External Libraries: Upgrade PHPMailer to version 6.9.2.

This is a maintenance release with minor bug fixes.

References:
* [https://github.com/PHPMailer/PHPMailer/releases/tag/v6.9.2 PHPMailer 6.9.2 release notes]
* [https://github.com/PHPMailer/PHPMailer/compare/v6.9.1...v6.9.2 Full list of changes in PHPMailer 6.9.2]

Follow-up to [50628], [50799], [51169], [51634], [51635], [52252], [52749], [52811], [53500], [53535], [53917], [54427], [54937], [55557], [56484], [57137].

Props ayeshrajans.
Fixes #62206.
Built from https://develop.svn.wordpress.org/trunk@59246


git-svn-id: http://core.svn.wordpress.org/trunk@58638 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2024-10-17 11:31:12 +00:00
parent cc5e9ffb43
commit bd1a653f42
4 changed files with 52 additions and 44 deletions

View File

@ -13,7 +13,7 @@
* @copyright 2012 - 2020 Marcus Bointon * @copyright 2012 - 2020 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski * @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost * @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License * @license https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html GNU Lesser General Public License
* @note This program is distributed in the hope that it will be useful - WITHOUT * @note This program is distributed in the hope that it will be useful - WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. * FITNESS FOR A PARTICULAR PURPOSE.

