OPT_SRP_MOREGROUPS,
#endif
OPT_SSL3, OPT_SSL_CONFIG,
- OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
+ OPT_TLS1_3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_KEYFORM, OPT_PASS,
OPT_CERT_CHAIN, OPT_CAPATH, OPT_NOCAPATH, OPT_CHAINCAPATH,
OPT_VERIFYCAPATH,
{"proxy", OPT_PROXY, 's',
"Connect to via specified proxy to the real server"},
#ifdef AF_UNIX
- {"unix", OPT_UNIX, 's', "Connect over unix domain sockets"},
+ {"unix", OPT_UNIX, 's', "Connect over the specified Unix-domain socket"},
#endif
{"4", OPT_4, '-', "Use IPv4 only"},
#ifdef AF_INET6
{"keymatexportlen", OPT_KEYMATEXPORTLEN, 'p',
"Export len bytes of keying material (default 20)"},
{"fallback_scsv", OPT_FALLBACKSCSV, '-', "Send the fallback SCSV"},
- {"name", OPT_SMTPHOST, 's', "Hostname to use for \"-starttls smtp\""},
+ {"name", OPT_SMTPHOST, 's',
+ "Hostname to use for \"-starttls lmtp\" or \"-starttls smtp\""},
{"CRL", OPT_CRL, '<', "CRL file to use"},
{"crl_download", OPT_CRL_DOWNLOAD, '-', "Download CRL from distribution points"},
{"CRLform", OPT_CRLFORM, 'F', "CRL format (PEM or DER) PEM is default"},
#ifndef OPENSSL_NO_TLS1_2
{"tls1_2", OPT_TLS1_2, '-', "Just use TLSv1.2"},
#endif
+#ifndef OPENSSL_NO_TLS1_3
+ {"tls1_3", OPT_TLS1_3, '-', "Just use TLSv1.3"},
+#endif
#ifndef OPENSSL_NO_DTLS
{"dtls", OPT_DTLS, '-', "Use any version of DTLS"},
{"timeout", OPT_TIMEOUT, '-',
PROTO_XMPP_SERVER,
PROTO_CONNECT,
PROTO_IRC,
- PROTO_POSTGRES
+ PROTO_POSTGRES,
+ PROTO_LMTP
} PROTOCOL_CHOICE;
static const OPT_PAIR services[] = {
{"telnet", PROTO_TELNET},
{"irc", PROTO_IRC},
{"postgres", PROTO_POSTGRES},
+ {"lmtp", PROTO_LMTP},
{NULL, 0}
};
#define IS_PROT_FLAG(o) \
(o == OPT_SSL3 || o == OPT_TLS1 || o == OPT_TLS1_1 || o == OPT_TLS1_2 \
- || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2)
+ || o == OPT_TLS1_3 || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2)
/* Free |*dest| and optionally set it to a copy of |source|. */
static void freeandcopy(char **dest, const char *source)
min_version = SSL3_VERSION;
max_version = SSL3_VERSION;
break;
+ case OPT_TLS1_3:
+ min_version = TLS1_3_VERSION;
+ max_version = TLS1_3_VERSION;
+ break;
case OPT_TLS1_2:
min_version = TLS1_2_VERSION;
max_version = TLS1_2_VERSION;
switch ((PROTOCOL_CHOICE) starttls_proto) {
case PROTO_OFF:
break;
+ case PROTO_LMTP:
case PROTO_SMTP:
{
/*
int foundit = 0;
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
- /* wait for multi-line response to end from SMTP */
+ /* Wait for multi-line response to end from LMTP or SMTP */
do {
mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
}
while (mbuf_len > 3 && mbuf[3] == '-');
- BIO_printf(fbio, "EHLO %s\r\n", ehlo);
+ switch ((PROTOCOL_CHOICE) starttls_proto) {
+ case PROTO_LMTP:
+ BIO_printf(fbio, "LHLO %s\r\n", ehlo);
+ break;
+ case PROTO_SMTP:
+ BIO_printf(fbio, "EHLO %s\r\n", ehlo);
+ break;
+ }
(void)BIO_flush(fbio);
- /* wait for multi-line response to end EHLO SMTP response */
+ /*
+ * Wait for multi-line response to end LHLO LMTP or EHLO SMTP
+ * response.
+ */
do {
mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
if (strstr(mbuf, "STARTTLS"))