diff options
| author | Michael Tänzer <neo@nhng.de> | 2014-12-04 22:50:46 +0100 |
|---|---|---|
| committer | Michael Tänzer <neo@nhng.de> | 2014-12-04 22:50:46 +0100 |
| commit | 86c04b83870dc547fdcef25f91b1bc3b1de53619 (patch) | |
| tree | a67552a56bff763fffbe17833cdcb8481e52328d | |
| parent | 30736116cfec98374195654a4f72e7b12a543af5 (diff) | |
| parent | ae094ec445fb164e1b6d5c369ae9556bb9c521cd (diff) | |
| download | cacert-devel-86c04b83870dc547fdcef25f91b1bc3b1de53619.tar.gz cacert-devel-86c04b83870dc547fdcef25f91b1bc3b1de53619.tar.xz cacert-devel-86c04b83870dc547fdcef25f91b1bc3b1de53619.zip | |
Merge remote-tracking branch 'origin/bug-1288' into release
| -rw-r--r-- | includes/general.php | 75 |
1 files changed, 62 insertions, 13 deletions
diff --git a/includes/general.php b/includes/general.php index 596cc49..b34b870 100644 --- a/includes/general.php +++ b/includes/general.php @@ -555,28 +555,77 @@ foreach($mxhosts as $key => $domain) { - $fp = @fsockopen($domain,25,$errno,$errstr,5); + $fp_opt = array( + 'ssl' => array( + 'verify_peer' => false, // Opportunistic Encryption + ) + ); + $fp_ctx = stream_context_create($fp_opt); + $fp = @stream_socket_client("tcp://$domain:25",$errno,$errstr,5,STREAM_CLIENT_CONNECT,$fp_ctx); if($fp) { + stream_set_blocking($fp, true); - $line = fgets($fp, 4096); - while(substr($line, 0, 4) == "220-") - $line = fgets($fp, 4096); - if(substr($line, 0, 3) != "220") + $has_starttls = false; + + do { + $line = fgets($fp, 4096); + } while(substr($line, 0, 4) == "220-"); + if(substr($line, 0, 3) != "220") { + fclose($fp); continue; - fputs($fp, "HELO www.cacert.org\r\n"); - $line = fgets($fp, 4096); - while(substr($line, 0, 3) == "220") + } + + fputs($fp, "EHLO www.cacert.org\r\n"); + do { $line = fgets($fp, 4096); - if(substr($line, 0, 3) != "250") + $has_starttls |= substr(trim($line),4) == "STARTTLS"; + } while(substr($line, 0, 4) == "250-"); + if(substr($line, 0, 3) != "250") { + fclose($fp); continue; - fputs($fp, "MAIL FROM:<returns@cacert.org>\r\n"); - $line = fgets($fp, 4096); + } + + if($has_starttls) { + fputs($fp, "STARTTLS\r\n"); + do { + $line = fgets($fp, 4096); + } while(substr($line, 0, 4) == "220-"); + if(substr($line, 0, 3) != "220") { + fclose($fp); + continue; + } + + stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_TLS_CLIENT); + + fputs($fp, "EHLO www.cacert.org\r\n"); + do { + $line = fgets($fp, 4096); + } while(substr($line, 0, 4) == "250-"); + if(substr($line, 0, 3) != "250") { + fclose($fp); + continue; + } + } - if(substr($line, 0, 3) != "250") + fputs($fp, "MAIL FROM:<returns@cacert.org>\r\n"); + do { + $line = fgets($fp, 4096); + } while(substr($line, 0, 4) == "250-"); + if(substr($line, 0, 3) != "250") { + fclose($fp); continue; + } + fputs($fp, "RCPT TO:<$email>\r\n"); - $line = trim(fgets($fp, 4096)); + do { + $line = fgets($fp, 4096); + } while(substr($line, 0, 4) == "250-"); + if(substr($line, 0, 3) != "250") { + fclose($fp); + continue; + } + fputs($fp, "QUIT\r\n"); fclose($fp); |