From: Peter Pentchev <roam@ringlet.net>
Date: Tue, 22 Jun 2010 23:51:23 +0000 (+0200)
Subject: Add the "opportunistic TLS" option.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4dea15f5a4e074a86e344fbbd3182270bcd492ea;p=people%2Fms%2Fdma.git

Add the "opportunistic TLS" option.

Add a new configuration option to allow remote connections to proceed in
unencrypted mode if the STARTTLS negotiation fails.
---

diff --git a/conf.c b/conf.c
index 5d17745..6c7bd1c 100644
--- a/conf.c
+++ b/conf.c
@@ -207,6 +207,8 @@ parse_conf(const char *config_path)
 			config.mailnamefile = data;
 		else if (strcmp(word, "STARTTLS") == 0 && data == NULL)
 			config.features |= STARTTLS;
+		else if (strcmp(word, "OPPORTUNISTIC_TLS") == 0 && data == NULL)
+			config.features |= TLS_OPP;
 		else if (strcmp(word, "SECURETRANSFER") == 0 && data == NULL)
 			config.features |= SECURETRANS;
 		else if (strcmp(word, "DEFER") == 0 && data == NULL)
diff --git a/crypto.c b/crypto.c
index 716fd54..8e2d334 100644
--- a/crypto.c
+++ b/crypto.c
@@ -118,9 +118,13 @@ smtp_init_crypto(int fd, int feature)
 		if (read_remote(fd, 0, NULL) == 2) {
 			send_remote_command(fd, "STARTTLS");
 			if (read_remote(fd, 0, NULL) != 2) {
-				syslog(LOG_ERR, "remote delivery deferred:"
-				  " STARTTLS not available: %s", neterr);
-				return (1);
+				if ((feature & TLS_OPP) == 0) {
+					syslog(LOG_ERR, "remote delivery deferred: STARTTLS not available: %s", neterr);
+					return (1);
+				} else {
+					syslog(LOG_INFO, "in opportunistic TLS mode, STARTTLS not available: %s", neterr);
+					return (0);
+				}
 			}
 		}
 		/* End of TLS init phase, enable SSL_write/read */
diff --git a/dma.8 b/dma.8
index 0fb4dee..74e4dcd 100644
--- a/dma.8
+++ b/dma.8
@@ -208,6 +208,20 @@ Uncomment if you want TLS/SSL secured transfer.
 Uncomment if you want to use STARTTLS.
 Only useful together with
 .Sq SECURETRANS .
+.It Ic OPPORTUNISTIC_TLS Xo
+(boolean, default=commented)
+.Xc
+Uncomment if you want to allow the STARTTLS negotiation to fail.
+Most useful when
+.Nm
+is used without a smarthost, delivering remote messages directly to
+the outside mail exchangers; in opportunistic TLS mode, the connection will
+be encrypted if the remote server supports STARTTLS, but an unencrypted
+delivery will still be made if the negotiation fails.
+Only useful together with
+.Sq SECURETRANS
+and
+.Sq STARTTLS .
 .It Ic CERTFILE Xo
 (string, default=empty)
 .Xc
diff --git a/dma.conf b/dma.conf
index 3144de0..eae6c57 100644
--- a/dma.conf
+++ b/dma.conf
@@ -23,6 +23,11 @@
 # SECURETRANSFER)
 #STARTTLS
 
+# Uncomment if you have specified STARTTLS above and it should be allowed
+# to fail ("opportunistic TLS", use an encrypted connection when available
+# but allow an unencrypted one to servers that do not support it)
+#OPPORTUNISTIC_TLS
+
 # Path to your local SSL certificate
 #CERTFILE
 
diff --git a/dma.h b/dma.h
index cd9214e..a35e671 100644
--- a/dma.h
+++ b/dma.h
@@ -62,6 +62,7 @@
 #define DEFER		0x010		/* Defer mails */
 #define INSECURE	0x020		/* Allow plain login w/o encryption */
 #define FULLBOUNCE	0x040		/* Bounce the full message */
+#define TLS_OPP		0x080		/* Opportunistic STARTTLS */
 
 #ifndef CONF_PATH
 #define CONF_PATH	"/etc/dma/dma.conf"	/* Default path to dma.conf */