SMTP + STARTTLS
- From: Brian Stafford <brian stafford uklinux net>
- To: Carlos Morgado <chbm chbm nu>,Pawel Salek <pawsa TheoChem kth se>
- Cc: Balsa List <balsa-list gnome org>
- Subject: SMTP + STARTTLS
- Date: Fri, 24 Aug 2001 16:34:58 +0100
Hi all,
The following patch does a slightly better job of enabling STARTTLS
support for mail submission than my earlier one.
./configure will autodetect if a new STARTTLS API in 0.8.5 is present.
If so, it adds a certificate pass phrase text box to the SMTP server
configuration. It also #ifdefs the call to enable the use of STARTTLS in
libbalsa/send.c This is safer than always enabling it since server
interactions will fail with verions before 0.8.5{preX} if the server insists
on a client certificate.
I will follow up with another patch later to add selection of
Use TLS - Always/If Possible/Never. I'm interested to know of this should
be done with an option menu or radio buttons. Opinions?
Just a minor point. Having a text entry for server and certificate passwords
in the server configuration is a bit lame. It would be better to pop up a
dialogue box and remember passwords either for the session or permanently
(the ~/.gnome/balsa veriables would provide defaults for the dialogue).
Trouble is I have no idea how to do this in Gtk+. Any volunteers?
Brian
Index: acconfig.h
===================================================================
RCS file: /cvs/gnome/balsa/acconfig.h,v
retrieving revision 1.24
diff -u -r1.24 acconfig.h
--- acconfig.h 2001/08/19 01:41:22 1.24
+++ acconfig.h 2001/08/24 15:19:20
@@ -40,6 +40,7 @@
/* ESMTP support? */
#undef ENABLE_ESMTP
+#undef HAVE_SMTP_STARTTLS
#undef BALSA_STD_PREFIX
#undef BALSA_DATA_PREFIX
Index: configure.in
===================================================================
RCS file: /cvs/gnome/balsa/configure.in,v
retrieving revision 1.148
diff -u -r1.148 configure.in
--- configure.in 2001/08/23 12:01:05 1.148
+++ configure.in 2001/08/24 15:19:20
@@ -419,6 +419,9 @@
AC_MSG_RESULT([no])
fi
+AC_CHECK_LIB(esmtp, smtp_starttls_set_password_cb,
+ AC_DEFINE(HAVE_SMTP_STARTLS),,-lesmtp)
+
dnl ##########################################################################
dnl Enable GSS?
dnl ##########################################################################
Index: libbalsa/send.c
===================================================================
RCS file: /cvs/gnome/balsa/libbalsa/send.c,v
retrieving revision 1.123
diff -u -r1.123 send.c
--- libbalsa/send.c 2001/08/16 15:54:21 1.123
+++ libbalsa/send.c 2001/08/24 15:19:20
@@ -458,7 +458,12 @@
session = smtp_create_session ();
smtp_set_server (session, smtp_server);
-
+
+#if HAVE_SMTP_STARTTLS
+ /* Tell libESMTP it can use the SMTP STARTTLS extension. */
+ smtp_starttls_enable (session, Starttls_ENABLED);
+#endif
+
/* Now tell libESMTP it can use the SMTP AUTH extension. */
smtp_auth_set_context (session, smtp_authctx);
Index: libmutt/acconfig.h
===================================================================
RCS file: /cvs/gnome/balsa/libmutt/acconfig.h,v
retrieving revision 1.10
diff -u -r1.10 acconfig.h
--- libmutt/acconfig.h 2001/07/19 16:15:59 1.10
+++ libmutt/acconfig.h 2001/08/24 15:19:20
@@ -1,6 +1,7 @@
/* Enable debugging info */
-#define DEBUG
+#undef DEBUG
+#define NDEBUG
/* Disable the X-Mailer header? */
#undef NO_XMAILER
Index: libmutt/configure.in
