Attached is a patch to enable (SIEVE) STARTTLS support for fsockopen
using stls://host.example.org
I'm pretty sure I've got it to conform to the RFC:
http://www.holtmann.org/email/sieve/draft-martin-managesieve-03.txt
Currently it only works with SIEVE, but it could be easily extended to
do SMTP (Send "EHLO hostname" first) and IMAP.
Maybe something like sieve+stls:// and smtp+stls:// would be better
for the separate STARTTLS setups.
http://am-productions.biz/docs/patch-openssl-starttls.patch
I'm sure there are a bunch of things "wrong" with how I've done this,
so feel free to send suggestions.
Thanks,
Anish Mistry
You've patched this at the transport level; while that will work, it's
architecturally incorrect.
STARTTLS is a protocol level thing, so you code would be better suited
as a wrapper.
You can implement wrappers in user-space
(http://www.php.net/manual/en/function.stream-register-wrapper.php),
so you don't need to patch the C code.
In fact, you don't even need a wrapper for this functionality:
<?php
$s = fsockopen($host, $port);
// do capability negiotiation here
// ...
// now turn on crypto
stream_socket_enable_crypto($s, true,
STREAM_CRYPTO_METHOD_TLS_CLIENT);
?>
--Wez.
Attached is a patch to enable (SIEVE) STARTTLS support for fsockopen
using stls://host.example.org
I'm pretty sure I've got it to conform to the RFC:
http://www.holtmann.org/email/sieve/draft-martin-managesieve-03.txt
Currently it only works with SIEVE, but it could be easily extended to
do SMTP (Send "EHLO hostname" first) and IMAP.
Maybe something like sieve+stls:// and smtp+stls:// would be better
for the separate STARTTLS setups.http://am-productions.biz/docs/patch-openssl-starttls.patch
I'm sure there are a bunch of things "wrong" with how I've done this,
so feel free to send suggestions.Thanks,
Anish Mistry