[devscripts] 01/01: Add STARTTLS support without certificate validity verification.
Andrew Shadura
bugzilla at tut.by
Mon Nov 2 21:05:23 UTC 2015
This is an automated email from the git hooks/post-receive script.
andrewsh pushed a commit to branch starttls
in repository devscripts.
commit 6469c52e8b694622607478475e7cfc67f1ec6a95
Author: Andrew Shadura <andrewsh at debian.org>
Date: Mon Nov 2 21:21:02 2015 +0100
Add STARTTLS support without certificate validity verification.
Use Net::SMTPS for both SMTP+SSL and SMTP+STARTTLS.
When not connecting over SSL, always use Net::SMTPS in hope
it does STARTTLS when it's detected. If Net::SMTPS isn't
available, fall back to plain old Net::SMTP.
Replace libnet-smtp-ssl-perl dependency with libnet-smtps-perl
dependency promoted to Recommends from Suggests.
Signed-off-by: Andrew Shadura <andrewsh at debian.org>
---
debian/control | 2 +-
scripts/bts.pl | 41 ++++++++++++++++++++++++++---------------
2 files changed, 27 insertions(+), 16 deletions(-)
diff --git a/debian/control b/debian/control
index 4a8d23b..7a11bf9 100644
--- a/debian/control
+++ b/debian/control
@@ -53,6 +53,7 @@ Recommends: at,
gnupg,
libdistro-info-perl,
libencode-locale-perl,
+ libnet-smtps-perl,
libjson-perl,
liburi-perl,
libwww-perl,
@@ -78,7 +79,6 @@ Suggests: bsd-mailx | mailx,
gpgv,
libauthen-sasl-perl,
libfile-desktopentry-perl,
- libnet-smtp-ssl-perl,
libterm-size-perl,
libtimedate-perl,
libyaml-syck-perl,
diff --git a/scripts/bts.pl b/scripts/bts.pl
index 55bb83a..6876ab8 100755
--- a/scripts/bts.pl
+++ b/scripts/bts.pl
@@ -74,7 +74,7 @@ $SIG{'__WARN__'} = sub { warn $_[0] unless $_[0] =~ /^Parsing of undecoded UTF-8
my $it = undef;
my $last_user = '';
my $lwp_broken = undef;
-my $smtp_ssl_broken = undef;
+my $smtps_broken = undef;
my $authen_sasl_broken;
my $ua;
@@ -98,21 +98,22 @@ sub have_lwp() {
return $lwp_broken ? 0 : 1;
}
-sub have_smtp_ssl() {
- return ($smtp_ssl_broken ? 0 : 1) if defined $smtp_ssl_broken;
+sub have_smtps() {
+ return ($smtps_broken ? 0 : 1) if defined $smtps_broken;
eval {
- require Net::SMTP::SSL;
+ require Net::SMTPS;
+ use IO::Socket::SSL;
};
if ($@) {
- if ($@ =~ m%^Can\'t locate Net/SMTP/SSL%) {
- $smtp_ssl_broken="the libnet-smtp-ssl-perl package is not installed";
+ if ($@ =~ m%^Can\'t locate Net/SMTPS%) {
+ $smtps_broken="the libnet-smtps-perl package is not installed";
} else {
- $smtp_ssl_broken="couldn't load Net::SMTP::SSL: $@";
+ $smtps_broken="couldn't load Net::SMTPS: $@";
}
}
- else { $smtp_ssl_broken=''; }
- return $smtp_ssl_broken ? 0 : 1;
+ else { $smtps_broken=''; }
+ return $smtps_broken ? 0 : 1;
}
sub have_authen_sasl() {
@@ -344,6 +345,9 @@ The host name may be followed by a colon (":") and a port number in
order to use a port other than the default. It may also begin with
"ssmtp://" or "smtps://" to indicate that SMTPS should be used.
+If SMTPS not specified, B<bts> will still try to use STARTTLS if it's advertised
+by the SMTP host.
+
Note that one of B<$DEBEMAIL> or B<$EMAIL> must be set in the environment in order
to use direct SMTP connections to send emails.
@@ -2577,18 +2581,25 @@ sub send_mail {
my ($host, $port) = split(/:/, $1);
$port ||= '465';
- if (have_smtp_ssl) {
- $smtp = Net::SMTP::SSL->new($host, Port => $port,
- Hello => $smtphelo) or die "$progname: failed to open SMTPS connection to $smtphost\n($@)\n";
+ if (have_smtps) {
+ $smtp = Net::SMTPS->new($host, Port => $port,
+ Hello => $smtphelo, doSSL => 'ssl', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE)
+ or die "$progname: failed to open SMTPS connection to $smtphost\n($@)\n";
} else {
- die "$progname: Unable to establish SMTPS connection: $smtp_ssl_broken\n";
+ die "$progname: Unable to establish SMTPS connection: $smtps_broken\n";
}
} else {
my ($host, $port) = split(/:/, $smtphost);
$port ||= '25';
- $smtp = Net::SMTP->new($host, Port => $port, Hello => $smtphelo)
- or die "$progname: failed to open SMTP connection to $smtphost\n($@)\n";
+ if (have_smtps) {
+ $smtp = Net::SMTPS->new($host, Port => $port,
+ Hello => $smtphelo, doSSL => 'starttls', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE)
+ or die "$progname: failed to open SMTP connection to $smtphost\n($@)\n";
+ } else {
+ $smtp = Net::SMTP->new($host, Port => $port, Hello => $smtphelo)
+ or die "$progname: failed to open SMTP connection to $smtphost\n($@)\n";
+ }
}
if ($smtpuser) {
if (have_authen_sasl) {
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/devscripts.git
More information about the devscripts-devel
mailing list