View File

@ -13,7 +13,7 @@
* @copyright 2012 - 2020 Marcus Bointon * @copyright 2012 - 2020 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski * @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost * @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License * @license https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html GNU Lesser General Public License
* @note This program is distributed in the hope that it will be useful - WITHOUT * @note This program is distributed in the hope that it will be useful - WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. * FITNESS FOR A PARTICULAR PURPOSE.
@ -152,8 +152,7 @@ class PHPMailer
* Only supported in simple alt or alt_inline message types * Only supported in simple alt or alt_inline message types
* To generate iCal event structures, use classes like EasyPeasyICS or iCalcreator. * To generate iCal event structures, use classes like EasyPeasyICS or iCalcreator.
* *
* @see http://sprain.ch/blog/downloads/php-class-easypeasyics-create-ical-files-with-php/ * @see https://kigkonsult.se/iCalcreator/
* @see http://kigkonsult.se/iCalcreator/
* *
* @var string * @var string
*/ */
@ -358,7 +357,7 @@ class PHPMailer
public $AuthType = ''; public $AuthType = '';
/** /**
* SMTP SMTPXClient command attibutes * SMTP SMTPXClient command attributes
* *
* @var array * @var array
*/ */
@ -468,7 +467,7 @@ class PHPMailer
* Only applicable when sending via SMTP. * Only applicable when sending via SMTP.
* *
* @see https://en.wikipedia.org/wiki/Variable_envelope_return_path * @see https://en.wikipedia.org/wiki/Variable_envelope_return_path
* @see http://www.postfix.org/VERP_README.html Postfix VERP info * @see https://www.postfix.org/VERP_README.html Postfix VERP info
* *
* @var bool * @var bool
*/ */
@ -551,10 +550,10 @@ class PHPMailer
* The function that handles the result of the send email action. * The function that handles the result of the send email action.
* It is called out by send() for each email sent. * It is called out by send() for each email sent.
* *
* Value can be any php callable: http://www.php.net/is_callable * Value can be any php callable: https://www.php.net/is_callable
* *
* Parameters: * Parameters:
* bool $result result of the send action * bool $result result of the send action
* array $to email addresses of the recipients * array $to email addresses of the recipients
* array $cc cc email addresses * array $cc cc email addresses
* array $bcc bcc email addresses * array $bcc bcc email addresses
@ -757,7 +756,7 @@ class PHPMailer
* *
* @var string * @var string
*/ */
const VERSION = '6.9.1'; const VERSION = '6.9.2';
/** /**
* Error severity: message only, continue processing. * Error severity: message only, continue processing.
@ -903,7 +902,7 @@ class PHPMailer
} }
//Is this a PSR-3 logger? //Is this a PSR-3 logger?
if ($this->Debugoutput instanceof \Psr\Log\LoggerInterface) { if ($this->Debugoutput instanceof \Psr\Log\LoggerInterface) {
$this->Debugoutput->debug($str); $this->Debugoutput->debug(rtrim($str, "\r\n"));
return; return;
} }
@ -1072,7 +1071,7 @@ class PHPMailer
* be modified after calling this function), addition of such addresses is delayed until send(). * be modified after calling this function), addition of such addresses is delayed until send().
* Addresses that have been added already return false, but do not throw exceptions. * Addresses that have been added already return false, but do not throw exceptions.
* *
* @param string $kind One of 'to', 'cc', 'bcc', or 'ReplyTo' * @param string $kind One of 'to', 'cc', 'bcc', or 'Reply-To'
* @param string $address The email address * @param string $address The email address
* @param string $name An optional username associated with the address * @param string $name An optional username associated with the address
* *
@ -1212,7 +1211,7 @@ class PHPMailer
* Uses the imap_rfc822_parse_adrlist function if the IMAP extension is available. * Uses the imap_rfc822_parse_adrlist function if the IMAP extension is available.
* Note that quotes in the name part are removed. * Note that quotes in the name part are removed.
* *
* @see http://www.andrew.cmu.edu/user/agreen1/testing/mrbs/web/Mail/RFC822.php A more careful implementation * @see https://www.andrew.cmu.edu/user/agreen1/testing/mrbs/web/Mail/RFC822.php A more careful implementation
* *
* @param string $addrstr The address list string * @param string $addrstr The address list string
* @param bool $useimap Whether to use the IMAP extension to parse the list * @param bool $useimap Whether to use the IMAP extension to parse the list
@ -1407,7 +1406,6 @@ class PHPMailer
* * IPv6 literals: 'first.last@[IPv6:a1::]' * * IPv6 literals: 'first.last@[IPv6:a1::]'
* Not all of these will necessarily work for sending! * Not all of these will necessarily work for sending!
* *
* @see http://squiloople.com/2009/12/20/email-address-validation/
* @copyright 2009-2010 Michael Rushton * @copyright 2009-2010 Michael Rushton
* Feel free to use and redistribute this code. But please keep this copyright notice. * Feel free to use and redistribute this code. But please keep this copyright notice.
*/ */
@ -1736,9 +1734,8 @@ class PHPMailer
//This sets the SMTP envelope sender which gets turned into a return-path header by the receiver //This sets the SMTP envelope sender which gets turned into a return-path header by the receiver
