Skip to content

Commit

Permalink
fix for smtp notifications (https://forum.opnsense.org/index.php?topi…
Browse files Browse the repository at this point in the history 
…c=294.msg1119#msg1119)
  • Loading branch information
@AdSchellevis
AdSchellevis committed Apr 7, 2015
1 parent 1ba4a3d commit 9a0c074
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions src/etc/inc/notices.smtp.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -606,6 +606,13 @@ class smtp_class

Function startTLS() {
if ($this->PutLine("STARTTLS") && $this->VerifyResultLines("220",$responses)>0) {
$contextOptions = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),);
stream_context_set_option($this->connection, $contextOptions );

if (!stream_socket_enable_crypto($this->connection,true,STREAM_CRYPTO_METHOD_TLS_CLIENT)) {
return false;
} else {
Expand Down

3 comments on commit 9a0c074

@fichtner
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, should we make this configurable? Why does verify fail with e.g. Google as was the case in the forum discussion?

@AdSchellevis
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Eventually we might, but for now this fix reverts the behaviour back to what it was using php5.5 (http://php.net/manual/en/migration56.openssl.php). Really fixing the notification code is not very high on my list for now.

@fichtner
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok. :)

Please sign in to comment.