X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/80f396c977d664dfb8d29411a3cd64393764c166..e8eb3afba50cbec8d1aeabcf85a06084977d54cd:/mts/smtp/smtp.c diff --git a/mts/smtp/smtp.c b/mts/smtp/smtp.c index fdc56b06..0e6e5116 100644 --- a/mts/smtp/smtp.c +++ b/mts/smtp/smtp.c @@ -141,12 +141,14 @@ smtp_init (char *client, char *server, char *port, int watch, int verbose, if (user) netsec_set_userid(nsc, user); + netsec_set_hostname(nsc, server); + if (sm_debug) netsec_set_snoop(nsc, 1); if (sasl) { - if (netsec_set_sasl_params(nsc, server, "smtp", saslmech, - sm_sasl_callback, &errstr) != OK) + if (netsec_set_sasl_params(nsc, "smtp", saslmech, sm_sasl_callback, + &errstr) != OK) return sm_nerror(errstr); } @@ -162,18 +164,18 @@ smtp_init (char *client, char *server, char *port, int watch, int verbose, netsec_set_fd(nsc, sd1, sd1); - if (tls) { - if (netsec_set_tls(nsc, 1, &errstr) != OK) + if (tls & S_TLSENABLEMASK) { + if (netsec_set_tls(nsc, 1, tls & S_NOVERIFY, &errstr) != OK) return sm_nerror(errstr); } /* - * If tls == 2, that means that the user requested "initial" TLS, - * which happens right after the connection has opened. Do that - * negotiation now + * If tls == S_INITTLS, that means that the user requested + * "initial" TLS, which happens right after the connection has + * opened. Do that negotiation now */ - if (tls == 2) { + if (tls & S_INITTLS) { if (netsec_negotiate_tls(nsc, &errstr) != OK) { sm_end(NOTOK); return sm_nerror(errstr); @@ -214,7 +216,7 @@ smtp_init (char *client, char *server, char *port, int watch, int verbose, * restart the EHLO dialog after TLS negotiation is complete. */ - if (tls == 1) { + if (tls & S_STARTTLS) { if (! EHLOset("STARTTLS")) { sm_end(NOTOK); return sm_ierror("SMTP server does not support TLS"); @@ -308,12 +310,14 @@ sendmail_init (char *client, int watch, int verbose, int debug, int sasl, if (user) netsec_set_userid(nsc, user); + netsec_set_hostname(nsc, client); + if (sm_debug) netsec_set_snoop(nsc, 1); if (sasl) { - if (netsec_set_sasl_params(nsc, client, "smtp", saslmech, - sm_sasl_callback, &errstr) != OK) + if (netsec_set_sasl_params(nsc, "smtp", saslmech, sm_sasl_callback, + &errstr) != OK) return sm_nerror(errstr); } @@ -811,7 +815,7 @@ again: ; &errstr)) != NULL ; ) { if (doingEHLO - && HasPrefix(buffer, "250") + && has_prefix(buffer, "250") && (buffer[3] == '-' || doingEHLO == 2) && buffer[4]) { if (doingEHLO == 2) { @@ -950,7 +954,7 @@ EHLOset (char *s) for (ehlo = EHLOkeys; *ehlo; ehlo++) { ep = *ehlo; - if (HasPrefix(ep, s)) { + if (has_prefix(ep, s)) { for (ep += len; *ep == ' '; ep++) continue; return ep; @@ -1028,7 +1032,7 @@ sm_sasl_callback(enum sasl_message_type mtype, unsigned const char *indata, return NOTOK; } - if (!HasPrefix(line, "334 ")) { + if (!has_prefix(line, "334 ")) { netsec_err(errstr, "Improper SASL protocol response: %s", line); return NOTOK; } @@ -1077,7 +1081,7 @@ sm_sasl_callback(enum sasl_message_type mtype, unsigned const char *indata, if (line == NULL) return NOTOK; - if (!HasPrefix(line, "235 ")) { + if (!has_prefix(line, "235 ")) { if (len > 4) netsec_err(errstr, "Authentication failed: %s", line + 4); else