//A space after `-f` is optional, but there is a long history of its presence //A space after `-f` is optional, but there is a long history of its presence
//causing problems, so we don't use one //causing problems, so we don't use one
//Exim docs: http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html //Exim docs: https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html
//Sendmail docs: http://www.sendmail.org/~ca/email/man/sendmail.html //Sendmail docs: https://www.sendmail.org/~ca/email/man/sendmail.html
//Qmail docs: http://www.qmail.org/man/man8/qmail-inject.html
//Example problem: https://www.drupal.org/node/1057954 //Example problem: https://www.drupal.org/node/1057954
//PHP 5.6 workaround //PHP 5.6 workaround
@ -1903,7 +1900,7 @@ class PHPMailer
/** /**
* Send mail using the PHP mail() function. * Send mail using the PHP mail() function.
* *
* @see http://www.php.net/manual/en/book.mail.php * @see https://www.php.net/manual/en/book.mail.php
* *
* @param string $header The message headers * @param string $header The message headers
* @param string $body The message body * @param string $body The message body
@ -1933,9 +1930,8 @@ class PHPMailer
//This sets the SMTP envelope sender which gets turned into a return-path header by the receiver //This sets the SMTP envelope sender which gets turned into a return-path header by the receiver
//A space after `-f` is optional, but there is a long history of its presence //A space after `-f` is optional, but there is a long history of its presence
//causing problems, so we don't use one //causing problems, so we don't use one
//Exim docs: http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html //Exim docs: https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html
//Sendmail docs: http://www.sendmail.org/~ca/email/man/sendmail.html //Sendmail docs: https://www.sendmail.org/~ca/email/man/sendmail.html
//Qmail docs: http://www.qmail.org/man/man8/qmail-inject.html
//Example problem: https://www.drupal.org/node/1057954 //Example problem: https://www.drupal.org/node/1057954
//CVE-2016-10033, CVE-2016-10045: Don't pass -f if characters will be escaped. //CVE-2016-10033, CVE-2016-10045: Don't pass -f if characters will be escaped.
@ -3636,7 +3632,7 @@ class PHPMailer
* without breaking lines within a character. * without breaking lines within a character.
* Adapted from a function by paravoid. * Adapted from a function by paravoid.
* *
* @see http://www.php.net/manual/en/function.mb-encode-mimeheader.php#60283 * @see https://www.php.net/manual/en/function.mb-encode-mimeheader.php#60283
* *
* @param string $str multi-byte text to wrap encode * @param string $str multi-byte text to wrap encode
* @param string $linebreak string to use as linefeed/end-of-line * @param string $linebreak string to use as linefeed/end-of-line
@ -3692,7 +3688,7 @@ class PHPMailer
/** /**
* Encode a string using Q encoding. * Encode a string using Q encoding.
* *
* @see http://tools.ietf.org/html/rfc2047#section-4.2 * @see https://www.rfc-editor.org/rfc/rfc2047#section-4.2
* *
* @param string $str the text to encode * @param string $str the text to encode
* @param string $position Where the text is going to be used, see the RFC for what that means * @param string $position Where the text is going to be used, see the RFC for what that means
@ -4230,7 +4226,7 @@ class PHPMailer
$result = $_SERVER['SERVER_NAME']; $result = $_SERVER['SERVER_NAME'];
} elseif (function_exists('gethostname') && gethostname() !== false) { } elseif (function_exists('gethostname') && gethostname() !== false) {
$result = gethostname(); $result = gethostname();
} elseif (php_uname('n') !== false) { } elseif (php_uname('n') !== '') {
$result = php_uname('n'); $result = php_uname('n');
} }
if (!static::isValidHost($result)) { if (!static::isValidHost($result)) {
@ -4255,7 +4251,7 @@ class PHPMailer
empty($host) empty($host)
|| !is_string($host) || !is_string($host)
|| strlen($host) > 256 || strlen($host) > 256
|| !preg_match('/^([a-zA-Z\d.-]*|\[[a-fA-F\d:]+\])$/', $host) || !preg_match('/^([a-z\d.-]*|\[[a-f\d:]+\])$/i', $host)
) { ) {
return false; return false;
} }
@ -4269,8 +4265,8 @@ class PHPMailer
//Is it a valid IPv4 address? //Is it a valid IPv4 address?
return filter_var($host, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false; return filter_var($host, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false;
} }
//Is it a syntactically valid hostname (when embeded in a URL)? //Is it a syntactically valid hostname (when embedded in a URL)?
return filter_var('http://' . $host, FILTER_VALIDATE_URL) !== false; return filter_var('https://' . $host, FILTER_VALIDATE_URL) !== false;
} }
/** /**
@ -4681,7 +4677,7 @@ class PHPMailer
* Multi-byte-safe pathinfo replacement. * Multi-byte-safe pathinfo replacement.
* Drop-in replacement for pathinfo(), but multibyte- and cross-platform-safe. * Drop-in replacement for pathinfo(), but multibyte- and cross-platform-safe.
* *
* @see http://www.php.net/manual/en/function.pathinfo.php#107461 * @see https://www.php.net/manual/en/function.pathinfo.php#107461
* *
* @param string $path A filename or path, does not need to exist as a file * @param string $path A filename or path, does not need to exist as a file
* @param int|string $options Either a PATHINFO_* constant, * @param int|string $options Either a PATHINFO_* constant,

