Re: [PATCH] Remove dependency on deprecated Net::SMTP::SSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 20/11/16 22:18, Mike Fisher  wrote:

Thanks for contributing to Git.
One comment on the head line:
>Refactor send_message() to remove dependency on deprecated
Net::SMTP::SSL
The word "refactor" may be used in other way: Re-structure the code,
and use the same API.


"Remove dependency on deprecated Net::SMTP::SSL"

Refactor send_message() to remove dependency on deprecated
Net::SMTP::SSL:
Is there a security risk with require Net::SMTP::SSL ?
If yes, the commit message should state this.
If no:
Even if it is deprecated, is it still in use somewhere ?
Does it hurt someone, is there any OS release where the old code doesn't work anymore ?
Or is it "only" nice to have ?
Since when does Net::SMTP include Net::SMTP::SSL ?
On which system has the change been tested ?

I think the commit message could and should give more information like this.

My comments may be over-critical.
Lets see if other people from the list know more than me.


<http://search.cpan.org/~rjbs/Net-SMTP-SSL-1.04/lib/Net/SMTP/SSL.pm#DEPRECATED>

Signed-off-by: Mike Fisher <mfisher@xxxxxxxxxxx>
---
 git-send-email.perl | 54 +++++++++++++++++++++++++----------------------------
 1 file changed, 25 insertions(+), 29 deletions(-)

diff --git a/git-send-email.perl b/git-send-email.perl
index da81be4..fc166c5 100755
--- a/git-send-email.perl
+++ b/git-send-email.perl
@@ -1330,15 +1330,17 @@ Message-Id: $message_id
         print $sm "$header\n$message";
         close $sm or die $!;
     } else {
-
I can see one refactoring, that is the removal of an empty line.


         if (!defined $smtp_server) {
             die "The required SMTP server is not properly defined."
         }

+        require Net::SMTP;
+        $smtp_domain ||= maildomain();
+        my $smtp_ssl = 0;
+
         if ($smtp_encryption eq 'ssl') {
             $smtp_server_port ||= 465; # ssmtp
-            require Net::SMTP::SSL;
-            $smtp_domain ||= maildomain();
+            $smtp_ssl = 1;
             require IO::Socket::SSL;

             # Suppress "variable accessed once" warning.
@@ -1347,37 +1349,31 @@ Message-Id: $message_id
                 $IO::Socket::SSL::DEBUG = 1;
             }

-            # Net::SMTP::SSL->new() does not forward any SSL options
             IO::Socket::SSL::set_client_defaults(
                 ssl_verify_params());
-            $smtp ||= Net::SMTP::SSL->new($smtp_server,
-                              Hello => $smtp_domain,
-                              Port => $smtp_server_port,
-                              Debug => $debug_net_smtp);
         }
         else {
-            require Net::SMTP;
-            $smtp_domain ||= maildomain();
             $smtp_server_port ||= 25;
-            $smtp ||= Net::SMTP->new($smtp_server,
-                         Hello => $smtp_domain,
-                         Debug => $debug_net_smtp,
-                         Port => $smtp_server_port);
-            if ($smtp_encryption eq 'tls' && $smtp) {
-                require Net::SMTP::SSL;
-                $smtp->command('STARTTLS');
-                $smtp->response();
-                if ($smtp->code == 220) {
-                    $smtp = Net::SMTP::SSL->start_SSL($smtp,
-                                      ssl_verify_params())
-                        or die "STARTTLS failed! ".IO::Socket::SSL::errstr();
-                    $smtp_encryption = '';
-                    # Send EHLO again to receive fresh
-                    # supported commands
-                    $smtp->hello($smtp_domain);
-                } else {
-                    die "Server does not support STARTTLS! ".$smtp->message;
-                }
+        }
+
+        $smtp ||= Net::SMTP->new($smtp_server,
+                     Hello => $smtp_domain,
+                     Port => $smtp_server_port,
+                     Debug => $debug_net_smtp,
+                     SSL => $smtp_ssl);
+
+        if ($smtp_encryption eq 'tls' && $smtp) {
+            $smtp->command('STARTTLS');
+            $smtp->response();
+            if ($smtp->code == 220) {
+                $smtp->starttls(ssl_verify_params())
+                    or die "STARTTLS failed! ".IO::Socket::SSL::errstr();
+                $smtp_encryption = '';
+                # Send EHLO again to receive fresh
+                # supported commands
+                $smtp->hello($smtp_domain);
+            } else {
+                die "Server does not support STARTTLS! ".$smtp->message;
             }
         }





[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]