[devscripts] 01/01: Add STARTTLS support without certificate validity verification.
Andrew Shadura
andrew at shadura.me
Thu Nov 5 08:42:59 UTC 2015
On 05/11/15 02:49, James McCoy wrote:
> Thanks for taking a look at this.
>
> On Mon, Nov 02, 2015 at 09:05:23PM +0000, Andrew Shadura wrote:
>> commit 6469c52e8b694622607478475e7cfc67f1ec6a95
>> Author: Andrew Shadura <andrewsh at debian.org>
>> Date: Mon Nov 2 21:21:02 2015 +0100
>>
>> Add STARTTLS support without certificate validity verification.
> Why isn't certificate validation being done?
Because very often SMTP doesn't have a perfectly valid certificate, so
it makes no sense to validate them.
>> Use Net::SMTPS for both SMTP+SSL and SMTP+STARTTLS.
>> When not connecting over SSL, always use Net::SMTPS in hope
>> it does STARTTLS when it's detected. If Net::SMTPS isn't
>> available, fall back to plain old Net::SMTP.
>>
>> Replace libnet-smtp-ssl-perl dependency with libnet-smtps-perl
>> dependency promoted to Recommends from Suggests.
> Why the change to Recommends?
So that it's more likely it's installed and used.
>> diff --git a/scripts/bts.pl b/scripts/bts.pl
>> index 55bb83a..6876ab8 100755
>> --- a/scripts/bts.pl
>> +++ b/scripts/bts.pl
>> @@ -98,21 +98,22 @@ sub have_lwp() {
>> return $lwp_broken ? 0 : 1;
>> }
>>
>> -sub have_smtp_ssl() {
>> - return ($smtp_ssl_broken ? 0 : 1) if defined $smtp_ssl_broken;
>> +sub have_smtps() {
>> + return ($smtps_broken ? 0 : 1) if defined $smtps_broken;
>> eval {
>> - require Net::SMTP::SSL;
>> + require Net::SMTPS;
>> + use IO::Socket::SSL;
> This should be a require, otherwise it will happen at compile time, not
> runtime.
It doesn't work then, I can't use IO::Socket::SSL::* options if I use
require. Any ideas how to make it work?
--
Cheers,
Andrew
More information about the devscripts-devel
mailing list