View File

@ -13,7 +13,7 @@
* @copyright 2012 - 2020 Marcus Bointon * @copyright 2012 - 2020 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski * @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost * @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License * @license https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html GNU Lesser General Public License
* @note This program is distributed in the hope that it will be useful - WITHOUT * @note This program is distributed in the hope that it will be useful - WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. * FITNESS FOR A PARTICULAR PURPOSE.
@ -35,7 +35,7 @@ class SMTP
* *
* @var string * @var string
*/ */
const VERSION = '6.9.1'; const VERSION = '6.9.2';
/** /**
* SMTP line break constant. * SMTP line break constant.
@ -152,8 +152,8 @@ class SMTP
/** /**
* Whether to use VERP. * Whether to use VERP.
* *
* @see http://en.wikipedia.org/wiki/Variable_envelope_return_path * @see https://en.wikipedia.org/wiki/Variable_envelope_return_path
* @see http://www.postfix.org/VERP_README.html Info on VERP * @see https://www.postfix.org/VERP_README.html Info on VERP
* *
* @var bool * @var bool
*/ */
@ -164,7 +164,7 @@ class SMTP
* Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2. * Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2.
* This needs to be quite high to function correctly with hosts using greetdelay as an anti-spam measure. * This needs to be quite high to function correctly with hosts using greetdelay as an anti-spam measure.
* *
* @see http://tools.ietf.org/html/rfc2821#section-4.5.3.2 * @see https://www.rfc-editor.org/rfc/rfc2821#section-4.5.3.2
* *
* @var int * @var int
*/ */
@ -187,12 +187,12 @@ class SMTP
*/ */
protected $smtp_transaction_id_patterns = [ protected $smtp_transaction_id_patterns = [
'exim' => '/[\d]{3} OK id=(.*)/', 'exim' => '/[\d]{3} OK id=(.*)/',
'sendmail' => '/[\d]{3} 2.0.0 (.*) Message/', 'sendmail' => '/[\d]{3} 2\.0\.0 (.*) Message/',
'postfix' => '/[\d]{3} 2.0.0 Ok: queued as (.*)/', 'postfix' => '/[\d]{3} 2\.0\.0 Ok: queued as (.*)/',
'Microsoft_ESMTP' => '/[0-9]{3} 2.[\d].0 (.*)@(?:.*) Queued mail for delivery/', 'Microsoft_ESMTP' => '/[0-9]{3} 2\.[\d]\.0 (.*)@(?:.*) Queued mail for delivery/',
'Amazon_SES' => '/[\d]{3} Ok (.*)/', 'Amazon_SES' => '/[\d]{3} Ok (.*)/',
'SendGrid' => '/[\d]{3} Ok: queued as (.*)/', 'SendGrid' => '/[\d]{3} Ok: queued as (.*)/',
'CampaignMonitor' => '/[\d]{3} 2.0.0 OK:([a-zA-Z\d]{48})/', 'CampaignMonitor' => '/[\d]{3} 2\.0\.0 OK:([a-zA-Z\d]{48})/',
'Haraka' => '/[\d]{3} Message Queued \((.*)\)/', 'Haraka' => '/[\d]{3} Message Queued \((.*)\)/',
'ZoneMTA' => '/[\d]{3} Message queued as (.*)/', 'ZoneMTA' => '/[\d]{3} Message queued as (.*)/',
'Mailjet' => '/[\d]{3} OK queued as (.*)/', 'Mailjet' => '/[\d]{3} OK queued as (.*)/',
@ -280,7 +280,8 @@ class SMTP
} }
//Is this a PSR-3 logger? //Is this a PSR-3 logger?
if ($this->Debugoutput instanceof \Psr\Log\LoggerInterface) { if ($this->Debugoutput instanceof \Psr\Log\LoggerInterface) {
$this->Debugoutput->debug($str); //Remove trailing line breaks potentially added by calls to SMTP::client_send()
$this->Debugoutput->debug(rtrim($str, "\r\n"));
return; return;
} }
@ -293,6 +294,7 @@ class SMTP
