From e4ddeb05a0bd8dcd591b923df5a82b6f4092976b Mon Sep 17 00:00:00 2001
From: Peter Pentchev <roam@ringlet.net>
Date: Mon, 30 Mar 2009 10:59:46 +0000
Subject: [PATCH] Unbreak SMTP authentication.

---
 changelog                  |  6 +++++
 patches/21-smtp-auth.patch | 47 ++++++++++++++++++++++++++++++++++++++
 patches/series             |  1 +
 3 files changed, 54 insertions(+)
 create mode 100644 patches/21-smtp-auth.patch

diff --git a/changelog b/changelog
index a561f77..c04eea7 100644
--- a/changelog
+++ b/changelog
@@ -1,3 +1,9 @@
+dma (0.0.2009.02.11-1~7) unstable; urgency=low
+
+  * Unbreak SMTP authentication - send EHLO, allow LOGIN over SSL.
+
+ -- Peter Pentchev <roam@ringlet.net>  Mon, 30 Mar 2009 13:51:28 +0300
+
 dma (0.0.2009.02.11-1~6) unstable; urgency=low
 
   * Fix my own queue display patch - if a message has multiple recipients,
diff --git a/patches/21-smtp-auth.patch b/patches/21-smtp-auth.patch
new file mode 100644
index 0000000..2b0c1bf
--- /dev/null
+++ b/patches/21-smtp-auth.patch
@@ -0,0 +1,47 @@
+Unbreak SMTP authentication with or without encrypted connections:
+- always send an EHLO command at the start of the "real" negotiation;
+- allow LOGIN authentication over an SSL link if CRAM-MD5 fails.
+
+--- a/net.c
++++ b/net.c
+@@ -213,7 +213,9 @@
+ 	}
+ #endif /* HAVE_CRYPTO */
+ 
+-	if ((config->features & INSECURE) != 0) {
++	if ((config->features & INSECURE) != 0 ||
++	    ((config->features & SECURETRANS) != 0 &&
++	     (config->features & NOSSL) == 0)) {
+ 		/* Send AUTH command according to RFC 2554 */
+ 		send_remote_command(fd, "AUTH LOGIN");
+ 		if (read_remote(fd, 0, NULL) != 3) {
+@@ -363,6 +365,7 @@
+ 			goto out;
+ 	}
+ 
++#if 0
+ 	/*
+ 	 * If the user doesn't want STARTTLS, but SSL encryption, we
+ 	 * have to enable SSL first, then send EHLO
+@@ -378,8 +381,11 @@
+ 			return (-1);
+ 		}
+ 	}
++#endif
+ #endif /* HAVE_CRYPTO */
++#if 0
+ 	if (((config->features & SECURETRANS) == 0)) {
++#endif
+ 		send_remote_command(fd, "EHLO %s", hostname());
+ 		if (read_remote(fd, 0, NULL) != 2) {
+ 			syslog(LOG_ERR, "%s: remote delivery deferred: "
+@@ -388,7 +394,9 @@
+ 			    host, neterr);
+ 			return (-1);
+ 		}
++#if 0
+ 	}
++#endif
+ 
+ 	/*
+ 	 * Use SMTP authentication if the user defined an entry for the remote
diff --git a/patches/series b/patches/series
index bfd67d6..b5a5c8a 100644
--- a/patches/series
+++ b/patches/series
@@ -18,3 +18,4 @@
 18-guess-username.patch
 19-ignore-options.patch
 20-parse-recipient.patch
+21-smtp-auth.patch
-- 
2.47.3