exist
                     * and STREAM_CRYPTO_METHOD_SSLv23_CLIENT constant is
                     * inconsistent across PHP versions. */
                    $crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT
                    | @STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT
                    | @STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
                }
                if (PEAR::isError($result = $this->socket->enableCrypto(true, $crypto_method))) {
                    return $result;
                } elseif ($result !== true) {
                    return PEAR::raiseError('STARTTLS failed');
                }
                
                /* Send EHLO again to recieve the AUTH string from the
                 * SMTP server. */
                $this->negotiate();
            } else {
                return false;
            }
            
            return true;
    }
        
    /**
     * Attempt to do SMTP authentication.
     *
     * @param string $uid    The userid to authenticate as.
     * @param string $pwd    The password to authenticate with.
     * @param string $method The requested authentication method.  If none is
     *                       specified, the best supported method will be used.
     * @param bool   $tls    Flag indicating whether or not TLS should be attempted.
     * @param string $authz  An optional authorization identifier.  If specified, this
     *                       identifier will be used as the authorization proxy.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.0
     */
    public function auth($uid, $pwd , $method = '', $tls = true, $authz = '')
    {
        /* We can only attempt a TLS connection if one has been requested,
         * we're running PHP 5.1.0 or later, have access to the OpenSSL
         * extension, are connected to an SMTP server which supports the
         * STARTTLS extension, and aren't already connected over a secure
         * (SSL) socket connection. */
        if ($tls) {
            /* Start the TLS connection attempt. */
            if (PEAR::isError($starttls = $this->starttls())) {
                return $starttls;
            }
        }

        if (empty($this->esmtp['AUTH'])) {
            return PEAR::raiseError('SMTP server does not support authentication');
        }

        /* If no method has been specified, get the name of the best
         * supported method advertised by the SMTP server. */
        if (empty($method)) {
            if (PEAR::isError($method = $this->getBestAuthMethod())) {
                /* Return the PEAR_Error object from _getBestAuthMethod(). */
                return $method;
            }
        } else {
            $method = strtoupper($method);
            if (!array_key_exists($method, $this->auth_methods)) {
                return PEAR::raiseError("$method is not a supported authentication method");
            }
        }

        if (!isset($this->auth_methods[$method])) {
            return PEAR::raiseError("$method is not a supported authentication method");
        }

        if (!is_callable($this->auth_methods[$method], false)) {
            return PEAR::raiseError("$method authentication method cannot be called");
        }

        if (is_array($this->auth_methods[$method])) {
            list($object, $method) = $this->auth_methods[$method];
            $result = $object->{$method}($uid, $pwd, $authz, $this);
        } else {
            $func   = $this->auth_methods[$method];
            $result = $func($uid, $pwd, $authz, $this);
        }

        /* If an error was encountered, return the PEAR_Error object. */
        if (PEAR::isError($result)) {
            return $result;
        }

        return true;
    }

    /**
     * Add a new authentication method.
     *
     * @param string $name     The authentication method name (e.g. 'PLAIN')
     * @param mixed  $callback The authentication callback (given as the name of a
     *                         function or as an (object, method name) array).
     * @param bool   $prepend  Should the new method be prepended to the list of
     *                         available methods?  This is the default behavior,
     *                         giving the new method the highest priority.
     *
     * @return mixed True on success or a PEAR_Error object on failure.
     *
     * @since 1.6.0
     */
    public function setAuthMethod($name, $callback, $prepend = true)
    {
        if (!is_string($name)) {
            return PEAR::raiseError('Method name is not a string');
        }

        if (!is_string($callback) && !is_array($callback)) {
            return PEAR::raiseError('Method callback must be string or array');
        }

        if (is_array($callback)) {
            if (!is_object($callback[0]) || !is_string($callback[1])) {
                return PEAR::raiseError('Bad mMethod callback array');
            }
        }

        if ($prepend) {
            $this->auth_methods = array_merge(
                array($name => $callback), $this->auth_methods
            );
        } else {
            $this->auth_methods[$name] = $callback;
        }

        return true;
    }

    /**
     * Authenticates the user using the DIGEST-MD5 method.
     *
     * @param string $uid   The userid to authenticate as.
     * @param string $pwd   The password to authenticate with.
     * @param string $authz The optional authorization proxy identifier.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.1.0
     */
    protected function authDigestMD5($uid, $pwd, $authz = '')
    {
        if (PEAR::isError($error = $this->put('AUTH', 'DIGEST-MD5'))) {
            return $error;
        }
        /* 334: Continue authentication request */
        if (PEAR::isError($error = $this->parseResponse(334))) {
            /* 503: Error: already authenticated */
            if ($this->code === 503) {
                return true;
            }
            return $error;
        }

