X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=class%2Fdeliver%2FDeliver_SMTP.class.php;h=fe64ec997996d93142ff02369b57f7c873c51b35;hp=2fcd02118a22a59d1b33d08ca183865a31b9fbb4;hb=6872a6750379b6c17cf6a6dfec6150ade78f52a0;hpb=701e7beed3baca980039f978c6d536dd91cae775

diff --git a/class/deliver/Deliver_SMTP.class.php b/class/deliver/Deliver_SMTP.class.php
index 2fcd0211..fe64ec99 100644
--- a/class/deliver/Deliver_SMTP.class.php
+++ b/class/deliver/Deliver_SMTP.class.php
@@ -5,7 +5,7 @@
  *
  * SMTP delivery backend for the Deliver class.
  *
- * @copyright 1999-2014 The SquirrelMail Project Team
+ * @copyright 1999-2018 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
@@ -62,7 +62,7 @@ class Deliver_SMTP extends Deliver {
         }
     }
 
-    function initStream($message, $domain, $length=0, $host='', $port='', $user='', $pass='', $authpop=false, $pop_host='') {
+    function initStream($message, $domain, $length=0, $host='', $port='', $user='', $pass='', $authpop=false, $pop_host='', $stream_options=array()) {
         global $use_smtp_tls,$smtp_auth_mech;
 
         if ($authpop) {
@@ -90,9 +90,23 @@ class Deliver_SMTP extends Deliver {
             $from->mailbox = '';
         }
 
+        // NB: Using "ssl://" ensures the highest possible TLS version
+        // will be negotiated with the server (whereas "tls://" only
+        // uses TLS version 1.0)
+        //
         if ($use_smtp_tls == 1) {
             if ((check_php_version(4,3)) && (extension_loaded('openssl'))) {
-                $stream = @fsockopen('tls://' . $host, $port, $errorNumber, $errorString);
+                if (function_exists('stream_socket_client')) {
+                    $server_address = 'ssl://' . $host . ':' . $port;
+                    $ssl_context = @stream_context_create($stream_options);
+                    $connect_timeout = ini_get('default_socket_timeout');
+                    // null timeout is broken
+                    if ($connect_timeout == 0)
+                        $connect_timeout = 30;
+                    $stream = @stream_socket_client($server_address, $errorNumber, $errorString, $connect_timeout, STREAM_CLIENT_CONNECT, $ssl_context);
+                } else {
+                    $stream = @fsockopen('ssl://' . $host, $port, $errorNumber, $errorString);
+                }
                 $this->tls_enabled = true;
             } else {
                 /**
@@ -140,6 +154,9 @@ class Deliver_SMTP extends Deliver {
         if (preg_match('/^\d+\.\d+\.\d+\.\d+$/', $helohost))
             $helohost = '[' . $helohost . ']';
 
+        $hook_result = do_hook('smtp_helo_override', $helohost);
+        if (!empty($hook_result)) $helohost = $hook_result;
+
         /* Lets introduce ourselves */
         fputs($stream, "EHLO $helohost\r\n");
         // Read ehlo response