External Libraries: Upgrade PHPMailer to version 6.2.0.

For a full list of changes in this update, see the PHPMailer GitHub:
https://github.com/PHPMailer/PHPMailer/compare/v6.1.8...v6.2.0

Props ayeshrajans, jrf.
Reviewed by jrf, SergeyBiryukov.
Merges [49713] to the 5.6 branch.
Fixes #51874.
Built from https://develop.svn.wordpress.org/branches/5.6@49714


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2020-11-30 17:26:08 +00:00
parent 3ccb035e8d
commit 9c416615ce
4 changed files with 79 additions and 52 deletions

View File

@ -1,4 +1,5 @@
<?php
/**
* PHPMailer Exception class.
* PHP Version 5.5.

View File

@ -1,4 +1,5 @@
<?php
/**
* PHPMailer - PHP email creation and transport class.
* PHP Version 5.5.
@ -388,11 +389,11 @@ class PHPMailer
* SMTP class debug output mode.
* Debug output level.
* Options:
* * SMTP::DEBUG_OFF: No output
* * SMTP::DEBUG_CLIENT: Client messages
* * SMTP::DEBUG_SERVER: Client and server messages
* * SMTP::DEBUG_CONNECTION: As SERVER plus connection status
* * SMTP::DEBUG_LOWLEVEL: Noisy, low-level data output, rarely needed
* @see SMTP::DEBUG_OFF: No output
* @see SMTP::DEBUG_CLIENT: Client messages
* @see SMTP::DEBUG_SERVER: Client and server messages
* @see SMTP::DEBUG_CONNECTION: As SERVER plus connection status
* @see SMTP::DEBUG_LOWLEVEL: Noisy, low-level data output, rarely needed
*
* @see SMTP::$do_debug
*
@ -747,7 +748,7 @@ class PHPMailer
*
* @var string
*/
const VERSION = '6.1.8';
const VERSION = '6.2.0';
/**
* Error severity: message only, continue processing.
@ -1185,9 +1186,11 @@ class PHPMailer
//Use this built-in parser if it's available
$list = imap_rfc822_parse_adrlist($addrstr, '');
foreach ($list as $address) {
if (('.SYNTAX-ERROR.' !== $address->host) && static::validateAddress(
$address->mailbox . '@' . $address->host
)) {
if (
('.SYNTAX-ERROR.' !== $address->host) && static::validateAddress(
$address->mailbox . '@' . $address->host
)
) {
$addresses[] = [
'name' => (property_exists($address, 'personal') ? $address->personal : ''),
'address' => $address->mailbox . '@' . $address->host,
@ -1241,7 +1244,8 @@ class PHPMailer
$name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim
// Don't validate now addresses with IDN. Will be done in send().
$pos = strrpos($address, '@');
if ((false === $pos)
if (
(false === $pos)
|| ((!$this->has8bitChars(substr($address, ++$pos)) || !static::idnSupported())
&& !static::validateAddress($address))
) {
@ -1393,7 +1397,8 @@ class PHPMailer
{
// Verify we have required functions, CharSet, and at-sign.
$pos = strrpos($address, '@');
if (!empty($this->CharSet) &&
if (
!empty($this->CharSet) &&
false !== $pos &&
static::idnSupported()
) {
@ -1457,8 +1462,9 @@ class PHPMailer
*/
public function preSend()
{
if ('smtp' === $this->Mailer
|| ('mail' === $this->Mailer && stripos(PHP_OS, 'WIN') === 0)
if (
'smtp' === $this->Mailer
|| ('mail' === $this->Mailer && (PHP_VERSION_ID >= 80000 || stripos(PHP_OS, 'WIN') === 0))
) {
//SMTP mandates RFC-compliant line endings
//and it's also used with mail() on Windows
@ -1468,7 +1474,8 @@ class PHPMailer
static::setLE(PHP_EOL);
}
//Check for buggy PHP versions that add a header with an incorrect line break
if ('mail' === $this->Mailer
if (
'mail' === $this->Mailer
&& ((PHP_VERSION_ID >= 70000 && PHP_VERSION_ID < 70017)
|| (PHP_VERSION_ID >= 70100 && PHP_VERSION_ID < 70103))
&& ini_get('mail.add_x_header') === '1'
@ -1555,7 +1562,8 @@ class PHPMailer
}
// Sign with DKIM if enabled
if (!empty($this->DKIM_domain)
if (
!empty($this->DKIM_domain)
&& !empty($this->DKIM_selector)
&& (!empty($this->DKIM_private_string)
|| (!empty($this->DKIM_private)
@ -1613,7 +1621,7 @@ class PHPMailer
}
} catch (Exception $exc) {
if ($this->Mailer === 'smtp' && $this->SMTPKeepAlive == true) {
$this->smtp->reset();
$this->smtp->reset();
}
$this->setError($exc->getMessage());
$this->edebug($exc->getMessage());
@ -1719,7 +1727,8 @@ class PHPMailer
protected static function isShellSafe($string)
{
// Future-proof
if (escapeshellcmd($string) !== $string
if (
escapeshellcmd($string) !== $string
|| !in_array(escapeshellarg($string), ["'$string'", "\"$string\""])
) {
return false;
@ -1903,7 +1912,7 @@ class PHPMailer
$isSent = true;
}
$callbacks[] = ['issent'=>$isSent, 'to'=>$to[0]];
$callbacks[] = ['issent' => $isSent, 'to' => $to[0]];
}
}
@ -1983,11 +1992,13 @@ class PHPMailer
foreach ($hosts as $hostentry) {
$hostinfo = [];
if (!preg_match(
'/^(?:(ssl|tls):\/\/)?(.+?)(?::(\d+))?$/',
trim($hostentry),
$hostinfo
)) {
if (
!preg_match(
'/^(?:(ssl|tls):\/\/)?(.+?)(?::(\d+))?$/',
trim($hostentry),
$hostinfo
)
) {
$this->edebug($this->lang('invalid_hostentry') . ' ' . trim($hostentry));
// Not a valid host entry
continue;
@ -2056,12 +2067,14 @@ class PHPMailer
// We must resend EHLO after TLS negotiation
$this->smtp->hello($hello);
}
if ($this->SMTPAuth && !$this->smtp->authenticate(
$this->Username,
$this->Password,
$this->AuthType,
$this->oauth
)) {
if (
$this->SMTPAuth && !$this->smtp->authenticate(
$this->Username,
$this->Password,
$this->AuthType,
$this->oauth
)
) {
throw new Exception($this->lang('authenticate'));
}
@ -2119,7 +2132,7 @@ class PHPMailer
'am' => 'hy',
];
if (isset($renamed_langcodes[$langcode])) {
if (array_key_exists($langcode, $renamed_langcodes)) {
$langcode = $renamed_langcodes[$langcode];
}
@ -2428,7 +2441,8 @@ class PHPMailer
}
// sendmail and mail() extract Bcc from the header before sending
if ((
if (
(
'sendmail' === $this->Mailer || 'qmail' === $this->Mailer || 'mail' === $this->Mailer
)
&& count($this->bcc) > 0
@ -3898,7 +3912,8 @@ class PHPMailer
public static function isValidHost($host)
{
//Simple syntax limits
if (empty($host)
if (
empty($host)
|| !is_string($host)
|| strlen($host) > 256
|| !preg_match('/^([a-zA-Z\d.-]*|\[[a-fA-F\d:]+])$/', $host)
@ -4064,7 +4079,8 @@ class PHPMailer
);
continue;
}
if (// Only process relative URLs if a basedir is provided (i.e. no absolute local paths)
if (
// Only process relative URLs if a basedir is provided (i.e. no absolute local paths)
!empty($basedir)
// Ignore URLs containing parent dir traversal (..)
&& (strpos($url, '..') === false)
@ -4086,13 +4102,14 @@ class PHPMailer
if (strlen($directory) > 1 && '/' !== substr($directory, -1)) {
$directory .= '/';
}
if ($this->addEmbeddedImage(
$basedir . $directory . $filename,
$cid,
$filename,
static::ENCODING_BASE64,
static::_mime_types((string) static::mb_pathinfo($filename, PATHINFO_EXTENSION))
)
if (
$this->addEmbeddedImage(
$basedir . $directory . $filename,
$cid,
$filename,
static::ENCODING_BASE64,
static::_mime_types((string) static::mb_pathinfo($filename, PATHINFO_EXTENSION))
)
) {
$message = preg_replace(
'/' . $images[1][$imgindex] . '=["\']' . preg_quote($url, '/') . '["\']/Ui',
@ -4511,11 +4528,15 @@ class PHPMailer
$privKey = openssl_pkey_get_private($privKeyStr);
}
if (openssl_sign($signHeader, $signature, $privKey, 'sha256WithRSAEncryption')) {
openssl_pkey_free($privKey);
if (PHP_MAJOR_VERSION < 8) {
openssl_pkey_free($privKey);
}
return base64_encode($signature);
}
openssl_pkey_free($privKey);
if (PHP_MAJOR_VERSION < 8) {
openssl_pkey_free($privKey);
}
return '';
}

