<<< Date Index >>>     <<< Thread Index >>>

[PATCH] ESMTP support, version 8 (smtps added)



This version of the esmtp patch adds smtps (SSL on connect instead of
via starttls negotiation) and fixes a bug that caused auth to fail
unless smtp_authenticators was set. Since AFAIK there's no standard
smtps port, smtps URLs will still default to 25.

$envelope_from hasn't been mangled. If I've understood the idea right,
I think this should be done in core mutt first, then I'll port it over
to the ESMTP patch.
diff -r dbd12257c831 Makefile.am
--- a/Makefile.am       Wed Sep  7 15:02:58 2005
+++ b/Makefile.am       Wed Sep  7 20:24:39 2005
@@ -61,7 +61,7 @@
 EXTRA_mutt_SOURCES = account.c md5c.c mutt_sasl.c mutt_socket.c mutt_ssl.c \
        mutt_tunnel.c pop.c pop_auth.c pop_lib.c smime.c pgp.c pgpinvoke.c 
pgpkey.c \
        pgplib.c sha1.c pgpmicalg.c gnupgparse.c resize.c dotlock.c remailer.c \
-       browser.h mbyte.h remailer.h url.h \
+       smtp.c browser.h mbyte.h remailer.h url.h \
        crypt-mod-pgp-classic.c crypt-mod-smime-classic.c \
        pgppacket.c mutt_idna.h hcache.c mutt_ssl_gnutls.c \
        crypt-gpgme.c crypt-mod-pgp-gpgme.c crypt-mod-smime-gpgme.c
diff -r dbd12257c831 account.c
--- a/account.c Wed Sep  7 15:02:58 2005
+++ b/account.c Wed Sep  7 20:24:39 2005
@@ -123,6 +123,16 @@
   }
 #endif
 
+#ifdef USE_SMTP
+  if (account->type == M_ACCT_TYPE_SMTP)
+  {
+    if (account->flags & M_ACCT_SSL)
+      url->scheme = U_SMTPS;
+    else
+      url->scheme = U_SMTP;
+  }
+#endif
+
   url->host = account->host;
   if (account->flags & M_ACCT_PORT)
     url->port = account->port;
diff -r dbd12257c831 account.h
--- a/account.h Wed Sep  7 15:02:58 2005
+++ b/account.h Wed Sep  7 20:24:39 2005
@@ -28,7 +28,8 @@
 {
   M_ACCT_TYPE_NONE = 0,
   M_ACCT_TYPE_IMAP,
-  M_ACCT_TYPE_POP
+  M_ACCT_TYPE_POP,
+  M_ACCT_TYPE_SMTP
 };
 
 /* account flags */
diff -r dbd12257c831 configure.in
--- a/configure.in      Wed Sep  7 15:02:58 2005
+++ b/configure.in      Wed Sep  7 20:24:39 2005
@@ -499,6 +499,13 @@
         fi
 ])
 AM_CONDITIONAL(BUILD_IMAP, test x$need_imap = xyes)
+
+AC_ARG_ENABLE(smtp, AC_HELP_STRING([--enable-smtp], [include internal SMTP 
relay support]),
+       [if test $enableval = yes; then
+               AC_DEFINE(USE_SMTP, 1, [Include internal SMTP relay support])
+               MUTT_LIB_OBJECTS="$MUTT_LIB_OBJECTS smtp.o"
+               need_socket="yes"
+       fi])
 
