Extend SMTP and IMAP protocol handling to perform the required

EHLO or CAPABILITY handshake before sending STARTTLS

Submitted by: Goetz Babin-Ebell <goetz@shomitefo.de>

diff --git a/CHANGES b/CHANGES
index 806049fdc937e33153d9b87d3d7106371de4bc15..252dc314070b7000f79c79ee2faff19de08545e0 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -39,6 +39,10 @@
      Improve header file function name parsing.
      [Steve Henson]
 
+  *) extend SMTP and IMAP protocol emulation in s_client to use EHLO
+     or CAPABILITY handshake as required by RFCs.
+     [Goetz Babin-Ebell]
+
  Changes between 0.9.8c and 0.9.8d  [28 Sep 2006]
 
   *) Introduce limits to prevent malicious keys being able to

diff --git a/apps/s_client.c b/apps/s_client.c
index 09a835e618c150ccb8b8e60eed5d75bd8a817f09..18044809d6fcbebfa60488230c7a81697b97aaa9 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -735,12 +735,27 @@ re_start:
        /* This is an ugly hack that does a lot of assumptions */
        if (starttls_proto == PROTO_SMTP)
                {
+               int foundit=0;
                /* wait for multi-line response to end from SMTP */
                do
                        {
                        mbuf_len = BIO_read(sbio,mbuf,BUFSIZZ);
                        }
                while (mbuf_len>3 && mbuf[3]=='-');
+               /* STARTTLS command requires EHLO... */
+               BIO_printf(sbio,"EHLO openssl.client.net\r\n");
+               /* wait for multi-line response to end EHLO SMTP response */
+               do
+                       {
+                       mbuf_len = BIO_read(sbio,mbuf,BUFSIZZ);
+                       if (strstr(mbuf,"STARTTLS"))
+                               foundit=1;
+                       }
+               while (mbuf_len>3 && mbuf[3]=='-');
+               if (!foundit)
+                       BIO_printf(bio_err,
+                                  "didn't found starttls in server response,"
+                                  " try anyway...\n");
                BIO_printf(sbio,"STARTTLS\r\n");
                BIO_read(sbio,sbuf,BUFSIZZ);
                }
@@ -752,8 +767,23 @@ re_start:
                }
        else if (starttls_proto == PROTO_IMAP)
                {
+               int foundit=0;
                BIO_read(sbio,mbuf,BUFSIZZ);
-               BIO_printf(sbio,"0 STARTTLS\r\n");
+               /* STARTTLS command requires CAPABILITY... */
+               BIO_printf(sbio,". CAPABILITY\r\n");
+               /* wait for multi-line CAPABILITY response */
+               do
+                       {
+                       mbuf_len = BIO_read(sbio,mbuf,BUFSIZZ);
+                       if (strstr(mbuf,"STARTTLS"))
+                               foundit=1;
+                       }
+               while (mbuf_len>3);
+               if (!foundit)
+                       BIO_printf(bio_err,
+                                  "didn't found STARTTLS in server response,"
+                                  " try anyway...\n");
+               BIO_printf(sbio,". STARTTLS\r\n");
                BIO_read(sbio,sbuf,BUFSIZZ);
                }
        else if (starttls_proto == PROTO_FTP)