        $auth_sasl = new Auth_SASL;
        $digest    = $auth_sasl->factory('digest-md5');
        $challenge = base64_decode($this->arguments[0]);
        $auth_str  = base64_encode(
            $digest->getResponse($uid, $pwd, $challenge, $this->host, "smtp", $authz)
        );

        if (PEAR::isError($error = $this->put($auth_str))) {
            return $error;
        }
        /* 334: Continue authentication request */
        if (PEAR::isError($error = $this->parseResponse(334))) {
            return $error;
        }

        /* We don't use the protocol's third step because SMTP doesn't
         * allow subsequent authentication, so we just silently ignore
         * it. */
        if (PEAR::isError($error = $this->put(''))) {
            return $error;
        }
        /* 235: Authentication successful */
        if (PEAR::isError($error = $this->parseResponse(235))) {
            return $error;
        }
    }

    /**
     * Authenticates the user using the CRAM-MD5 method.
     *
     * @param string $uid   The userid to authenticate as.
     * @param string $pwd   The password to authenticate with.
     * @param string $authz The optional authorization proxy identifier.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.1.0
     */
    protected function authCRAMMD5($uid, $pwd, $authz = '')
    {
        if (PEAR::isError($error = $this->put('AUTH', 'CRAM-MD5'))) {
            return $error;
        }
        /* 334: Continue authentication request */
        if (PEAR::isError($error = $this->parseResponse(334))) {
            /* 503: Error: already authenticated */
            if ($this->code === 503) {
                return true;
            }
            return $error;
        }

        $auth_sasl = new Auth_SASL;
        $challenge = base64_decode($this->arguments[0]);
        $cram      = $auth_sasl->factory('cram-md5');
        $auth_str  = base64_encode($cram->getResponse($uid, $pwd, $challenge));

        if (PEAR::isError($error = $this->put($auth_str))) {
            return $error;
        }

        /* 235: Authentication successful */
        if (PEAR::isError($error = $this->parseResponse(235))) {
            return $error;
        }
    }

    /**
     * Authenticates the user using the LOGIN method.
     *
     * @param string $uid   The userid to authenticate as.
     * @param string $pwd   The password to authenticate with.
     * @param string $authz The optional authorization proxy identifier.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.1.0
     */
    protected function authLogin($uid, $pwd, $authz = '')
    {
        if (PEAR::isError($error = $this->put('AUTH', 'LOGIN'))) {
            return $error;
        }
        /* 334: Continue authentication request */
        if (PEAR::isError($error = $this->parseResponse(334))) {
            /* 503: Error: already authenticated */
            if ($this->code === 503) {
                return true;
            }
            return $error;
        }

        if (PEAR::isError($error = $this->put(base64_encode($uid)))) {
            return $error;
        }
        /* 334: Continue authentication request */
        if (PEAR::isError($error = $this->parseResponse(334))) {
            return $error;
        }

        if (PEAR::isError($error = $this->put(base64_encode($pwd)))) {
            return $error;
        }

        /* 235: Authentication successful */
        if (PEAR::isError($error = $this->parseResponse(235))) {
            return $error;
        }

        return true;
    }

    /**
     * Authenticates the user using the PLAIN method.
     *
     * @param string $uid   The userid to authenticate as.
     * @param string $pwd   The password to authenticate with.
     * @param string $authz The optional authorization proxy identifier.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.1.0
     */
    protected function authPlain($uid, $pwd, $authz = '')
    {
        if (PEAR::isError($error = $this->put('AUTH', 'PLAIN'))) {
            return $error;
        }
        /* 334: Continue authentication request */
        if (PEAR::isError($error = $this->parseResponse(334))) {
            /* 503: Error: already authenticated */
            if ($this->code === 503) {
                return true;
            }
            return $error;
        }