 dnl -- end socket dependencies --
 
diff -r dbd12257c831 globals.h
--- a/globals.h Wed Sep  7 15:02:58 2005
+++ b/globals.h Wed Sep  7 20:24:39 2005
@@ -109,6 +109,10 @@
 WHERE char *Shell;
 WHERE char *Signature;
 WHERE char *SimpleSearch;
+#if USE_SMTP
+WHERE char *SmtpUrl INITVAL (NULL);
+WHERE char *SmtpAuthenticators INITVAL (NULL);
+#endif /* USE_SMTP */
 WHERE char *Spoolfile;
 WHERE char *SpamSep;
 #if defined(USE_SSL) || defined(USE_GNUTLS)
diff -r dbd12257c831 init.h
--- a/init.h    Wed Sep  7 15:02:58 2005
+++ b/init.h    Wed Sep  7 20:24:39 2005
@@ -91,6 +91,9 @@
 # endif
 # ifndef USE_POP
 #  define USE_POP
+# endif
+# ifndef USE_SMTP
+#  define USE_SMTP
 # endif
 # ifndef USE_SSL
 #  define USE_SSL
@@ -2497,6 +2500,34 @@
   ** messages from the current folder.  The default is to pause one second, so 
   ** a value of zero for this option suppresses the pause.
   */
+#if USE_SMTP
+  { "smtp_url",                DT_STR, R_NONE, UL &SmtpUrl, UL 0 },
+  /*
+  ** .pp
+  ** Defines the SMTP ``smart'' host where sent messages should relayed for
+  ** delivery. This should take the form of an SMTP URL, eg:
+  ** .pp
+  **   smtp://[user[:pass]@]host[:port]/
+  ** .pp
+  ** Setting this variable overrides the value of the ``$$sendmail''
+  ** variable.
+  */
+# ifdef USE_SASL
+  { "smtp_authenticators", DT_STR, R_NONE, UL &SmtpAuthenticators, UL 0 },
+  /*
+   ** .pp
+   ** This is a colon-delimited list of authentication methods mutt may
+   ** attempt to use to log in to an SMTP server, in the order mutt should
+   ** try them.  Authentication methods are any SASL mechanism, eg 
+   ** 'digest-md5', 'gssapi' or 'cram-md5'.
+   ** This parameter is case-insensitive. If this parameter is unset
+   ** (the default) mutt will try all available methods, in order from
+   ** most-secure to least-secure.
+   ** .pp
+   ** Example: set smtp_authenticators="digest-md5:cram-md5"
+   */
+# endif /* USE_SASL */
+#endif /* USE_SMTP */
   { "sort",            DT_SORT, R_INDEX|R_RESORT, UL &Sort, SORT_DATE },
   /*
   ** .pp
diff -r dbd12257c831 mutt_sasl.c
--- a/mutt_sasl.c       Wed Sep  7 15:02:58 2005
+++ b/mutt_sasl.c       Wed Sep  7 20:24:39 2005
@@ -182,42 +182,44 @@
     case M_ACCT_TYPE_POP:
       service = "pop";
       break;
+    case M_ACCT_TYPE_SMTP:
+      service = "smtp";
+      break;
     default:
-      dprint (1, (debugfile, "mutt_sasl_client_new: account type unset\n"));
+      mutt_error (_("Unknown SASL profile"));
       return -1;
   }
 
   size = sizeof (local);
-  if (getsockname (conn->fd, (struct sockaddr *)&local, &size)){
-    dprint (1, (debugfile, "mutt_sasl_client_new: getsockname for local 
failed\n"));
+  if (getsockname (conn->fd, (struct sockaddr *)&local, &size)) {
+    mutt_error (_("SASL failed to get local IP address"));
     return -1;
   }
   else 
-  if (iptostring((struct sockaddr *)&local, size, iplocalport, IP_PORT_BUFLEN) 
!= SASL_OK){
-    dprint (1, (debugfile, "mutt_sasl_client_new: iptostring for local 
failed\n"));
+  if (iptostring((struct sockaddr *)&local, size, iplocalport, IP_PORT_BUFLEN) 
!= SASL_OK) {
+    mutt_error (_("SASL failed to parse local IP address"));
     return -1;
   }
   
