diff options
| author | Benny Baumann <BenBE@geshi.org> | 2014-11-29 14:44:09 +0100 |
|---|---|---|
| committer | Benny Baumann <BenBE@geshi.org> | 2014-11-29 14:44:09 +0100 |
| commit | 25936445de04c27c377f2de84f117100b43d533f (patch) | |
| tree | d783e99f25a510543a4fcdf1a604e5f1eedd8489 | |
| parent | ff0f3887897a4a5dd238e4a9e5f8227e1f25a50f (diff) | |
| download | cacert-devel-25936445de04c27c377f2de84f117100b43d533f.tar.gz cacert-devel-25936445de04c27c377f2de84f117100b43d533f.tar.xz cacert-devel-25936445de04c27c377f2de84f117100b43d533f.zip | |
bug 1288: Actually request encryption for the connection before activating
| -rw-r--r-- | includes/general.php | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/includes/general.php b/includes/general.php index b3fd121..57268dc 100644 --- a/includes/general.php +++ b/includes/general.php @@ -587,6 +587,15 @@ } if($has_starttls) { + fputs($fp, "STARTTLS\r\n"); + do { + $line = fgets($fp, 4096); + } while(substr($line, 0, 4) == "220-"); + if(substr($line, 0, 3) != "220") { + fclose($fp); + continue; + } + stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_TLS_CLIENT); fputs($fp, "EHLO www.cacert.org\r\n"); |