summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2014-11-29 13:56:30 +0100
committerBenny Baumann <BenBE@geshi.org>2014-11-29 13:56:30 +0100
commit00c7fb36da60ebc174e915837c8150014c537cba (patch)
tree9ab5a646bed683a47fcf45a6536a0347497c7048
parent055903f98e575d31da9e2189d0a83724c9f11322 (diff)
parent56f2261871ea6fd1759bcd6759fde7d8e30b5ea7 (diff)
downloadcacert-devel-00c7fb36da60ebc174e915837c8150014c537cba.tar.gz
cacert-devel-00c7fb36da60ebc174e915837c8150014c537cba.tar.xz
cacert-devel-00c7fb36da60ebc174e915837c8150014c537cba.zip
Merge branch 'bug-1288' into testserver-stable
-rw-r--r--includes/general.php67
1 files changed, 54 insertions, 13 deletions
diff --git a/includes/general.php b/includes/general.php
index e1cd72c..ca96221 100644
--- a/includes/general.php
+++ b/includes/general.php
@@ -607,28 +607,69 @@
foreach($mxhosts as $key => $domain)
{
- $fp = @fsockopen($domain,25,$errno,$errstr,5);
+ $fp_opt = array(
+ 'ssl' => array(
+ 'verify_peer' => false, // Opportunistic Encryption
+ )
+ );
+ $fp_ctx = stream_context_create($fp_opt);
+ $fp = @stream_socket_client("tcp://$domain:25",$errno,$errstr,5,STREAM_CLIENT_CONNECT,$fp_ctx);
if($fp)
{
+ stream_set_blocking($fp, true);
- $line = fgets($fp, 4096);
- while(substr($line, 0, 4) == "220-")
- $line = fgets($fp, 4096);
- if(substr($line, 0, 3) != "220")
+ $has_starttls = false;
+
+ do {
+ $line = fgets($fp, 4096);
+ } while(substr($line, 0, 4) == "220-");
+ if(substr($line, 0, 3) != "220") {
+ fclose($fp);
continue;
- fputs($fp, "HELO www.cacert.org\r\n");
- $line = fgets($fp, 4096);
- while(substr($line, 0, 3) == "220")
+ }
+
+ fputs($fp, "EHLO www.cacert.org\r\n");
+ do {
$line = fgets($fp, 4096);
- if(substr($line, 0, 3) != "250")
+ $has_starttls |= trim($line) == "220-STARTTLS";
+ } while(substr($line, 0, 4) == "250-");
+ if(substr($line, 0, 3) != "220") {
+ fclose($fp);
continue;
- fputs($fp, "MAIL FROM:<returns@cacert.org>\r\n");
- $line = fgets($fp, 4096);
+ }
+
+ if($has_starttls) {
+ stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
+
+ fputs($fp, "EHLO www.cacert.org\r\n");
+ do {
+ $line = fgets($fp, 4096);
+ $has_starttls |= trim($line) == "220-STARTTLS";
+ } while(substr($line, 0, 4) == "250-");
+ if(substr($line, 0, 3) != "220") {
+ fclose($fp);
+ continue;
+ }
+ }
- if(substr($line, 0, 3) != "250")
+ fputs($fp, "MAIL FROM:<returns@cacert.org>\r\n");
+ do {
+ $line = fgets($fp, 4096);
+ } while(substr($line, 0, 4) == "250-");
+ if(substr($line, 0, 3) != "250") {
+ fclose($fp);
continue;
+ }
+
fputs($fp, "RCPT TO:<$email>\r\n");
- $line = trim(fgets($fp, 4096));
+ do {
+ $line = fgets($fp, 4096);
+ } while(substr($line, 0, 4) == "250-");
+ if(substr($line, 0, 3) != "250") {
+ fclose($fp);
+ continue;
+ }
+
fputs($fp, "QUIT\r\n");
fclose($fp);