   size = sizeof (remote);
   if (getpeername (conn->fd, (struct sockaddr *)&remote, &size)){
-    dprint (1, (debugfile, "mutt_sasl_client_new: getsockname for remote 
failed\n"));
+    mutt_error (_("SASL failed to get remote IP address"));
     return -1;
   }
   else 
   if (iptostring((struct sockaddr *)&remote, size, ipremoteport, 
IP_PORT_BUFLEN) != SASL_OK){
-    dprint (1, (debugfile, "mutt_sasl_client_new: iptostring for remote 
failed\n"));
-    return -1;
-  }
-
-  dprint(1,(debugfile, "local ip: %s, remote ip:%s\n", iplocalport, 
ipremoteport));
+    mutt_error (_("SASL failed to parse remote IP address"));
+    return -1;
+  }
+
+  dprint(2, (debugfile, "local ip: %s, remote ip:%s\n", iplocalport, 
ipremoteport));
   
   rc = sasl_client_new (service, conn->account.host, iplocalport, ipremoteport,
     mutt_sasl_get_callbacks (&conn->account), 0, saslconn);
 
   if (rc != SASL_OK)
   {
-    dprint (1, (debugfile,
-      "mutt_sasl_client_new: Error allocating SASL connection\n"));
+    mutt_error (_("Error allocating SASL connection"));
     return -1;
   }
 
@@ -232,8 +234,7 @@
   secprops.security_flags |= SASL_SEC_NOPLAINTEXT;
   if (sasl_setprop (*saslconn, SASL_SEC_PROPS, &secprops) != SASL_OK)
   {
-    dprint (1, (debugfile,
-      "mutt_sasl_client_new: Error setting security properties\n"));
+    mutt_error (_("Error setting SASL security properties"));
     return -1;
   }
 
@@ -243,13 +244,13 @@
     dprint (2, (debugfile, "External SSF: %d\n", conn->ssf));
     if (sasl_setprop (*saslconn, SASL_SSF_EXTERNAL, &(conn->ssf)) != SASL_OK)
     {
-      dprint (1, (debugfile, "mutt_sasl_client_new: Error setting external 
properties\n"));
+      mutt_error (_("Error setting SASL external security strength"));
       return -1;
     }
     dprint (2, (debugfile, "External authentication name: %s\n", 
conn->account.user));
     if (sasl_setprop (*saslconn, SASL_AUTH_EXTERNAL, conn->account.user) != 
SASL_OK)
-     {
-      dprint (1, (debugfile, "mutt_sasl_client_new: Error setting external 
properties\n"));
+    {
+      mutt_error (_("Error setting SASL external user name"));
       return -1;
     }
   }
diff -r dbd12257c831 mutt_socket.h
--- a/mutt_socket.h     Wed Sep  7 15:02:58 2005
+++ b/mutt_socket.h     Wed Sep  7 20:24:39 2005
@@ -56,7 +56,7 @@
 int mutt_socket_readchar (CONNECTION *conn, char *c);
 #define mutt_socket_readln(A,B,C) mutt_socket_readln_d(A,B,C,M_SOCK_LOG_CMD)
 int mutt_socket_readln_d (char *buf, size_t buflen, CONNECTION *conn, int dbg);
-#define mutt_socket_write(A,B) mutt_socket_write_d(A,B,M_SOCK_LOG_CMD);
+#define mutt_socket_write(A,B) mutt_socket_write_d(A,B,M_SOCK_LOG_CMD)
 int mutt_socket_write_d (CONNECTION *conn, const char *buf, int dbg);
 
 /* stupid hack for imap_logout_all */
diff -r dbd12257c831 protos.h
--- a/protos.h  Wed Sep  7 15:02:58 2005
+++ b/protos.h  Wed Sep  7 20:24:39 2005
@@ -342,6 +342,10 @@
 int _mutt_save_message (HEADER *, CONTEXT *, int, int, int);
 int mutt_save_message (HEADER *, int, int, int, int *);
 int mutt_search_command (int, int);
+#ifdef USE_SMTP
+int mutt_smtp_send (const ADDRESS *, const ADDRESS *, const ADDRESS *,
+                    const ADDRESS *, const char *, int);
+#endif
 int mutt_strwidth (const char *);
 int mutt_compose_menu (HEADER *, char *, size_t, HEADER *);
 int mutt_thread_set_flag (HEADER *, int, int, int);
diff -r dbd12257c831 send.c
--- a/send.c    Wed Sep  7 15:02:58 2005
+++ b/send.c    Wed Sep  7 20:24:39 2005
@@ -990,8 +990,16 @@
     return mix_send_message (msg->chain, tempfile);
 #endif
 
