X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/80f396c977d664dfb8d29411a3cd64393764c166..95e0df2af:/mts/smtp/smtp.c?ds=inline

diff --git a/mts/smtp/smtp.c b/mts/smtp/smtp.c
index fdc56b06..78f83556 100644
--- a/mts/smtp/smtp.c
+++ b/mts/smtp/smtp.c
@@ -81,7 +81,7 @@ static int smtp_init (char *, char *, char *, int, int, int, int, const char *,
 static int sendmail_init (char *, int, int, int, int, const char *,
 			  const char *);
 
-static int rclient (char *, char *);
+static int rclient (char *, char *, char **);
 static int sm_ierror (const char *fmt, ...);
 static int sm_nerror (char *);
 static int smtalk (int time, char *fmt, ...);
@@ -111,7 +111,7 @@ smtp_init (char *client, char *server, char *port, int watch, int verbose,
            const char *oauth_svc, int tls)
 {
     int result, sd1;
-    char *errstr;
+    char *errstr, *chosen_server;
 
     if (watch)
 	verbose = TRUE;
@@ -141,12 +141,21 @@ smtp_init (char *client, char *server, char *port, int watch, int verbose,
     if (user)
 	netsec_set_userid(nsc, user);
 
+    if ((sd1 = rclient (server, port, &chosen_server)) == NOTOK)
+	return RP_BHST;
+
+    SIGNAL (SIGPIPE, SIG_IGN);
+
+    netsec_set_fd(nsc, sd1, sd1);
+
+    netsec_set_hostname(nsc, chosen_server);
+
     if (sm_debug)
 	netsec_set_snoop(nsc, 1);
 
     if (sasl) {
-	if (netsec_set_sasl_params(nsc, server, "smtp", saslmech,
-				   sm_sasl_callback, &errstr) != OK)
+	if (netsec_set_sasl_params(nsc, "smtp", saslmech, sm_sasl_callback,
+				   &errstr) != OK)
 	    return sm_nerror(errstr);
     }
 
@@ -155,25 +164,18 @@ smtp_init (char *client, char *server, char *port, int watch, int verbose,
 	    return sm_ierror("OAuth2 not supported");
     }
 
-    if ((sd1 = rclient (server, port)) == NOTOK)
-	return RP_BHST;
-
-    SIGNAL (SIGPIPE, SIG_IGN);
-
-    netsec_set_fd(nsc, sd1, sd1);
-
-    if (tls) {
-	if (netsec_set_tls(nsc, 1, &errstr) != OK)
+    if (tls & S_TLSENABLEMASK) {
+	if (netsec_set_tls(nsc, 1, tls & S_NOVERIFY, &errstr) != OK)
 	    return sm_nerror(errstr);
     }
 
     /*
-     * If tls == 2, that means that the user requested "initial" TLS,
-     * which happens right after the connection has opened.  Do that
-     * negotiation now
+     * If tls == S_INITTLS, that means that the user requested
+     * "initial" TLS, which happens right after the connection has
+     * opened.  Do that negotiation now
      */
 
-    if (tls == 2) {
+    if (tls & S_INITTLS) {
     	if (netsec_negotiate_tls(nsc, &errstr) != OK) {
 	    sm_end(NOTOK);
 	    return sm_nerror(errstr);
@@ -214,7 +216,7 @@ smtp_init (char *client, char *server, char *port, int watch, int verbose,
      * restart the EHLO dialog after TLS negotiation is complete.
      */
 
-    if (tls == 1) {
+    if (tls & S_STARTTLS) {
 	if (! EHLOset("STARTTLS")) {
 	    sm_end(NOTOK);
 	    return sm_ierror("SMTP server does not support TLS");
@@ -308,12 +310,14 @@ sendmail_init (char *client, int watch, int verbose, int debug, int sasl,
     if (user)
 	netsec_set_userid(nsc, user);
 
+    netsec_set_hostname(nsc, client);
+
     if (sm_debug)
 	netsec_set_snoop(nsc, 1);
 
     if (sasl) {
-	if (netsec_set_sasl_params(nsc, client, "smtp", saslmech,
-				   sm_sasl_callback, &errstr) != OK)
+	if (netsec_set_sasl_params(nsc, "smtp", saslmech, sm_sasl_callback,
+				   &errstr) != OK)
 	    return sm_nerror(errstr);
     }
 
@@ -422,11 +426,16 @@ sendmail_init (char *client, int watch, int verbose, int debug, int sasl,
 }
 
 static int
-rclient (char *server, char *service)
+rclient (char *server, char *service, char **chosen_server)
 {
     int sd;
     char response[BUFSIZ];
 
+    if (server == NULL)
+	server = servers;
+
+    *chosen_server = server;
+
     if ((sd = client (server, service, response, sizeof(response),
 		      sm_debug)) != NOTOK)
 	return sd;
@@ -614,7 +623,8 @@ sm_end (int type)
 	case NOTOK: 
 	    sm_note.code = sm_reply.code;
 	    sm_note.length = sm_reply.length;
-	    memcpy (sm_note.text, sm_reply.text, sm_reply.length + 1);/* fall */
+	    memcpy (sm_note.text, sm_reply.text, sm_reply.length + 1);
+	    /* FALLTHRU */
 	case DONE: 
 	    if (smtalk (SM_RSET, "RSET") == 250 && type == DONE)
 		return RP_OK;
@@ -755,7 +765,8 @@ sm_wstream (char *buffer, int len)
 		    if (netsec_write(nsc, ".", 1, &errstr) != OK) {
 		    sm_nerror(errstr);
 		    return NOTOK;
-		} /* FALL THROUGH */
+		}
+		/* FALLTHRU */
 
 	    default: 
 		sm_nl = FALSE;
@@ -811,7 +822,7 @@ again: ;
     						 &errstr)) != NULL ; ) {
 
 	if (doingEHLO
-	        && HasPrefix(buffer, "250")
+	        && has_prefix(buffer, "250")
 	        && (buffer[3] == '-' || doingEHLO == 2)
 	        && buffer[4]) {
 	    if (doingEHLO == 2) {
@@ -950,7 +961,7 @@ EHLOset (char *s)
 
     for (ehlo = EHLOkeys; *ehlo; ehlo++) {
 	ep = *ehlo;
-	if (HasPrefix(ep, s)) {
+	if (has_prefix(ep, s)) {
 	    for (ep += len; *ep == ' '; ep++)
 		continue;
 	    return ep;
@@ -1028,7 +1039,7 @@ sm_sasl_callback(enum sasl_message_type mtype, unsigned const char *indata,
 	    return NOTOK;
 	}
 
-	if (!HasPrefix(line, "334 ")) {
+	if (!has_prefix(line, "334 ")) {
 	    netsec_err(errstr, "Improper SASL protocol response: %s", line);
 	    return NOTOK;
 	}
@@ -1077,7 +1088,7 @@ sm_sasl_callback(enum sasl_message_type mtype, unsigned const char *indata,
 	if (line == NULL)
 	    return NOTOK;
 
-	if (!HasPrefix(line, "235 ")) {
+	if (!has_prefix(line, "235 ")) {
 	    if (len > 4)
 		netsec_err(errstr, "Authentication failed: %s", line + 4);
 	    else