        $auth_str = base64_encode($authz . chr(0) . $uid . chr(0) . $pwd);

        if (PEAR::isError($error = $this->put($auth_str))) {
            return $error;
        }

        /* 235: Authentication successful */
        if (PEAR::isError($error = $this->parseResponse(235))) {
            return $error;
        }

        return true;
    }

     /**
     * Authenticates the user using the GSSAPI method.
     *
     * PHP krb5 extension is required,
     * service principal and credentials cache must be set.
     *
     * @param string $uid   The userid to authenticate as.
     * @param string $pwd   The password to authenticate with.
     * @param string $authz The optional authorization proxy identifier.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     */
    protected function authGSSAPI($uid, $pwd, $authz = '')
    {
        if (PEAR::isError($error = $this->put('AUTH', 'GSSAPI'))) {
            return $error;
        }
        /* 334: Continue authentication request */
        if (PEAR::isError($error = $this->parseResponse(334))) {
            /* 503: Error: already authenticated */
            if ($this->code === 503) {
                return true;
            }
            return $error;
        }

        if (!$this->gssapi_principal) {
            return PEAR::raiseError('No Kerberos service principal set', 2);
        }

        if (!empty($this->gssapi_cname)) {
            putenv('KRB5CCNAME=' . $this->gssapi_cname);
        }

        try {
            $ccache = new KRB5CCache();
            if (!empty($this->gssapi_cname)) {
                $ccache->open($this->gssapi_cname);
            }
            
            $gssapicontext = new GSSAPIContext();
            $gssapicontext->acquireCredentials($ccache);

            $token   = '';
            $success = $gssapicontext->initSecContext($this->gssapi_principal, null, null, null, $token);
            $token   = base64_encode($token);
        }
        catch (Exception $e) {
            return PEAR::raiseError('GSSAPI authentication failed: ' . $e->getMessage());
        }

        if (PEAR::isError($error = $this->put($token))) {
            return $error;
        }

        /* 334: Continue authentication request */
        if (PEAR::isError($error = $this->parseResponse(334))) {
            return $error;
        }

        $response = $this->arguments[0];

        try {
            $challenge = base64_decode($response);
            $gssapicontext->unwrap($challenge, $challenge);
            $gssapicontext->wrap($challenge, $challenge, true);
        }
        catch (Exception $e) {
            return PEAR::raiseError('GSSAPI authentication failed: ' . $e->getMessage());
        }

        if (PEAR::isError($error = $this->put(base64_encode($challenge)))) {
            return $error;
        }

        /* 235: Authentication successful */
        if (PEAR::isError($error = $this->parseResponse(235))) {
            return $error;
        }

        return true;
    }

    /**
     * Authenticates the user using the XOAUTH2 method.
     *
     * @param string $uid   The userid to authenticate as.
     * @param string $token The access token to authenticate with.
     * @param string $authz The optional authorization proxy identifier.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.9.0
     */
    public function authXOAuth2($uid, $token, $authz, $conn)
    {
        $auth = base64_encode("user=$uid\1auth=$token\1\1");
        if (PEAR::isError($error = $this->put('AUTH', 'XOAUTH2 ' . $auth))) {
            return $error;
        }

        /* 235: Authentication successful or 334: Continue authentication */
        if (PEAR::isError($error = $this->parseResponse([235, 334]))) {
            return $error;
        }

        /* 334: Continue authentication request */
        if ($this->code === 334) {
            /* Send an empty line as response to 334 */
            if (PEAR::isError($error = $this->put(''))) {
                return $error;
            }

            /* Expect 235: Authentication successful */
            if (PEAR::isError($error = $this->parseResponse(235))) {
                return $error;
            }
        }

        return true;
    }

    /**
     * Send the HELO command.
     *
     * @param string $domain The domain name to say we are.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.0
     */
    public function helo($domain)
    {
        if (PEAR::isError($error = $this->put('HELO', $domain))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse(250))) {
            return $error;
        }

        return true;
    }

    /**
     * Return the list of SMTP service extensions advertised by the server.
     *
     * @return array The list of SMTP service extensions.
     * @since 1.3
     */
    public function getServiceExtensions()
    {
        return $this->esmtp;
    }