+#if USE_SMTP
+  if (SmtpUrl)
+      return mutt_smtp_send (msg->env->from, msg->env->to, msg->env->cc,
+                             msg->env->bcc, tempfile,
+                             (msg->content->encoding == ENC8BIT));
+#endif /* USE_SMTP */
+
   i = mutt_invoke_sendmail (msg->env->from, msg->env->to, msg->env->cc, 
-                           msg->env->bcc, tempfile, (msg->content->encoding == 
ENC8BIT));
+                           msg->env->bcc, tempfile,
+                            (msg->content->encoding == ENC8BIT));
   return (i);
 }
 
diff -r dbd12257c831 sendlib.c
--- a/sendlib.c Wed Sep  7 15:02:58 2005
+++ b/sendlib.c Wed Sep  7 20:24:39 2005
@@ -2169,6 +2169,12 @@
     mutt_copy_bytes (fp, f, h->content->length);
     fclose (f);
 
+#if USE_SMTP
+    if (SmtpUrl)
+      ret = mutt_smtp_send (env_from, to, NULL, NULL, tempfile,
+                            h->content->encoding == ENC8BIT);
+    else
+#endif /* USE_SMTP */
     ret = mutt_invoke_sendmail (env_from, to, NULL, NULL, tempfile,
                                h->content->encoding == ENC8BIT);
   }
diff -r dbd12257c831 url.c
--- a/url.c     Wed Sep  7 15:02:58 2005
+++ b/url.c     Wed Sep  7 20:24:39 2005
@@ -37,10 +37,12 @@
   { "file",    U_FILE },
   { "imap",    U_IMAP },
   { "imaps",   U_IMAPS },
-  { "pop",     U_POP  },
-  { "pops",    U_POPS  },
+  { "pop",     U_POP },
+  { "pops",    U_POPS },
   { "mailto",  U_MAILTO },
-  { NULL,      U_UNKNOWN}
+  { "smtp",     U_SMTP },
+  { "smtps",    U_SMTPS },
+  { NULL,      U_UNKNOWN }
 };
 
