bug 1288: Actually request encryption for the connection before activating
authorBenny Baumann <BenBE@geshi.org>
Sat, 29 Nov 2014 13:44:09 +0000 (14:44 +0100)
committerBenny Baumann <BenBE@geshi.org>
Sat, 29 Nov 2014 13:44:09 +0000 (14:44 +0100)
includes/general.php

index b3fd121..57268dc 100644 (file)
                                        }
 
                                        if($has_starttls) {
+                                               fputs($fp, "STARTTLS\r\n");
+                                               do {
+                                                       $line = fgets($fp, 4096);
+                                               } while(substr($line, 0, 4) == "220-");
+                                               if(substr($line, 0, 3) != "220") {
+                                                       fclose($fp);
+                                                       continue;
+                                               }
+
                                                stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
 
                                                fputs($fp, "EHLO www.cacert.org\r\n");