CRM-20561 Use composer for Net_SMTP and Net_Socket and patch for TLS and CiviCR…

composer.json

@@ -23,7 +23,9 @@
     "phpoffice/phpword": "^0.13.0",
     "pear/Validate_Finance_CreditCard": "dev-master",
     "civicrm/civicrm-cxn-rpc": "~0.16.12.05",
-    "pear/Auth_SASL": "1.1.0"
+    "pear/Auth_SASL": "1.1.0",
+    "pear/Net_SMTP": "1.6.*",
+    "pear/Net_socket": "1.0.*"
   },
   "repositories": [
     {
@@ -35,12 +37,14 @@
     "post-install-cmd": [
       "bash tools/scripts/composer/dompdf-cleanup.sh",
       "bash tools/scripts/composer/tcpdf-cleanup.sh",
-      "bash tools/scripts/composer/pear-execption-fix.sh"
+      "bash tools/scripts/composer/pear-exception-fix.sh",
+      "bash tools/scripts/composer/net-smtp-fix.sh"
     ],
     "post-update-cmd": [
       "bash tools/scripts/composer/dompdf-cleanup.sh",
       "bash tools/scripts/composer/tcpdf-cleanup.sh",
-      "bash tools/scripts/composer/pear-execption-fix.sh"
+      "bash tools/scripts/composer/pear-exception-fix.sh",
+      "bash tools/scripts/composer/net-smtp-fix.sh"
     ]
   }
 }

tools/scripts/composer/net-smtp-fix.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+
+## Cleanup the vendor tree. The main issue here is that civi Civi is
+## deployed as a module inside a CMS, so all its source-code gets published.
+## Some libraries distribute admin tools and sample files which should not
+## be published.
+##
+## This script should be idempotent -- if you rerun it several times, it
+## should always produce the same post-condition.
+
+## Replace a line in a file
+## This is a bit like 'sed -i', but dumber and more cross-platform.
+
+##############################################################################
+## usage: safe_delete <relpath...>
+function safe_delete() {
+  for file in "$@" ; do
+    if [ -z "$file" ]; then
+      echo "Skip: empty file name"
+    elif [ -e "$file" ]; then
+      rm -rf "$file"
+    fi
+  done
+}
+
+
+##############################################################################
+# Add in CiviCRM custom error message for CRM-8744.
+if ! grep -q 'CRM-8744' vendor/pear/net_smtp/Net/SMTP.php; then
+  patch vendor/pear/net_smtp/Net/SMTP.php < tools/scripts/composer/patches/net-smtp-patch.txt
+fi
+if ! grep -q '@STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT' vendor/pear/net_smtp/Net/SMTP.php; then
+  patch vendor/pear/net_smtp/Net/SMTP.php < tools/scripts/composer/patches/net-smtp-tls-patch.txt
+fi
+if ! grep -q 'function __construct' vendor/pear/net_smtp/Net/SMTP.php; then
+  patch vendor/pear/net_smtp/Net/SMTP.php < tools/scripts/composer/patches/net-smtp-php7-patch.txt
+fi
+if grep -q '&Auth_SASL::factory' vendor/pear/net_smtp/Net/SMTP.php; then
+  patch vendor/pear/net_smtp/Net/SMTP.php < tools/scripts/composer/patches/net-smtp-ref-patch.txt
+fi
+
+safe_delete vendor/pear/net_smtp/{examples,phpdoc.sh,tests}

tools/scripts/composer/patches/net-smtp-patch.txt

@@ -0,0 +1,15 @@
+--- SMTP.php	2017-01-15 05:19:55.000000000 +1100
++++ SMTP.php.new	2017-05-20 09:01:52.832373840 +1000
+@@ -368,8 +368,10 @@
+             return true;
+         }
+
+-        return PEAR::raiseError('Invalid response code received from server',
+-                                $this->_code, PEAR_ERROR_RETURN);
++        // CRM-8744
++        $errorMessage = 'Invalid response code received from SMTP server while sending email.  This is often caused by a misconfiguration in Outbound Email settings. Please verify the settings at Administer CiviCRM >> Global Settings >> Outbound Email (SMTP).';
++        return PEAR::raiseError($errorMessage, $this->_code, PEAR_ERROR_RETURN);
++
+     }
+
+     /**

tools/scripts/composer/patches/net-smtp-php7-patch.txt

@@ -0,0 +1,11 @@
+--- SMTP.php    2017-05-20 11:50:53.716664059 +1000
++++ SMTP.php.new        2017-05-20 12:38:36.271530119 +1000
+@@ -167,7 +167,7 @@
+      * @access  public
+      * @since   1.0
+      */
+-    function Net_SMTP($host = null, $port = null, $localhost = null,
++    function __construct($host = null, $port = null, $localhost = null,
+         $pipelining = false, $timeout = 0, $socket_options = null)
+     {
+         if (isset($host)) {

tools/scripts/composer/patches/net-smtp-ref-patch.txt

@@ -0,0 +1,22 @@
+--- SMTP.php	2017-06-15 20:08:34.696988543 -0700
++++ SMTP.php.new	2017-06-15 20:08:25.951703778 -0700
+@@ -732,7 +732,8 @@
+         }
+
+         $challenge = base64_decode($this->_arguments[0]);
+-        $digest = &Auth_SASL::factory('digest-md5');
++        // CRM-8597
++        $digest = Auth_SASL::factory('digest-md5');
+         $auth_str = base64_encode($digest->getResponse($uid, $pwd, $challenge,
+                                                        $this->host, "smtp",
+                                                        $authz));
+@@ -784,7 +785,8 @@
+         }
+
+         $challenge = base64_decode($this->_arguments[0]);
+-        $cram = &Auth_SASL::factory('cram-md5');
++        // CRM-8597
++        $cram = Auth_SASL::factory('cram-md5');
+         $auth_str = base64_encode($cram->getResponse($uid, $pwd, $challenge));
+
+         if (PEAR::isError($error = $this->_put($auth_str))) {

tools/scripts/composer/patches/net-smtp-tls-patch.txt

@@ -0,0 +1,23 @@
+diff --git a/Net/SMTP.php b/Net/SMTP.php
+index 28eae8c..8f4e92b 100644
+--- a/Net/SMTP.php
++++ b/Net/SMTP.php
+@@ -602,7 +602,17 @@
+             if (PEAR::isError($result = $this->_parseResponse(220))) {
+                 return $result;
+             }
+-            if (PEAR::isError($result = $this->_socket->enableCrypto(true, STREAM_CRYPTO_METHOD_TLS_CLIENT))) {
++            if (isset($this->socket_options['ssl']['crypto_method'])) {
++                $crypto_method = $this->socket_options['ssl']['crypto_method'];
++            } else {
++                /* STREAM_CRYPTO_METHOD_TLS_ANY_CLIENT constant does not exist
++                 * and STREAM_CRYPTO_METHOD_SSLv23_CLIENT constant is
++                 * inconsistent across PHP versions. */
++                $crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT
++                                 | @STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT
++                                 | @STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
++            }
++            if (PEAR::isError($result = $this->socket->enableCrypto(true, $crypto_method))) {
+                 return $result;
+             } elseif ($result !== true) {
+                 return PEAR::raiseError('STARTTLS failed');