 
diff -r dbd12257c831 url.h
--- a/url.h     Wed Sep  7 15:02:58 2005
+++ b/url.h     Wed Sep  7 20:24:39 2005
@@ -8,6 +8,8 @@
   U_POPS,
   U_IMAP,
   U_IMAPS,
+  U_SMTP,
+  U_SMTPS,
   U_MAILTO,
   U_UNKNOWN
 }
diff -r dbd12257c831 smtp.c
--- /dev/null   Wed Sep  7 15:02:58 2005
+++ b/smtp.c    Wed Sep  7 20:24:39 2005
@@ -0,0 +1,537 @@
+/* mutt - text oriented MIME mail user agent
+ * Copyright (C) 2002 Michael R. Elkins <me@xxxxxxxx>
+ * Copyright (C) 2005 Brendan Cully <brendan@xxxxxxxxxx>
+ * 
+ *     This program is free software; you can redistribute it and/or modify
+ *     it under the terms of the GNU General Public License as published by
+ *     the Free Software Foundation; either version 2 of the License, or
+ *     (at your option) any later version.
+ * 
+ *     This program is distributed in the hope that it will be useful,
+ *     but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *     GNU General Public License for more details.
+ * 
+ *     You should have received a copy of the GNU General Public License
+ *     along with this program; if not, write to the Free Software
+ *     Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111, USA.
+ */
+
+/* This file contains code for direct SMTP delivery of email messages. */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include "mutt.h"
+#include "mutt_curses.h"
+#include "mutt_socket.h"
+#if defined(USE_SSL) || defined(USE_GNUTLS)
+# include "mutt_ssl.h"
+#endif
+#ifdef USE_SASL
+#include "mutt_sasl.h"
+
+#include <sasl/sasl.h>
+#include <sasl/saslutil.h>
+#endif
+
+#include <netdb.h>
+#include <stdio.h>
+#include <sys/stat.h>
+
+#define smtp_success(x) ((x)/100 == 2)
+#define smtp_ready 334
+#define smtp_continue 354
+
+#define smtp_err_read -2
+#define smtp_err_write -3
+
+#define SMTP_PORT 25
+
+#define SMTP_AUTH_SUCCESS 0
+#define SMTP_AUTH_UNAVAIL 1
+#define SMTP_AUTH_FAIL    -1
+
+enum {
+  STARTTLS,
+  AUTH,
+  DSN,
+  EIGHTBITMIME,
+
+  CAPMAX
+};
+
+#ifdef USE_SASL
+static int smtp_auth (CONNECTION* conn);
+static int smtp_auth_sasl (CONNECTION* conn, const char* mechanisms);
+#endif
+
+static int smtp_fill_account (ACCOUNT* account);
+static int smtp_open (CONNECTION* conn);
+
+static int Esmtp = 0;
+static char* AuthMechs = NULL;
+static unsigned char Capabilities[(CAPMAX + 7)/ 8];
+
+/* Reads a command response from the SMTP server.
+ * Returns:
+ * 0   on success (2xx code) or continue (354 code)
+ * -1  write error, or any other response code
+ */
+static int
+smtp_get_resp (CONNECTION * conn)
+{
+  int n;
+  char buf[1024];
+
+  do {
+    n = mutt_socket_readln (buf, sizeof (buf), conn);
+    if (n == -1)
+      return smtp_err_read;
+    n = atoi (buf);
+
+    if (!ascii_strncasecmp ("8BITMIME", buf + 4, 8))
+      mutt_bit_set (Capabilities, EIGHTBITMIME);
+    else if (!ascii_strncasecmp ("AUTH", buf + 4, 4))
+    {
+      mutt_bit_set (Capabilities, AUTH);
+      FREE (&AuthMechs);
+      AuthMechs = safe_strdup (buf + 9);
+    }
+    else if (!ascii_strncasecmp ("DSN", buf + 4, 3))
+      mutt_bit_set (Capabilities, DSN);
+    else if (!ascii_strncasecmp ("STARTTLS", buf + 4, 8))
+      mutt_bit_set (Capabilities, STARTTLS);
+  } while (buf[3] == '-');
+
+  if (smtp_success (n) || n == smtp_continue)
+    return 0;
+
+  mutt_error (_("SMTP session failed: %s"), buf);
+    return -1;
+}
+
+static int
