From eb8e38d2a0a461b1b954a49ba2aeac81e0e85ec1 Mon Sep 17 00:00:00 2001 From: Moritz Bunkus Date: Wed, 31 Oct 2012 17:38:52 +0100 Subject: [PATCH] Net::SSLGlue anstelle von Net::SMTP::TLS verwenden MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Net::SMTP::TLS enthält momentan einen unschönen Bug[1], der mit aktuellen Versionen von IO::Socket::SSL zusammen zu einer Exception führt. Anscheinend wird Net::SMTP::TLS auch schon seit Jahren nicht mehr gepflegt. Net::SSLGlue::SMTP (Teil von Net::SSLGlue) erweitert dabei das Net::SMTP-Interface um TLS-Befehle und ist damit zusätzlich näher am Net::SMTP-Interface, als es Net::SMTP::TLS je war. [1] https://rt.cpan.org/Public/Bug/Display.html?id=77401 --- SL/InstallationCheck.pm | 2 +- SL/Mailer/SMTP.pm | 36 +++++++++++++++++------------------ config/kivitendo.conf.default | 8 +++++--- 3 files changed, 23 insertions(+), 23 deletions(-) diff --git a/SL/InstallationCheck.pm b/SL/InstallationCheck.pm index 451c41831..79a213a1a 100644 --- a/SL/InstallationCheck.pm +++ b/SL/InstallationCheck.pm @@ -41,7 +41,7 @@ BEGIN { { name => "Net::LDAP", url => "http://search.cpan.org/~gbarr/", debian => 'libnet-ldap-perl' }, # Net::SMTP is core since 5.7.3 { name => "Net::SMTP::SSL", version => '1.01', url => "http://search.cpan.org/~cwest/", debian => 'libnet-smtp-ssl-perl' }, - { name => "Net::SMTP::TLS", version => '0.12', url => "http://search.cpan.org/~awestholm/", debian => 'libnet-smtp-tls-perl' }, + { name => "Net::SSLGlue", version => '1.01', url => "http://search.cpan.org/~sullr/", debian => 'libnet-sslglue-perl' }, ); @developer_modules = ( diff --git a/SL/Mailer/SMTP.pm b/SL/Mailer/SMTP.pm index 831bd72b4..8012a04cd 100644 --- a/SL/Mailer/SMTP.pm +++ b/SL/Mailer/SMTP.pm @@ -9,33 +9,31 @@ use Rose::Object::MakeMethods::Generic scalar => [ qw(myconfig mailer form) ] ); +my %security_config = ( + none => { require_module => 'Net::SMTP', package => 'Net::SMTP', port => 25 }, + tls => { require_module => 'Net::SSLGlue::SMTP', package => 'Net::SMTP', port => 25 }, + ssl => { require_module => 'Net::SMTP::SSL', package => 'Net::SMTP::SSL', port => 465 }, +); + sub init { my ($self) = @_; Rose::Object::init(@_); my $cfg = $::lx_office_conf{mail_delivery} || {}; - $self->{security} = lc($cfg->{security} || 'none'); - - if ($self->{security} eq 'tls') { - require Net::SMTP::TLS; - my %params; - if ($cfg->{login}) { - $params{User} = $cfg->{user}; - $params{Password} = $cfg->{password}; - } - $self->{smtp} = Net::SMTP::TLS->new($cfg->{host} || 'localhost', Port => $cfg->{port} || 25, %params); - - } else { - my $module = $self->{security} eq 'ssl' ? 'Net::SMTP::SSL' : 'Net::SMTP'; - my $default_port = $self->{security} eq 'ssl' ? 465 : 25; - eval "require $module" or die $@; - - $self->{smtp} = $module->new($cfg->{host} || 'localhost', Port => $cfg->{port} || $default_port); - $self->{smtp}->auth($cfg->{user}, $cfg->{password}) if $cfg->{login}; - } + $self->{security} = exists $security_config{lc $cfg->{security}} ? lc $cfg->{security} : 'none'; + my $sec_cfg = $security_config{ $self->{security} }; + + eval "require $sec_cfg->{require_module}" or die "$@"; + $self->{smtp} = $sec_cfg->{package}->new($cfg->{host} || 'localhost', Port => $cfg->{port} || $sec_cfg->{port}); die unless $self->{smtp}; + + $self->{smtp}->starttls(SSL_verify_mode => 0) || die if $self->{security} eq 'tls'; + + return 1 unless $cfg->{login}; + + $self->{smtp}->auth($cfg->{user}, $cfg->{password}) or die; } sub start_mail { diff --git a/config/kivitendo.conf.default b/config/kivitendo.conf.default index c03163159..d69ecac94 100644 --- a/config/kivitendo.conf.default +++ b/config/kivitendo.conf.default @@ -115,12 +115,14 @@ memberfile = users/members method = smtp # Location of sendmail for 'method = sendmail' sendmail = /usr/sbin/sendmail -t<%if myconfig_email%> -f <%myconfig_email%><%end%> -# Settings for 'method = smtp'. +# Settings for 'method = smtp'. Only set 'port' if your SMTP server +# runs on a non-standard port (25 for 'security=none' or +# 'security=tls', 465 for 'security=ssl'). host = localhost -port = 25 +#port = 25 # Security can be 'tls', 'ssl' or 'none'. Unset equals 'none'. This # determines whether or not encryption is used and which kind. For -# 'tls' the module 'Net::SMTP::TLS' is required; for 'ssl' +# 'tls' the module 'Net::SSLGlue' is required; for 'ssl' # 'Net::SMTP::SSL' is required and 'none' only uses 'Net::SMTP'. security = none # Authentication is only used if 'login' is set. You should only use -- 2.20.1