===================================================================
RCS file: /cvs/gnome/balsa/libmutt/configure.in,v
retrieving revision 1.22
diff -u -r1.22 configure.in
--- libmutt/configure.in 2001/07/18 21:33:12 1.22
+++ libmutt/configure.in 2001/08/24 15:19:21
@@ -490,13 +490,9 @@
mutt_cv_iconv_nontrans=no)
LIBS="$mutt_save_LIBS")
if test "$mutt_cv_iconv_nontrans" = yes; then
- AC_DEFINE(ICONV_NONTRANS, 1)
-else
- AC_DEFINE(ICONV_NONTRANS, 0)
+ AC_DEFINE(ICONV_NONTRANS, 1, [Iconv bug detection])
fi
-else # "$mutt_cv_iconv" != no
- AC_DEFINE(ICONV_NONTRANS, 0)
fi
Index: src/balsa-app.c
===================================================================
RCS file: /cvs/gnome/balsa/src/balsa-app.c,v
retrieving revision 1.204
diff -u -r1.204 balsa-app.c
--- src/balsa-app.c 2001/08/17 18:12:04 1.204
+++ src/balsa-app.c 2001/08/24 15:19:21
@@ -182,6 +182,22 @@
}
return 1;
}
+
+#if HAVE_SMTP_STARTTLS
+static int
+tlsinteract (char *buf, int buflen, int rwflag, void *arg)
+{
+ char *pw;
+ int len;
+
+ pw = balsa_app.smtp_certificate_passphrase;
+ len = strlen (pw);
+ if (len + 1 > buflen)
+ return 0;
+ strcpy (buf, pw);
+ return len;
+}
+#endif
#endif /* ESMTP */
void
@@ -207,6 +223,13 @@
balsa_app.smtp_authctx = auth_create_context ();
auth_set_mechanism_flags (balsa_app.smtp_authctx, AUTH_PLUGIN_PLAIN, 0);
auth_set_interact_cb (balsa_app.smtp_authctx, authinteract, NULL);
+
+#if HAVE_SMTP_STARTTLS
+ /* Use our callback for X.509 certificate passwords. If STARTTLS is
+ not in use or disabled in configure, the following is harmless. */
+ balsa_app.smtp_certificate_passphrase = NULL;
+ smtp_starttls_set_password_cb (tlsinteract, NULL);
+#endif
#endif
balsa_app.inbox = NULL;
Index: src/balsa-app.h
===================================================================
RCS file: /cvs/gnome/balsa/src/balsa-app.h,v
retrieving revision 1.149
diff -u -r1.149 balsa-app.h
--- src/balsa-app.h 2001/08/23 09:02:40 1.149
+++ src/balsa-app.h 2001/08/24 15:19:21
@@ -31,6 +31,7 @@
#include "information-dialog.h"
#if ENABLE_ESMTP
+#include <libesmtp.h> /* part of libESMTP */
#include <auth-client.h> /* part of libESMTP */
#endif
@@ -159,6 +160,7 @@
gchar *smtp_user;
gchar *smtp_passphrase;
auth_context_t smtp_authctx;
+ gchar *smtp_certificate_passphrase;
#endif
BalsaWindow *main_window;
Index: src/pref-manager.c
===================================================================
RCS file: /cvs/gnome/balsa/src/pref-manager.c,v
retrieving revision 1.170
diff -u -r1.170 pref-manager.c
--- src/pref-manager.c 2001/08/23 09:02:41 1.170
+++ src/pref-manager.c 2001/08/24 15:19:22
@@ -49,7 +49,10 @@
GtkWidget *mail_servers;
#if ENABLE_ESMTP
GtkWidget *smtp_server, *smtp_user, *smtp_passphrase;
+#if HAVE_SMTP_STARTTLS
+ GtkWidget *smtp_certificate_passphrase;
#endif
+#endif
GtkWidget *mail_directory;
GtkRadioButton *encoding_type[NUM_ENCODING_MODES];
GtkWidget *check_mail_auto;
@@ -320,6 +323,12 @@
gtk_signal_connect(GTK_OBJECT(pui->smtp_passphrase), "changed",
GTK_SIGNAL_FUNC(properties_modified_cb),
property_box);
+
+#if HAVE_SMTP_STARTTLS
+ gtk_signal_connect(GTK_OBJECT(pui->smtp_certificate_passphrase), "changed",
+ GTK_SIGNAL_FUNC(properties_modified_cb),
+ property_box);
+#endif
#endif
for (i = 0; i < NUM_ENCODING_MODES; i++) {
@@ -487,6 +496,12 @@
g_free(balsa_app.smtp_passphrase);
balsa_app.smtp_passphrase =