+smtp_rcpt_to (CONNECTION * conn, const ADDRESS * a)
+{
+  char buf[1024];
+  int r;
+
+  while (a)
+  {
+    if (mutt_bit_isset (Capabilities, DSN) && DsnNotify)
+      snprintf (buf, sizeof (buf), "RCPT TO:<%s> NOTIFY=%s\r\n",
+                a->mailbox, DsnNotify);
+    else
+      snprintf (buf, sizeof (buf), "RCPT TO:<%s>\r\n", a->mailbox);
+    if (mutt_socket_write (conn, buf) == -1)
+      return smtp_err_write;
+    if ((r = smtp_get_resp (conn)))
+      return r;
+    a = a->next;
+  }
+
+  return 0;
+}
+
+static int
+smtp_data (CONNECTION * conn, const char *msgfile)
+{
+  char buf[1024];
+  FILE *fp = 0;
+  progress_t progress;
+  struct stat st;
+  int r;
+
+  fp = fopen (msgfile, "r");
+  if (!fp)
+  {
+    mutt_error ("SMTP session failed: unable to open %s", msgfile);
+    return -1;
+  }
+  stat (msgfile, &st);
+  progress.msg = _("Sending message...");
+  progress.size = st.st_size;
+  mutt_progress_bar (&progress, 0);
+  
+  snprintf (buf, sizeof (buf), "DATA\r\n");
+  if (mutt_socket_write (conn, buf) == -1)
+  {
+    fclose (fp);
+    return smtp_err_write;
+  }
+  if ((r = smtp_get_resp (conn)))
+  {
+    fclose (fp);
+    return r;
+  }
+  
+  while (fgets (buf, sizeof (buf), fp))
+  {
+    if (buf[0] == '.')
+    {
+      if (mutt_socket_write_d (conn, ".", 3) == -1)
+      {
+        fclose (fp);
+        return smtp_err_write;
+      }
+    }
+    if (mutt_socket_write_d (conn, buf, 3) == -1)
+    {
+      fclose (fp);
+      return smtp_err_write;
+    }
+
+    mutt_progress_bar (&progress, ftell (fp));
+  }
+  fclose (fp);
+
+  /* terminate the message body */
+  if (mutt_socket_write (conn, ".\r\n") == -1)
+    return smtp_err_write;
+
+  if ((r = smtp_get_resp (conn)))
+    return r;
+
+  return 0;
+}
+
+int
+mutt_smtp_send (const ADDRESS* from, const ADDRESS* to, const ADDRESS* cc,
+                const ADDRESS* bcc, const char *msgfile, int eightbit)
+{
+  CONNECTION *conn;
+  ACCOUNT account;
+  int ret = -1;
+  char buf[1024];
+
+  if (smtp_fill_account (&account) < 0)
+    return ret;
+
+  if (!(conn = mutt_conn_find (NULL, &account)))
+    return -1;
+
+  Esmtp = eightbit;
+
+  do
+  {
+    /* send our greeting */
+    if (( ret = smtp_open (conn)))
+      break;
+    FREE (&AuthMechs);
+
+    /* send the sender's address */
+    ret = snprintf (buf, sizeof (buf), "MAIL FROM:<%s>", from->mailbox);
+    if (eightbit && mutt_bit_isset (Capabilities, EIGHTBITMIME))
+    {
+      safe_strncat (buf, sizeof (buf), " BODY=8BITMIME", 15);
+      ret += 14;
+    }
+    if (DsnReturn && mutt_bit_isset (Capabilities, DSN))
+      ret += snprintf (buf + ret, sizeof (buf) - ret, " RET=%s", DsnReturn);
+    safe_strncat (buf, sizeof (buf), "\r\n", 3);
+    if (mutt_socket_write (conn, buf) == -1)
+    {
+      ret = smtp_err_write;
+      break;
+    }
+    if ((ret = smtp_get_resp (conn)))
+      break;
+
+    /* send the recipient list */
+    if ((ret = smtp_rcpt_to (conn, to)) || (ret = smtp_rcpt_to (conn, cc))
+        || (ret = smtp_rcpt_to (conn, bcc)))
+      break;
+
+    /* send the message data */
+    if ((ret = smtp_data (conn, msgfile)))
+      break;
+
+    mutt_socket_write (conn, "QUIT\r\n");
+
+    ret = 0;
+  }
+  while (0);
+
+  if (conn)
+    mutt_socket_close (conn);
+
+  if (ret == smtp_err_read)
+    mutt_error (_("SMTP session failed: read error"));
+  else if (ret == smtp_err_write)