    /**
     * Send the MAIL FROM: command.
     *
     * @param string $sender The sender (reverse path) to set.
     * @param string $params String containing additional MAIL parameters,
     *                       such as the NOTIFY flags defined by RFC 1891
     *                       or the VERP protocol.
     *
     *                       If $params is an array, only the 'verp' option
     *                       is supported.  If 'verp' is true, the XVERP
     *                       parameter is appended to the MAIL command.
     *                       If the 'verp' value is a string, the full
     *                       XVERP=value parameter is appended.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.0
     */
    public function mailFrom($sender, $params = null)
    {
        $args = "FROM:<$sender>";

        /* Support the deprecated array form of $params. */
        if (is_array($params) && isset($params['verp'])) {
            if ($params['verp'] === true) {
                $args .= ' XVERP';
            } elseif (trim($params['verp'])) {
                $args .= ' XVERP=' . $params['verp'];
            }
        } elseif (is_string($params) && !empty($params)) {
            $args .= ' ' . $params;
        }

        if (PEAR::isError($error = $this->put('MAIL', $args))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) {
            return $error;
        }

        return true;
    }

    /**
     * Send the RCPT TO: command.
     *
     * @param string $recipient The recipient (forward path) to add.
     * @param string $params    String containing additional RCPT parameters,
     *                          such as the NOTIFY flags defined by RFC 1891.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     *
     * @since 1.0
     */
    public function rcptTo($recipient, $params = null)
    {
        $args = "TO:<$recipient>";
        if (is_string($params)) {
            $args .= ' ' . $params;
        }

        if (PEAR::isError($error = $this->put('RCPT', $args))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse(array(250, 251), $this->pipelining))) {
            return $error;
        }

        return true;
    }

    /**
     * Quote the data so that it meets SMTP standards.
     *
     * This is provided as a separate public function to facilitate
     * easier overloading for the cases where it is desirable to
     * customize the quoting behavior.
     *
     * @param string &$data The message text to quote. The string must be passed
     *                      by reference, and the text will be modified in place.
     *
     * @since 1.2
     */
    public function quotedata(&$data)
    {
        /* Because a single leading period (.) signifies an end to the
         * data, legitimate leading periods need to be "doubled" ('..'). */
        $data = preg_replace('/^\./m', '..', $data);

        /* Change Unix (\n) and Mac (\r) linefeeds into CRLF's (\r\n). */
        $data = preg_replace('/(?:\r\n|\n|\r(?!\n))/', "\r\n", $data);
    }

    /**
     * Send the DATA command.
     *
     * @param mixed  $data    The message data, either as a string or an open
     *                        file resource.
     * @param string $headers The message headers.  If $headers is provided,
     *                        $data is assumed to contain only body data.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.0
     */
    public function data($data, $headers = null)
    {
        /* Verify that $data is a supported type. */
        if (!is_string($data) && !is_resource($data)) {
            return PEAR::raiseError('Expected a string or file resource');
        }

        /* Start by considering the size of the optional headers string.  We
         * also account for the addition 4 character "\r\n\r\n" separator
         * sequence. */
        $size = $headers_size = (is_null($headers)) ? 0 : strlen($headers) + 4;

        if (is_resource($data)) {
            $stat = fstat($data);
            if ($stat === false) {
                return PEAR::raiseError('Failed to get file size');
            }
            $size += $stat['size'];
        } else {
            $size += strlen($data);
        }

        /* RFC 1870, section 3, subsection 3 states "a value of zero indicates
         * that no fixed maximum message size is in force".  Furthermore, it
         * says that if "the parameter is omitted no information is conveyed
         * about the server's fixed maximum message size". */
        $limit = (isset($this->esmtp['SIZE'])) ? $this->esmtp['SIZE'] : 0;
        if ($limit > 0 && $size >= $limit) {
            return PEAR::raiseError('Message size exceeds server limit');
        }

        /* Initiate the DATA command. */
        if (PEAR::isError($error = $this->put('DATA'))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse(354))) {
            return $error;
        }

        /* If we have a separate headers string, send it first. */
        if (!is_null($headers)) {
            $this->quotedata($headers);
            if (PEAR::isError($result = $this->send($headers . "\r\n\r\n"))) {
                return $result;
            }

