Re: [PATCH v2 1/2] send-email: squelch warning from Net::SMTP::SSL

Sat, 06 Jul 2013 07:34:08 -0700 

On Sat, Jul 06, 2013 at 04:28:00PM +0200, Torsten Bögershausen wrote:
> On 2013-07-05 14.05, Ramkumar Ramachandra wrote:
> > Due to a recent change in the Net::SMTP::SSL module, send-email emits
> > the following ugly warning everytime a email is sent via SSL:
> > 
> > *******************************************************************
> >  Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
> >  is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
> >  together with SSL_ca_file|SSL_ca_path for verification.
> >  If you really don't want to verify the certificate and keep the
> >  connection open to Man-In-The-Middle attacks please set
> >  SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
> > *******************************************************************
> > 
> > Fix this by explicitly specifying SSL_verify_mode => SSL_VERIFY_NONE in
> > Net::SMTP::SSL->start_SSL().
> > 
> > Helped-by: brian m. carlson <sand...@crustytoothpaste.net>
> > Signed-off-by: Ramkumar Ramachandra <artag...@gmail.com>
> > ---
> >  git-send-email.perl | 4 +++-
> >  1 file changed, 3 insertions(+), 1 deletion(-)
> > 
> > diff --git a/git-send-email.perl b/git-send-email.perl
> > index ecbf56f..758100d 100755
> > --- a/git-send-email.perl
> > +++ b/git-send-email.perl
> > @@ -1193,10 +1193,12 @@ X-Mailer: git-send-email $gitversion
> >                                              Debug => $debug_net_smtp);
> >                     if ($smtp_encryption eq 'tls' && $smtp) {
> >                             require Net::SMTP::SSL;
> > +                           use IO::Socket::SSL qw(SSL_VERIFY_NONE);
> >                             $smtp->command('STARTTLS');
> >                             $smtp->response();
> >                             if ($smtp->code == 220) {
> > -                                   $smtp = Net::SMTP::SSL->start_SSL($smtp)
> > +                                   $smtp = Net::SMTP::SSL->start_SSL($smtp,
> > +                                                                     
> > SSL_verify_mode => SSL_VERIFY_NONE)
> >                                             or die "STARTTLS failed! 
> > ".$smtp->message;
> >                                     $smtp_encryption = '';
> >                                     # Send EHLO again to receive fresh
> > 
> Hm, this doesn't work on my system, and t9001 fails:
> 
> "SSL_VERIFY_PEER" is not exported by the IO::Socket::SSL module
>  "SSL_VERIFY_NONE" is not exported by the IO::Socket::SSL module
> Can't continue after import errors at 
> /Users/tb/projects/git/git.pu/git-send-email line 1090

What version of IO::Socket::SSL do you have, and what source did you get
it from?

perl -MIO::Socket::SSL -e 'print "$IO::Socket::SSL::VERSION\n";'

This should be available in 1.31 or later.  It might end up that we need
to adjust the use/require statement to require 1.31.

-- 
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187

Attachment: signature.asc
Description: Digital signature

Reply via email to