[devscripts] 01/01: Add STARTTLS support without certificate validity verification.

Mon Nov 2 20:52:32 UTC 2015

This is an automated email from the git hooks/post-receive script.

andrewsh pushed a commit to branch starttls
in repository devscripts.

commit d09d76d5cd03eee5b9e39a055553bd802ff57941
Author: Andrew Shadura <andrewsh at debian.org>
Date:   Mon Nov 2 21:21:02 2015 +0100

    Add STARTTLS support without certificate validity verification.
    
    Use Net::SMTPS for both SMTP+SSL and SMTP+STARTTLS.
    When not connecting over SSL, always use Net::SMTPS in hope
    it does STARTTLS when it's detected.
    
    Signed-off-by: Andrew Shadura <andrewsh at debian.org>
---
 scripts/bts.pl | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/scripts/bts.pl b/scripts/bts.pl
index 55bb83a..a52d121 100755
--- a/scripts/bts.pl
+++ b/scripts/bts.pl
@@ -51,9 +51,11 @@ use File::Path qw(mkpath make_path rmtree);
 use File::Spec;
 use File::Temp qw/tempfile/;
 use Net::SMTP;
+use Net::SMTPS;
 use Cwd;
 use IO::File;
 use IO::Handle;
+use IO::Socket::SSL;
 use Devscripts::DB_File_Lock;
 use Devscripts::Debbugs;
 use Fcntl qw(O_RDWR O_RDONLY O_CREAT F_SETFD);
@@ -344,6 +346,9 @@ The host name may be followed by a colon (":") and a port number in
 order to use a port other than the default.  It may also begin with
 "ssmtp://" or "smtps://" to indicate that SMTPS should be used.
 
+If SMTPS not specified, B<bts> will still try to use STARTTLS if it's advertised
+by the SMTP host.
+
 Note that one of B<$DEBEMAIL> or B<$EMAIL> must be set in the environment in order
 to use direct SMTP connections to send emails.
 
@@ -2578,8 +2583,9 @@ sub send_mail {
 	    $port ||= '465';
 
 	    if (have_smtp_ssl) {
-		$smtp = Net::SMTP::SSL->new($host, Port => $port,
-		    Hello => $smtphelo) or die "$progname: failed to open SMTPS connection to $smtphost\n($@)\n";
+		$smtp = Net::SMTPS->new($host, Port => $port,
+		    Hello => $smtphelo, doSSL => 'ssl', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE)
+		or die "$progname: failed to open SMTPS connection to $smtphost\n($@)\n";
 	    } else {
 		die "$progname: Unable to establish SMTPS connection: $smtp_ssl_broken\n";
 	    }
@@ -2587,7 +2593,8 @@ sub send_mail {
 	    my ($host, $port) = split(/:/, $smtphost);
 	    $port ||= '25';
 
-	    $smtp = Net::SMTP->new($host, Port => $port, Hello => $smtphelo)
+	    $smtp = Net::SMTPS->new($host, Port => $port,
+		    Hello => $smtphelo, doSSL => 'starttls', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE)
 		or die "$progname: failed to open SMTP connection to $smtphost\n($@)\n";
 	}
 	if ($smtpuser) {

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/devscripts.git

