+ /* smtp starttls checks */
+ if ($use_smtp_tls==2) {
+ // if something breaks, script should close smtp connection on exit.
+
+ // say helo
+ fwrite($stream,"EHLO $client_ip\r\n");
+
+ $ehlo=array();
+ $ehlo_error = false;
+ while ($line=fgets($stream, 1024)){
+ if (preg_match("/^250(-|\s)(\S*)\s+(\S.*)/",$line,$match)||
+ preg_match("/^250(-|\s)(\S*)\s+/",$line,$match)) {
+ if (!isset($match[3])) {
+ // simple one word extension
+ $ehlo[strtoupper($match[2])]='';
+ } else {
+ // ehlo-keyword + ehlo-param
+ $ehlo[strtoupper($match[2])]=trim($match[3]);
+ }
+ if ($match[1]==' ') {
+ $ret = $line;
+ break;
+ }
+ } else {
+ //
+ $ehlo_error = true;
+ $ehlo[]=$line;
+ break;
+ }
+ }
+ if ($ehlo_error) {
+ do_err('SMTP EHLO failed. You need ESMTP support for SMTP STARTTLS');
+ } elseif (!array_key_exists('STARTTLS',$ehlo)) {
+ do_err('STARTTLS support is not declared by SMTP server.');
+ }
+
+ fwrite($stream,"STARTTLS\r\n");
+ $starttls_response=fgets($stream, 1024);
+ if ($starttls_response[0]!=2) {
+ $starttls_cmd_err = 'SMTP STARTTLS failed. Server replied: '
+ .htmlspecialchars($starttls_response);
+ do_err($starttls_cmd_err);
+ } elseif(! stream_socket_enable_crypto($stream,true,STREAM_CRYPTO_METHOD_TLS_CLIENT)) {
+ do_err('Failed to enable encryption on SMTP STARTTLS connection.');
+ } else {
+ echo $IND . "SMTP STARTTLS extension looks OK.<br />\n";
+ }
+ // According to RFC we should second ehlo call here.
+ }
+