switch ($this->Debugoutput) { switch ($this->Debugoutput) {
case 'error_log': case 'error_log':
//Don't output, just log //Don't output, just log
/** @noinspection ForgottenDebugOutputInspection */
error_log($str); error_log($str);
break; break;
case 'html': case 'html':
@ -404,7 +406,9 @@ class SMTP
$errstr = ''; $errstr = '';
if ($streamok) { if ($streamok) {
$socket_context = stream_context_create($options); $socket_context = stream_context_create($options);
set_error_handler([$this, 'errorHandler']); set_error_handler(function () {
call_user_func_array([$this, 'errorHandler'], func_get_args());
});
$connection = stream_socket_client( $connection = stream_socket_client(
$host . ':' . $port, $host . ':' . $port,
$errno, $errno,
@ -419,7 +423,9 @@ class SMTP
'Connection: stream_socket_client not available, falling back to fsockopen', 'Connection: stream_socket_client not available, falling back to fsockopen',
self::DEBUG_CONNECTION self::DEBUG_CONNECTION
); );
set_error_handler([$this, 'errorHandler']); set_error_handler(function () {
call_user_func_array([$this, 'errorHandler'], func_get_args());
});
$connection = fsockopen( $connection = fsockopen(
$host, $host,
$port, $port,
@ -483,7 +489,9 @@ class SMTP
} }
//Begin encrypted connection //Begin encrypted connection
set_error_handler([$this, 'errorHandler']); set_error_handler(function () {
call_user_func_array([$this, 'errorHandler'], func_get_args());
});
$crypto_ok = stream_socket_enable_crypto( $crypto_ok = stream_socket_enable_crypto(
$this->smtp_conn, $this->smtp_conn,
true, true,
@ -648,7 +656,7 @@ class SMTP
} }
//The following borrowed from //The following borrowed from
//http://php.net/manual/en/function.mhash.php#27225 //https://www.php.net/manual/en/function.mhash.php#27225
//RFC 2104 HMAC implementation for php. //RFC 2104 HMAC implementation for php.
//Creates an md5 HMAC. //Creates an md5 HMAC.
@ -1162,7 +1170,9 @@ class SMTP
} else { } else {
$this->edebug('CLIENT -> SERVER: ' . $data, self::DEBUG_CLIENT); $this->edebug('CLIENT -> SERVER: ' . $data, self::DEBUG_CLIENT);
} }
set_error_handler([$this, 'errorHandler']); set_error_handler(function () {
call_user_func_array([$this, 'errorHandler'], func_get_args());
});
$result = fwrite($this->smtp_conn, $data); $result = fwrite($this->smtp_conn, $data);
restore_error_handler(); restore_error_handler();
@ -1265,7 +1275,9 @@ class SMTP
while (is_resource($this->smtp_conn) && !feof($this->smtp_conn)) { while (is_resource($this->smtp_conn) && !feof($this->smtp_conn)) {
//Must pass vars in here as params are by reference //Must pass vars in here as params are by reference
//solution for signals inspired by https://github.com/symfony/symfony/pull/6540 //solution for signals inspired by https://github.com/symfony/symfony/pull/6540
set_error_handler([$this, 'errorHandler']); set_error_handler(function () {
call_user_func_array([$this, 'errorHandler'], func_get_args());
});
$n = stream_select($selR, $selW, $selW, $this->Timelimit); $n = stream_select($selR, $selW, $selW, $this->Timelimit);
restore_error_handler(); restore_error_handler();

View File

@ -16,7 +16,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '6.7-beta3-59245'; $wp_version = '6.7-beta3-59246';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.