X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/eda0cc87eedfbbe5a15a91a59489e31f69e30998..c02f66668d32980a3770e450061c5b96b9f31690:/uip/post.c

diff --git a/uip/post.c b/uip/post.c
index bf1c042d..e62473e7 100644
--- a/uip/post.c
+++ b/uip/post.c
@@ -89,6 +89,8 @@
     X("tls", TLSminc(-3), TLSSW) \
     X("initialtls", TLSminc(-10), INITTLSSW) \
     X("notls", TLSminc(-5), NTLSSW) \
+    X("certverify", TLSminc(-10), CERTVERSW) \
+    X("nocertverify", TLSminc(-12), NOCERTVERSW) \
     X("fileproc", -4, FILEPROCSW) \
     X("mhlproc", -3, MHLPROCSW) \
     X("sendmail program", 0, MTSSM) \
@@ -239,7 +241,7 @@ static int sasl=0;		/* Use SASL auth for SMTP                */
 static char *saslmech=NULL;	/* Force use of particular SASL mech     */
 static char *user=NULL;		/* Authenticate as this user             */
 static char *port="submission";	/* Name of server port for SMTP submission */
-static int tls=-1;		/* Use TLS for encryption		 */
+static int tlsflag=0;		/* Flags to control TLS settings	 */
 static int fromcount=0;		/* Count of addresses on From: header	 */
 static int seensender=0;	/* Have we seen a Sender: header?	 */
 
@@ -313,7 +315,8 @@ static int find_prefix (void);
 int
 main (int argc, char **argv)
 {
-    int state, compnum, dashstuff = 0, swnum, oauth_flag = 0;
+    int state, compnum, dashstuff = 0, swnum, oauth_flag = 0, tls = -1;
+    int noverify = 0;
     int eai = 0; /* use Email Address Internationalization (EAI) (SMTPUTF8) */
     char *cp, *msg = NULL, **argp, **arguments, *envelope;
     char buf[BUFSIZ], name[NAMESZ], *auth_svc = NULL;
@@ -530,6 +533,14 @@ main (int argc, char **argv)
 		    tls = 0;
 		    continue;
 
+		case CERTVERSW:
+		    noverify = 0;
+		    continue;
+
+		case NOCERTVERSW:
+		    noverify++;
+		    continue;
+
 		case FILEPROCSW:
 		    if (!(cp = *argp++) || *cp == '-')
 			adios (NULL, "missing argument to %s", argp[-2]);
@@ -612,7 +623,7 @@ main (int argc, char **argv)
 	    case FLD: 
 	    case FLDPLUS: 
                 compnum++;
-		cp = add (buf, NULL);
+		cp = mh_xstrdup(buf);
 		while (state == FLDPLUS) {
 		    bufsz = sizeof buf;
 		    state = m_getfld (&gstate, name, buf, &bufsz, in);
@@ -692,6 +703,16 @@ main (int argc, char **argv)
 #endif /* ! TLS_SUPPORT */
     }
 
+    if (tls == 1)
+	tlsflag = S_STARTTLS;
+    else if (tls == 2)
+	tlsflag = S_INITTLS;
+    else
+	tlsflag = 0;
+
+    if (noverify)
+	tlsflag |= S_NOVERIFY;
+
     /*
      * If we were given any oauth flags, store the appropriate profile
      * entries and make sure an authservice was given (we have to do this
@@ -1527,7 +1548,7 @@ find_prefix (void)
     if ((in = fopen (tmpfil, "r")) == NULL)
 	adios (tmpfil, "unable to re-open");
 
-    while (fgets (buffer, sizeof(buffer) - 1, in))
+    while (fgets (buffer, sizeof buffer, in))
 	if (buffer[0] == '-' && buffer[1] == '-') {
 	    char *cp;
 
@@ -1680,7 +1701,7 @@ post (char *file, int bccque, int talk, int eai, char *envelope,
 
 	if (rp_isbad (retval = sm_init (clientsw, serversw, port, watch,
 					verbose, snoop, sasl, saslmech, user,
-					oauth_flag ? auth_svc : NULL, tls))
+					oauth_flag ? auth_svc : NULL, tlsflag))
 		|| rp_isbad (retval = sm_winit (envelope, eai, eightbit))) {
 	    close (fd);
 	    die (NULL, "problem initializing server; %s", rp_string (retval));
@@ -1724,7 +1745,7 @@ verify_all_addresses (int talk, int eai, char *envelope, int oauth_flag,
 
 	if (rp_isbad (retval = sm_init (clientsw, serversw, port, watch,
 					verbose, snoop, sasl, saslmech, user,
-					oauth_flag ? auth_svc : NULL, tls))
+					oauth_flag ? auth_svc : NULL, tlsflag))
 		|| rp_isbad (retval = sm_winit (envelope, eai, eightbit))) {
 	    die (NULL, "problem initializing server; %s", rp_string (retval));
 	}