            /* Subtract the headers size now that they've been sent. */
            $size -= $headers_size;
        }

        /* Now we can send the message body data. */
        if (is_resource($data)) {
            /* Stream the contents of the file resource out over our socket
             * connection, line by line.  Each line must be run through the
             * quoting routine. */
            while (strlen($line = fread($data, 8192)) > 0) {
                /* If the last character is an newline, we need to grab the
                 * next character to check to see if it is a period. */
                while (!feof($data)) {
                    $char = fread($data, 1);
                    $line .= $char;
                    if ($char != "\n") {
                        break;
                    }
                }
                $this->quotedata($line);
                if (PEAR::isError($result = $this->send($line))) {
                    return $result;
                }
            }

             $last = $line;
        } else {
            /*
             * Break up the data by sending one chunk (up to 512k) at a time.
             * This approach reduces our peak memory usage.
             */
            for ($offset = 0; $offset < $size;) {
                $end = $offset + 512000;

                /*
                 * Ensure we don't read beyond our data size or span multiple
                 * lines.  quotedata() can't properly handle character data
                 * that's split across two line break boundaries.
                 */
                if ($end >= $size) {
                    $end = $size;
                } else {
                    for (; $end < $size; $end++) {
                        if ($data[$end] != "\n") {
                            break;
                        }
                    }
                }

                /* Extract our chunk and run it through the quoting routine. */
                $chunk = substr($data, $offset, $end - $offset);
                $this->quotedata($chunk);

                /* If we run into a problem along the way, abort. */
                if (PEAR::isError($result = $this->send($chunk))) {
                    return $result;
                }

                /* Advance the offset to the end of this chunk. */
                $offset = $end;
            }

            $last = $chunk;
        }

        /* Don't add another CRLF sequence if it's already in the data */
        $terminator = (substr($last, -2) == "\r\n" ? '' : "\r\n") . ".\r\n";

        /* Finally, send the DATA terminator sequence. */
        if (PEAR::isError($result = $this->send($terminator))) {
            return $result;
        }

        /* Verify that the data was successfully received by the server. */
        if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) {
            return $error;
        }

        return true;
    }

    /**
     * Send the SEND FROM: command.
     *
     * @param string $path The reverse path to send.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.2.6
     */
    public function sendFrom($path)
    {
        if (PEAR::isError($error = $this->put('SEND', "FROM:<$path>"))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) {
            return $error;
        }

        return true;
    }

    /**
     * Send the SOML FROM: command.
     *
     * @param string $path The reverse path to send.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.2.6
     */
    public function somlFrom($path)
    {
        if (PEAR::isError($error = $this->put('SOML', "FROM:<$path>"))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) {
            return $error;
        }

        return true;
    }

    /**
     * Send the SAML FROM: command.
     *
     * @param string $path The reverse path to send.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.2.6
     */
    public function samlFrom($path)
    {
        if (PEAR::isError($error = $this->put('SAML', "FROM:<$path>"))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) {
            return $error;
        }

        return true;
    }

    /**
     * Send the RSET command.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since  1.0
     */
    public function rset()
    {
        if (PEAR::isError($error = $this->put('RSET'))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) {
            return $error;
        }

        return true;
    }

    /**
     * Send the VRFY command.
     *
     * @param string $string The string to verify
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.0
     */
    public function vrfy($string)
    {
        /* Note: 251 is also a valid response code */
        if (PEAR::isError($error = $this->put('VRFY', $string))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse(array(250, 252)))) {
            return $error;
        }

        return true;
    }

    /**
     * Send the NOOP command.
     *
     * @return mixed Returns a PEAR_Error with an error message on any
     *               kind of failure, or true on success.
     * @since 1.0
     */
    public function noop()
    {
        if (PEAR::isError($error = $this->put('NOOP'))) {
            return $error;
        }
        if (PEAR::isError($error = $this->parseResponse(250))) {
            return $error;
        }

        return true;
    }

    /**
     * Backwards-compatibility method.  identifySender()'s functionality is
     * now handled internally.
     *
     * @return boolean This method always return true.
     *
     * @since 1.0
     */
    public function identifySender()
    {
        return true;
    }
}