From: Moritz Bunkus <m.bunkus@linet-services.de>
Date: Wed, 31 Oct 2012 16:38:52 +0000 (+0100)
Subject: Net::SSLGlue anstelle von Net::SMTP::TLS verwenden
X-Git-Tag: release-3.0.0beta1~61
X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=eb8e38d2a0a461b1b954a49ba2aeac81e0e85ec1;p=kivitendo-erp.git

Net::SSLGlue anstelle von Net::SMTP::TLS verwenden

Net::SMTP::TLS enthält momentan einen unschönen Bug[1], der mit
aktuellen Versionen von IO::Socket::SSL zusammen zu einer Exception
führt. Anscheinend wird Net::SMTP::TLS auch schon seit Jahren nicht
mehr gepflegt.

Net::SSLGlue::SMTP (Teil von Net::SSLGlue) erweitert dabei das
Net::SMTP-Interface um TLS-Befehle und ist damit zusätzlich näher am
Net::SMTP-Interface, als es Net::SMTP::TLS je war.

[1] https://rt.cpan.org/Public/Bug/Display.html?id=77401
---

diff --git a/SL/InstallationCheck.pm b/SL/InstallationCheck.pm
index 451c41831..79a213a1a 100644
--- a/SL/InstallationCheck.pm
+++ b/SL/InstallationCheck.pm
@@ -41,7 +41,7 @@ BEGIN {
   { name => "Net::LDAP",                           url => "http://search.cpan.org/~gbarr/",     debian => 'libnet-ldap-perl' },
   # Net::SMTP is core since 5.7.3
   { name => "Net::SMTP::SSL",  version => '1.01',  url => "http://search.cpan.org/~cwest/",     debian => 'libnet-smtp-ssl-perl' },
-  { name => "Net::SMTP::TLS",  version => '0.12',  url => "http://search.cpan.org/~awestholm/", debian => 'libnet-smtp-tls-perl' },
+  { name => "Net::SSLGlue",    version => '1.01',  url => "http://search.cpan.org/~sullr/",     debian => 'libnet-sslglue-perl' },
 );
 
 @developer_modules = (
diff --git a/SL/Mailer/SMTP.pm b/SL/Mailer/SMTP.pm
index 831bd72b4..8012a04cd 100644
--- a/SL/Mailer/SMTP.pm
+++ b/SL/Mailer/SMTP.pm
@@ -9,33 +9,31 @@ use Rose::Object::MakeMethods::Generic
   scalar => [ qw(myconfig mailer form) ]
 );
 
+my %security_config = (
+  none => { require_module => 'Net::SMTP',          package => 'Net::SMTP',      port =>  25 },
+  tls  => { require_module => 'Net::SSLGlue::SMTP', package => 'Net::SMTP',      port =>  25 },
+  ssl  => { require_module => 'Net::SMTP::SSL',     package => 'Net::SMTP::SSL', port => 465 },
+);
+
 sub init {
   my ($self) = @_;
 
   Rose::Object::init(@_);
 
   my $cfg           = $::lx_office_conf{mail_delivery} || {};
-  $self->{security} = lc($cfg->{security} || 'none');
-
-  if ($self->{security} eq 'tls') {
-    require Net::SMTP::TLS;
-    my %params;
-    if ($cfg->{login}) {
-      $params{User}     = $cfg->{user};
-      $params{Password} = $cfg->{password};
-    }
-    $self->{smtp} = Net::SMTP::TLS->new($cfg->{host} || 'localhost', Port => $cfg->{port} || 25, %params);
-
-  } else {
-    my $module       = $self->{security} eq 'ssl' ? 'Net::SMTP::SSL' : 'Net::SMTP';
-    my $default_port = $self->{security} eq 'ssl' ? 465              : 25;
-    eval "require $module" or die $@;
-
-    $self->{smtp} = $module->new($cfg->{host} || 'localhost', Port => $cfg->{port} || $default_port);
-    $self->{smtp}->auth($cfg->{user}, $cfg->{password}) if $cfg->{login};
-  }
+  $self->{security} = exists $security_config{lc $cfg->{security}} ? lc $cfg->{security} : 'none';
+  my $sec_cfg       = $security_config{ $self->{security} };
+
+  eval "require $sec_cfg->{require_module}" or die "$@";
 
+  $self->{smtp} = $sec_cfg->{package}->new($cfg->{host} || 'localhost', Port => $cfg->{port} || $sec_cfg->{port});
   die unless $self->{smtp};
+
+  $self->{smtp}->starttls(SSL_verify_mode => 0) || die if $self->{security} eq 'tls';
+
+  return 1 unless $cfg->{login};
+
+  $self->{smtp}->auth($cfg->{user}, $cfg->{password}) or die;
 }
 
 sub start_mail {
diff --git a/config/kivitendo.conf.default b/config/kivitendo.conf.default
index c03163159..d69ecac94 100644
--- a/config/kivitendo.conf.default
+++ b/config/kivitendo.conf.default
@@ -115,12 +115,14 @@ memberfile = users/members
 method = smtp
 # Location of sendmail for 'method = sendmail'
 sendmail = /usr/sbin/sendmail -t<%if myconfig_email%> -f <%myconfig_email%><%end%>
-# Settings for 'method = smtp'.
+# Settings for 'method = smtp'. Only set 'port' if your SMTP server
+# runs on a non-standard port (25 for 'security=none' or
+# 'security=tls', 465 for 'security=ssl').
 host = localhost
-port = 25
+#port = 25
 # Security can be 'tls', 'ssl' or 'none'. Unset equals 'none'. This
 # determines whether or not encryption is used and which kind. For
-# 'tls' the module 'Net::SMTP::TLS' is required; for 'ssl'
+# 'tls' the module 'Net::SSLGlue' is required; for 'ssl'
 # 'Net::SMTP::SSL' is required and 'none' only uses 'Net::SMTP'.
 security = none
 # Authentication is only used if 'login' is set. You should only use