- Added support for SASL proxy authentication (#1486691)

git-svn-id: https://svn.roundcube.net/trunk@4133 208e9e7b-5314-0410-a742-e7e81cd9613c

4 files changed, 27 insertions, 3 deletions

diff --git a/plugins/managesieve/Changelog b/plugins/managesieve/Changelog
index f92dfe794..01194e423 100644
--- a/plugins/managesieve/Changelog
+++ b/plugins/managesieve/Changelog
@@ -1,3 +1,5 @@
+- Added support for SASL proxy authentication (#1486691)
+
 * version 2.10 [2010-10-10]
 -----------------------------------------------------------
 - Fixed import from Avelsieve
diff --git a/plugins/managesieve/config.inc.php.dist b/plugins/managesieve/config.inc.php.dist
index 63dda6cc2..905cfef18 100644
--- a/plugins/managesieve/config.inc.php.dist
+++ b/plugins/managesieve/config.inc.php.dist
@@ -15,6 +15,14 @@ $rcmail_config['managesieve_host'] = 'localhost';
 // or none. Optional, defaults to best method supported by server.
 $rcmail_config['managesieve_auth_type'] = null;
 
+// Optional managesieve authentication identifier to be used as authorization proxy.
+// Authenticate as a different user but act on behalf of the logged in user.
+// Works with PLAIN and DIGEST-MD5 auth.
+$rcmail_config['managesieve_auth_cid'] = null;
+
+// Optional managesieve authentication password to be used for imap_auth_cid
+$rcmail_config['managesieve_auth_pw'] = null;
+
 // use or not TLS for managesieve server connection
 // it's because I've problems with TLS and dovecot's managesieve plugin
 // and it's not needed on localhost
diff --git a/plugins/managesieve/lib/rcube_sieve.php b/plugins/managesieve/lib/rcube_sieve.php
index 4c7eaad58..cec86a1db 100644
--- a/plugins/managesieve/lib/rcube_sieve.php
+++ b/plugins/managesieve/lib/rcube_sieve.php
@@ -44,23 +44,35 @@ class rcube_sieve
      * @param boolean Enable/disable TLS use
      * @param array   Disabled extensions
      * @param boolean Enable/disable debugging
+     * @param string  Proxy authentication identifier
+     * @param string  Proxy authentication password
      */
     public function __construct($username, $password='', $host='localhost', $port=2000,
-        $auth_type=null, $usetls=true, $disabled=array(), $debug=false)
+        $auth_type=null, $usetls=true, $disabled=array(), $debug=false,
+        $auth_cid=null, $auth_pw=null)
     {
         $this->sieve = new Net_Sieve();
 
         if ($debug) {
             $this->sieve->setDebug(true, array($this, 'debug_handler'));
         }
+
         if (PEAR::isError($this->sieve->connect($host, $port, NULL, $usetls))) {
             return $this->_set_error(SIEVE_ERROR_CONNECTION);
         }
+
+        if (!empty($auth_cid)) {
+            $authz    = $username;
+            $username = $auth_cid;
+            $password = $auth_pw;
+        }
+
         if (PEAR::isError($this->sieve->login($username, $password,
-            $auth_type ? strtoupper($auth_type) : null))
+            $auth_type ? strtoupper($auth_type) : null, $authz))
         ) {
             return $this->_set_error(SIEVE_ERROR_LOGIN);
         }
+
         $this->disabled = $disabled;
     }
 
diff --git a/plugins/managesieve/managesieve.php b/plugins/managesieve/managesieve.php
index d0ad268e7..8fb8242bc 100644
--- a/plugins/managesieve/managesieve.php
+++ b/plugins/managesieve/managesieve.php
@@ -74,7 +74,9 @@ class managesieve extends rcube_plugin
             $this->rc->config->get('managesieve_auth_type'),
             $this->rc->config->get('managesieve_usetls', false),
             $this->rc->config->get('managesieve_disabled_extensions'),
-            $this->rc->config->get('managesieve_debug', false)
+            $this->rc->config->get('managesieve_debug', false),
+            $this->rc->config->get('managesieve_auth_cid'), 
+            $this->rc->config->get('managesieve_auth_pw')
         );
 
         if (!($error = $this->sieve->error())) {