diff options
Diffstat (limited to 'qmail-remote.c')
| -rw-r--r-- | qmail-remote.c | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/qmail-remote.c b/qmail-remote.c index b865b4d..b5b93d5 100644 --- a/qmail-remote.c +++ b/qmail-remote.c | |||
| @@ -31,6 +31,7 @@ | |||
| 31 | #include "timeoutread.h" | 31 | #include "timeoutread.h" |
| 32 | #include "timeoutwrite.h" | 32 | #include "timeoutwrite.h" |
| 33 | #include "base64.h" | 33 | #include "base64.h" |
| 34 | #include "env.h" | ||
| 34 | 35 | ||
| 35 | #define HUGESMTPTEXT 5000 | 36 | #define HUGESMTPTEXT 5000 |
| 36 | 37 | ||
| @@ -65,6 +66,7 @@ struct ip_address partner; | |||
| 65 | 66 | ||
| 66 | int tls_init(); | 67 | int tls_init(); |
| 67 | const char *ssl_err_str = 0; | 68 | const char *ssl_err_str = 0; |
| 69 | char **myargv; | ||
| 68 | #endif | 70 | #endif |
| 69 | 71 | ||
| 70 | void out(s) char *s; { if (substdio_puts(subfdoutsmall,s) == -1) _exit(0); } | 72 | void out(s) char *s; { if (substdio_puts(subfdoutsmall,s) == -1) _exit(0); } |
| @@ -400,6 +402,7 @@ int tls_init() | |||
| 400 | return 0; | 402 | return 0; |
| 401 | } | 403 | } |
| 402 | alloc_free(tmp.s); | 404 | alloc_free(tmp.s); |
| 405 | if (env_get("NOTLS")) return 0; | ||
| 403 | } | 406 | } |
| 404 | } | 407 | } |
| 405 | 408 | ||
| @@ -476,8 +479,25 @@ int tls_init() | |||
| 476 | } | 479 | } |
| 477 | 480 | ||
| 478 | ssl = myssl; | 481 | ssl = myssl; |
| 479 | if (ssl_timeoutconn(timeout, smtpfd, smtpfd, ssl) <= 0) | 482 | if (ssl_timeoutconn(timeout, smtpfd, smtpfd, ssl) <= 0) { |
| 480 | tls_quit("ZTLS connect failed", ssl_error_str()); | 483 | if (servercert) |
| 484 | tls_quit("ZTLS connect failed", ssl_error_str()); | ||
| 485 | else { | ||
| 486 | /* shouldn't talk to the client unless in an appropriate state */ | ||
| 487 | int state = ssl ? ssl->state : SSL_ST_BEFORE; | ||
| 488 | if (state & SSL_ST_OK || (!smtps && state & SSL_ST_BEFORE)) | ||
| 489 | substdio_putsflush(&smtpto,"QUIT\r\n"); | ||
| 490 | |||
| 491 | out("lTLS connect failed: "); | ||
| 492 | out(ssl_error_str()); | ||
| 493 | out("; retrying without TLS\n"); | ||
| 494 | zero(); | ||
| 495 | substdio_flush(subfdoutsmall); | ||
| 496 | |||
| 497 | env_put("NOTLS=1"); | ||
| 498 | execvp(*myargv, myargv); | ||
| 499 | } | ||
| 500 | } | ||
| 481 | 501 | ||
| 482 | if (servercert) { | 502 | if (servercert) { |
| 483 | X509 *peercert; | 503 | X509 *peercert; |
| @@ -847,6 +867,10 @@ char **argv; | |||
| 847 | char **recips; | 867 | char **recips; |
| 848 | unsigned long prefme; | 868 | unsigned long prefme; |
| 849 | char *relayhost; | 869 | char *relayhost; |
| 870 | |||
| 871 | #ifdef TLS | ||
| 872 | myargv = argv; | ||
| 873 | #endif | ||
| 850 | 874 | ||
| 851 | sig_pipeignore(); | 875 | sig_pipeignore(); |
| 852 | if (argc < 4) perm_usage(); | 876 | if (argc < 4) perm_usage(); |