View File

@ -1,4 +1,5 @@
<?php
/**
* PHPMailer RFC821 SMTP email transport class.
* PHP Version 5.5.
@ -34,7 +35,7 @@ class SMTP
*
* @var string
*/
const VERSION = '6.1.8';
const VERSION = '6.2.0';
/**
* SMTP line break constant.
@ -539,11 +540,12 @@ class SMTP
return false;
}
// Send encoded username and password
if (!$this->sendCommand(
'User & Password',
base64_encode("\0" . $username . "\0" . $password),
235
)
if (
!$this->sendCommand(
'User & Password',
base64_encode("\0" . $username . "\0" . $password),
235
)
) {
return false;
}
@ -1086,8 +1088,10 @@ class SMTP
{
//If SMTP transcripts are left enabled, or debug output is posted online
//it can leak credentials, so hide credentials in all but lowest level
if (self::DEBUG_LOWLEVEL > $this->do_debug &&
in_array($command, ['User & Password', 'Username', 'Password'], true)) {
if (
self::DEBUG_LOWLEVEL > $this->do_debug &&
in_array($command, ['User & Password', 'Username', 'Password'], true)
) {
$this->edebug('CLIENT -> SERVER: [credentials hidden]', self::DEBUG_CLIENT);
} else {
$this->edebug('CLIENT -> SERVER: ' . $data, self::DEBUG_CLIENT);
@ -1207,7 +1211,8 @@ class SMTP
self::DEBUG_LOWLEVEL
);
//stream_select returns false when the `select` system call is interrupted by an incoming signal, try the select again
//stream_select returns false when the `select` system call is interrupted
//by an incoming signal, try the select again
if (stripos($message, 'interrupted system call') !== false) {
$this->edebug(
'SMTP -> get_lines(): retrying stream_select',

View File

@ -13,7 +13,7 @@
*
* @global string $wp_version
*/
$wp_version = '5.6-RC1-49712';
$wp_version = '5.6-RC1-49714';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.