]> granicus.if.org Git - curl/commitdiff
projects / curl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e0f4af4)
smtp: Added support for the STARTTLS capability (Part Two)
authorSteve Holme <steve_holme@hotmail.com>
Sun, 10 Feb 2013 19:59:42 +0000 (19:59 +0000)
committerSteve Holme <steve_holme@hotmail.com>
Sun, 10 Feb 2013 19:59:42 +0000 (19:59 +0000)
Added honoring of the tls_supported flag when starting a TLS upgrade
rather than unconditionally attempting it. If the use_ssl flag is set
to CURLUSESSL_TRY and the server doesn't support TLS upgrades then the
connection will continue to authenticate. If this flag is set to
CURLUSESSL_ALL then the connection will complete with a failure as it
did previously.

lib/smtp.c patch | blob | history

diff --git a/lib/smtp.c b/lib/smtp.c
index 6b4f8855944cb95ab0c38e5a6118cb183442568e..3fed5c2eaa6243c7dc055f7066b310bd75dafe50 100644 (file)
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -334,6 +334,7 @@ static CURLcode smtp_state_ehlo(struct connectdata *conn)
   smtpc->authmechs = 0;         /* No known authentication mechanisms yet */
   smtpc->authused = 0;          /* Clear the authentication mechanism used
                                    for esmtp connections */
+  smtpc->tls_supported = FALSE; /* Clear the TLS capability */
 
   /* Send the EHLO command */
   result = Curl_pp_sendf(&smtpc->pp, "EHLO %s", smtpc->domain);
@@ -553,6 +554,7 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode,
 {
   CURLcode result = CURLE_OK;
   struct SessionHandle *data = conn->data;
+  struct smtp_conn *smtpc = &conn->proto.smtpc;
 
   (void)instate; /* no use for this yet */
 
@@ -566,9 +568,17 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode,
     }
   }
   else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
-    /* We don't have a SSL/TLS connection yet, but SSL is requested. Switch
-       to TLS connection now */
-    result = smtp_state_starttls(conn);
+    /* We don't have a SSL/TLS connection yet, but SSL is requested */
+    if(smtpc->tls_supported)
+      /* Switch to TLS connection now */
+      result = smtp_state_starttls(conn);
+    else if(data->set.use_ssl == CURLUSESSL_TRY)
+      /* Fallback and carry on with authentication */
+      result = smtp_authenticate(conn);
+    else {
+      failf(data, "STARTTLS not supported.");
+      result = CURLE_USE_SSL_FAILED;
+    }
   }
   else
     result = smtp_authenticate(conn);
Unnamed repository; edit this file 'description' to name the repository.