+    mutt_error (_("SMTP session failed: write error"));
+
+  return ret;
+}
+
+static int smtp_fill_account (ACCOUNT* account)
+{
+  static unsigned short SmtpPort = 0;
+
+  struct servent* service;
+  ciss_url_t url;
+  char* urlstr;
+
+  account->flags = 0;
+  account->port = 0;
+  account->type = M_ACCT_TYPE_SMTP;
+
+  urlstr = safe_strdup (SmtpUrl);
+  url_parse_ciss (&url, urlstr);
+  if ((url.scheme != U_SMTP && url.scheme != U_SMTPS)
+      || mutt_account_fromurl (account, &url) < 0)
+  {
+    FREE (&urlstr);
+    mutt_error (_("Invalid SMTP URL: %s"), SmtpUrl);
+    mutt_sleep (1);
+    return -1;
+  }
+  FREE (&urlstr);
+  
+  if (url.scheme == U_SMTPS)
+    account->flags |= M_ACCT_SSL;
+
+  if (!account->port)
+  {
+    if (!SmtpPort)
+    {
+      service = getservbyname ("smtp", "tcp");
+      if (service)
+        SmtpPort = ntohs (service->s_port);
+      else
+        SmtpPort = SMTP_PORT;
+      dprint (3, (debugfile, "Using default SMTP port %d\n", SmtpPort));
+    }
+    account->port = SmtpPort;
+  }
+
+  return 0;
+}
+
+static int smtp_helo (CONNECTION* conn)
+{
+  char buf[LONG_STRING];
+
+  memset (Capabilities, 0, sizeof (Capabilities));
+
+  if (!Esmtp)
+  {
+    /* if TLS or AUTH are requested, use EHLO */
+    if (conn->account.flags & M_ACCT_USER)
+      Esmtp = 1;
+#if defined(USE_SSL) || defined(USE_GNUTLS)
+    if (option (OPTSSLFORCETLS) || quadoption (OPT_SSLSTARTTLS) != M_NO)
+      Esmtp = 1;
+#endif
+  }
+
+  snprintf (buf, sizeof (buf), "%s %s\r\n", Esmtp ? "EHLO" : "HELO", Fqdn);
+  /* XXX there should probably be a wrapper in mutt_socket.c that
+    * repeatedly calls conn->write until all data is sent.  This
+    * currently doesn't check for a short write.
+    */
+  if (mutt_socket_write (conn, buf) == -1)
+    return smtp_err_write;
+  return smtp_get_resp (conn);
+}
+
+static int smtp_open (CONNECTION* conn)
+{
+  int rc;
+
+  if (mutt_socket_open (conn))
+    return -1;
+
+  /* get greeting string */
+  if ((rc = smtp_get_resp (conn)))
+    return rc;
+  
+  if ((rc = smtp_helo (conn)))
+    return rc;
+
+#if defined(USE_SSL) || defined(USE_GNUTLS)
+  if (conn->ssf)
+    rc = M_NO;
+  else if (option (OPTSSLFORCETLS))
+    rc = M_YES;
+  else if (mutt_bit_isset (Capabilities, STARTTLS) &&
+           (rc = query_quadoption (OPT_SSLSTARTTLS,
+                                   _("Secure connection with TLS?"))) == -1)
+    return rc;
+  
+  if (rc == M_YES)
+  {
+    if (mutt_socket_write (conn, "STARTTLS\r\n") < 0)
+      return smtp_err_write;
+    if ((rc = smtp_get_resp (conn)))
+      return rc;
+    
+#ifdef USE_SSL
+    if (mutt_ssl_starttls (conn))
+#elif USE_GNUTLS
+    if (mutt_gnutls_starttls (idata->conn))
+#endif
+    {
+      mutt_error (_("Could not negotiate TLS connection"));
+      mutt_sleep (1);
+      return -1;
+    }
+
+    /* re-EHLO to get authentication mechanisms */
+    if ((rc = smtp_helo (conn)))
+      return rc;
+  }
+#endif
+
+  if (conn->account.flags & M_ACCT_USER)
+  {
+    if (!mutt_bit_isset (Capabilities, AUTH))
+    {
+      mutt_error (_("SMTP server does not support authentication"));
+      mutt_sleep (1);
+      return -1;
+    }
+
+#ifdef USE_SASL
+    return smtp_auth (conn);
+#else
+    mutt_error (_("SMTP authentication requires SASL"));
+    mutt_sleep (1);
+    return -1;
+#endif /* USE_SASL */
+  }
+
