Howdy,
First, thank you all for such a fantastic piece of software.
I've recently been exploring using async for our production mail servers.
We use the tls plugin, which I understand hasn't been re-written for the
async server yet.
First I tried the patch here:
http://www.nntp.perl.org/group/perl.qpsmtpd/2007/10/msg7423.html, but
then read this message:
http://www.nntp.perl.org/group/perl.qpsmtpd/2007/10/msg7471.html.
The following patch seems to work for me, but I'm a bit concerned that
I'm being naive [grin].
Thanks again!
-- Douglas
--- plugins.orig/tls 2008-04-30 09:54:08.000000000 -0400
+++ plugins/tls 2008-05-01 13:49:50.000000000 -0400
@@ -159,6 +159,10 @@
sub _convert_to_ssl {
my ($self) = @_;
+ if ($self->qp->isa('Qpsmtpd::PollServer')) {
+ return _convert_to_ssl_async($self);
+ }
+
eval {
my $tlssocket = IO::Socket::SSL->new_from_fd(
fileno(STDIN), '+>',
@@ -185,6 +189,39 @@
}
}
+sub _convert_to_ssl_async {
+ my ($self) = @_;
+
+ eval {
+ # upgrade the socket
+ IO::Socket::SSL->start_SSL(
+ $self->qp->{sock}, {
+ SSL_use_cert => 1,
+ SSL_cert_file => $self->tls_cert,
+ SSL_key_file => $self->tls_key,
+ SSL_ca_file => $self->tls_ca,
+ SSL_cipher_list => $self->tls_ciphers,
+ SSL_server => 1,
+ SSL_reuse_ctx => $self->ssl_context,
+ }
+ ) or die "Could not upgrade socket to SSL: $!";
+
+ # Clone connection object (without data received from client)
+ $self->qp->connection($self->connection->clone());
+ $self->qp->reset_transaction;
+
+ $self->connection->notes('tls_socket', $self->qp->{sock});
+ $self->qp->watch_read(1);
+ $self->connection->notes('tls_enabled', 1);
+ };
+ if ($@) {
+ return 0;
+ }
+ else {
+ return 1;
+ }
+}
+
sub can_do_tls {
my ($self) = @_;
$self->tls_cert && -r $self->tls_cert;