g_strdup(gtk_entry_get_text(GTK_ENTRY(pui->smtp_passphrase)));
+
+#if HAVE_SMTP_STARTTLS
+ g_free(balsa_app.smtp_certificate_passphrase);
+ balsa_app.smtp_certificate_passphrase =
+ g_strdup(gtk_entry_get_text(GTK_ENTRY(pui->smtp_certificate_passphrase)));
+#endif
#endif
g_free(balsa_app.local_mail_directory);
@@ -712,7 +727,13 @@
if (balsa_app.smtp_passphrase)
gtk_entry_set_text(GTK_ENTRY(pui->smtp_passphrase),
balsa_app.smtp_passphrase);
+
+#if HAVE_SMTP_STARTTLS
+ if (balsa_app.smtp_certificate_passphrase)
+ gtk_entry_set_text(GTK_ENTRY(pui->smtp_certificate_passphrase),
+ balsa_app.smtp_certificate_passphrase);
#endif
+#endif
gtk_entry_set_text(GTK_ENTRY(pui->mail_directory),
balsa_app.local_mail_directory);
@@ -1103,6 +1124,9 @@
GtkWidget *fileentry2;
#if ENABLE_ESMTP
GtkWidget *frame5, *table4, *label16, *label17, *label18;
+#if HAVE_SMTP_STARTTLS
+ GtkWidget *label19;
+#endif
#endif
table3 = gtk_table_new(3, 1, FALSE);
@@ -1167,7 +1191,11 @@
(GtkAttachOptions) (GTK_FILL), 0, 0);
gtk_container_set_border_width(GTK_CONTAINER(frame5), 5);
+#if HAVE_SMTP_STARTTLS
table4 = gtk_table_new(3, 4, FALSE);
+#else
+ table4 = gtk_table_new(2, 4, FALSE);
+#endif
gtk_table_set_row_spacings(GTK_TABLE(table4), 3);
gtk_table_set_col_spacings(GTK_TABLE(table4), 3);
gtk_container_add(GTK_CONTAINER(frame5), table4);
@@ -1201,6 +1229,23 @@
gtk_table_attach(GTK_TABLE(table4), pui->smtp_passphrase, 3, 4, 1, 2,
(GtkAttachOptions) (GTK_EXPAND | GTK_FILL),
(GtkAttachOptions) (0), 0, 0);
+
+ /* STARTTLS */
+#if HAVE_SMTP_STARTTLS
+
+ label19 = gtk_label_new(_("Certificate Pass Phrase"));
+ gtk_table_attach(GTK_TABLE(table4), label19, 2, 3, 2, 3,
+ (GtkAttachOptions) (GTK_EXPAND | GTK_FILL),
+ (GtkAttachOptions) (0), 0, 0);
+ pui->smtp_certificate_passphrase = gtk_entry_new();
+ gtk_entry_set_visibility (GTK_ENTRY(pui->smtp_certificate_passphrase),
+ FALSE);
+
+ gtk_table_attach(GTK_TABLE(table4),
+ pui->smtp_certificate_passphrase, 3, 4, 2, 3,
+ (GtkAttachOptions) (GTK_EXPAND | GTK_FILL),
+ (GtkAttachOptions) (0), 0, 0);
+#endif
#endif
/* fill in data */
update_mail_servers();
Index: src/save-restore.c
===================================================================
RCS file: /cvs/gnome/balsa/src/save-restore.c,v
retrieving revision 1.206
diff -u -r1.206 save-restore.c
--- src/save-restore.c 2001/08/23 09:02:41 1.206
+++ src/save-restore.c 2001/08/24 15:19:22
@@ -641,7 +641,10 @@
}
balsa_app.smtp_user = gnome_config_get_string("ESMTPUser");
balsa_app.smtp_passphrase = gnome_config_get_string("ESMTPPassphrase");
+#if HAVE_SMTP_STARTTLS
+ balsa_app.smtp_certificate_passphrase = gnome_config_get_string("ESMTPCertificatePassphrase");
#endif
+#endif
/* ... outgoing mail */
balsa_app.encoding_style = gnome_config_get_int("EncodingStyle=2");
balsa_app.wordwrap = gnome_config_get_bool("WordWrap=true");
@@ -865,6 +868,9 @@
gnome_config_set_string("ESMTPServer", balsa_app.smtp_server);
gnome_config_set_string("ESMTPUser", balsa_app.smtp_user);
gnome_config_set_string("ESMTPPassphrase", balsa_app.smtp_passphrase);
+#if HAVE_SMTP_STARTTLS
+ gnome_config_set_string("ESMTPCertificatePassphrase", balsa_app.smtp_certificate_passphrase);
+#endif
#endif
gnome_config_set_int("EncodingStyle", balsa_app.encoding_style);
gnome_config_set_bool("WordWrap", balsa_app.wordwrap);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