+  return 0;
+}
+
+#ifdef USE_SASL
+static int smtp_auth (CONNECTION* conn)
+{
+  int r = SMTP_AUTH_UNAVAIL;
+
+  if (SmtpAuthenticators && *SmtpAuthenticators)
+  {
+    char* methods = safe_strdup (SmtpAuthenticators);
+    char* method;
+    char* delim;
+
+    for (method = methods; method; method = delim)
+    {
+      delim = strchr (method, ':');
+      if (delim)
+       *delim++ = '\0';
+      if (! method[0])
+       continue;
+      
+      dprint (2, (debugfile, "smtp_authenticate: Trying method %s\n", method));
+
+      if ((r = smtp_auth_sasl (conn, method)) != SMTP_AUTH_UNAVAIL)
+        break;
+    }
+
+    FREE (&methods);
+  }
+  else
+    r = smtp_auth_sasl (conn, AuthMechs);
+  
+  if (r == SMTP_AUTH_UNAVAIL)
+  {
+    mutt_error (_("No authenticators available"));
+    mutt_sleep (1);
+  }
+  
+  return r == SMTP_AUTH_SUCCESS ? 0 : -1;
+}
+
+static int smtp_auth_sasl (CONNECTION* conn, const char* mechlist)
+{
+  sasl_conn_t* saslconn;
+  sasl_interact_t* interaction = NULL;
+  const char* mech;
+  const char* data = NULL;
+  unsigned int len;
+  char buf[HUGE_STRING];
+  int rc, saslrc;
+
+  if (mutt_sasl_client_new (conn, &saslconn) < 0)
+    return SMTP_AUTH_FAIL;
+
+  do
+  {
+    rc = sasl_client_start (saslconn, mechlist, &interaction, &data, &len, 
&mech);
+    if (rc == SASL_INTERACT)
+      mutt_sasl_interact (interaction);
+  }
+  while (rc == SASL_INTERACT);
+
+  if (rc != SASL_OK && rc != SASL_CONTINUE)
+  {
+    dprint (2, (debugfile, "smtp_auth_sasl: %s unavailable\n", mech));
+    sasl_dispose (&saslconn);
+    return SMTP_AUTH_UNAVAIL;
+  }
+  
+  mutt_message (_("Authenticating (%s)..."), mech);
+
+  snprintf (buf, sizeof (buf), "AUTH %s", mech);
+  if (len)
+  {
+    strncat (buf, " ", sizeof (buf));
+    if (sasl_encode64 (data, len, buf + mutt_strlen (buf),
+                       sizeof (buf) - mutt_strlen (buf), &len) != SASL_OK)
+    {
+      dprint (1, (debugfile, "smtp_auth_sasl: error base64-encoding client 
response.\n"));
+      goto fail;
+    }
+  }
+  strncat (buf, "\r\n", sizeof (buf));
+
+  do {
+    if (mutt_socket_write (conn, buf) < 0)
+      goto fail;
+    if (mutt_socket_readln (buf, sizeof (buf), conn) < 0)
+      goto fail;
+    rc = atoi(buf);
+    
+    if (rc != smtp_ready)
+      break;
+
+    if (sasl_decode64 (buf+4, strlen (buf+4), buf, sizeof (buf), &len) != 
SASL_OK)
+    {
+      dprint (1, (debugfile, "smtp_auth_sasl: error base64-decoding server 
response.\n"));
+      goto fail;
+    }
+
+    do
+    {
+      saslrc = sasl_client_step (saslconn, buf, len, &interaction, &data, 
&len);
+      if (saslrc == SASL_INTERACT)
+        mutt_sasl_interact (interaction);
+    }
+    while (saslrc == SASL_INTERACT);
+
+    if (len)
+    {
+      if (sasl_encode64 (data, len, buf, sizeof (buf), &len) != SASL_OK)
+      {
+        dprint (1, (debugfile, "smtp_auth_sasl: error base64-encoding client 
response.\n"));
+        goto fail;
+      }
+    }
+    strfcpy (buf + len, "\r\n", sizeof (buf) - len);
+  } while (rc == smtp_ready);
+
+  if (smtp_success (rc))
+  {
+    mutt_sasl_setup_conn (conn, saslconn);
+    return SMTP_AUTH_SUCCESS;
+  }
+
+fail:
+  mutt_error (_("SASL authentication failed"));
+  mutt_sleep (1);
+  sasl_dispose (&saslconn);
+  return SMTP_AUTH_FAIL;
+}
+#endif /* USE_SASL */

Attachment: pgpPF7oCZ0Fdd.pgp
Description: PGP signature