summaryrefslogtreecommitdiff
path: root/git-send-email.perl
AgeCommit message (Collapse)AuthorFilesLines
2015-12-11send-email: enable SSL level 1 debug outputLibravatar John Keeping1-0/+7
If a server's certificate isn't accepted by send-email, the output is: Unable to initialize SMTP properly. Check config and use --smtp-debug. but adding --smtp-debug=1 just produces the same output since we don't get as far as talking SMTP. Turning on SSL debug at level 1 gives: DEBUG: .../IO/Socket/SSL.pm:1796: SSL connect attempt failed error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed DEBUG: .../IO/Socket/SSL.pm:673: fatal SSL error: SSL connect attempt failed error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed DEBUG: .../IO/Socket/SSL.pm:1780: IO::Socket::IP configuration failed IO::Socket::SSL defines level 1 debug as "print out errors from IO::Socket::SSL and ciphers from Net::SSLeay". In fact, it aliases Net::SSLeay::trace which is defined to guarantee silence at level 0 and only emit error messages at level 1, so let's enable it by default. The modification of warnings is needed to avoid a warning about: Name "IO::Socket::SSL::DEBUG" used only once: possible typo Signed-off-by: John Keeping <john@keeping.me.uk> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-11-05Merge branch 'sa/send-email-smtp-batch-data-limit' into maintLibravatar Junio C Hamano1-1/+5
When "git send-email" wanted to talk over Net::SMTP::SSL, Net::Cmd::datasend() did not like to be fed too many bytes at the same time and failed to send messages. Send the payload one line at a time to work around the problem. * sa/send-email-smtp-batch-data-limit: git-send-email.perl: Fixed sending of many/huge changes/patches
2015-09-30git-send-email.perl: Fixed sending of many/huge changes/patchesLibravatar Stefan Agner1-1/+5
Sometimes sending huge patches/commits fail with [Net::SMTP::SSL] Connection closed at /usr/lib/git-core/git-send-email line 1320. Running the command with --smtp-debug=1 yields to Net::SMTP::SSL: Net::Cmd::datasend(): unexpected EOF on command channel: at /usr/lib/git-core/git-send-email line 1320. [Net::SMTP::SSL] Connection closed at /usr/lib/git-core/git-send-email line 1320. Stefan described it in his mail like this: It seems to me that there is a size limit, after cutting down the patch to ~16K, sending started to work. I cut it twice, once by removing lines from the head and once from the bottom, in both cases at the size of around 16K I could send the patch. See also original report: http://permalink.gmane.org/gmane.comp.version-control.git/274569 Reported-by: Juston Li <juston.h.li@gmail.com> Tested-by: Markos Chandras <hwoarang@gentoo.org> Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-09-21Merge branch 'bn/send-email-smtp-auth-error-message-fix'Libravatar Junio C Hamano1-1/+1
Fix a minor regression brought in to "git send-email" by a recent addition of the "--smtp-auth" option. * bn/send-email-smtp-auth-error-message-fix: send-email: fix uninitialized var warning for $smtp_auth
2015-09-21send-email: fix uninitialized var warning for $smtp_authLibravatar Brian Norris1-1/+1
On the latest version of git-send-email, I see this error just before running SMTP auth (I didn't provide any --smtp-auth= parameter): Use of uninitialized value $smtp_auth in pattern match (m//) at \ /home/briannorris/git/git/git-send-email.perl line 1139. Signed-off-by: Brian Norris <computersforpeace@gmail.com> Reviewed-by: Eric Sunshine <sunshine@sunshineco.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-08-26Merge branch 'jv/send-email-selective-smtp-auth'Libravatar Junio C Hamano1-1/+25
"git send-email" learned a new option --smtp-auth to limit the SMTP AUTH mechanisms to be used to a subset of what the system library supports. * jv/send-email-selective-smtp-auth: send-email: provide whitelist of SMTP AUTH mechanisms
2015-08-17send-email: provide whitelist of SMTP AUTH mechanismsLibravatar Jan Viktorin1-1/+25
When sending an e-mail, the client and server must agree on an authentication mechanism. Some servers (due to misconfiguration or a bug) deny valid credentials for certain mechanisms. In this patch, a new option --smtp-auth and configuration entry smtpAuth are introduced. If smtp_auth is defined, it works as a whitelist of allowed mechanisms for authentication selected from the ones supported by the installed SASL perl library. Signed-off-by: Jan Viktorin <viktorin@rehivetech.com> Helped-by: Eric Sunshine <sunshine@sunshineco.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-08-03Merge branch 'rl/send-email-aliases'Libravatar Junio C Hamano1-28/+22
"git send-email" now performs alias-expansion on names that are given via --cccmd, etc. This round comes with a lot more enhanced e-mail address parser, which makes it a bit scary, but as long as it works as designed, it makes it wonderful ;-). * rl/send-email-aliases: send-email: suppress meaningless whitespaces in from field send-email: allow multiple emails using --cc, --to and --bcc send-email: consider quote as delimiter instead of character send-email: reduce dependencies impact on parse_address_line send-email: minor code refactoring send-email: allow use of aliases in the From field of --compose mode send-email: refactor address list process t9001-send-email: refactor header variable fields replacement send-email: allow aliases in patch header and command script outputs t9001-send-email: move script creation in a setup test
2015-07-07send-email: suppress meaningless whitespaces in from fieldLibravatar Remi Lespinet1-0/+1
Remove leading and trailing whitespaces in from field before interepreting it to improve consistency with other options. The split_addrs function already take care of trailing and leading whitespaces for to, cc and bcc fields. The from option now: - has the same behavior when passing arguments like " jdoe@example.com ", "\t jdoe@example.com " or "jdoe@example.com". - interprets aliases in string containing leading and trailing whitespaces such as " alias" or "alias\t" like other options. Signed-off-by: Remi Lespinet <remi.lespinet@ensimag.grenoble-inp.fr> Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-07-07send-email: allow multiple emails using --cc, --to and --bccLibravatar Remi Lespinet1-15/+2
Accept a list of emails separated by commas in flags --cc, --to and --bcc. Multiple addresses can already be given by using these options multiple times, but it is more convenient to allow cutting-and-pasting a list of addresses from the header of an existing e-mail message, which already lists them as comma-separated list, as a value to a single parameter. The following format can now be used: $ git send-email --to='Jane <jdoe@example.com>, mike@example.com' Remove the limitation imposed by 79ee555b (Check and document the options to prevent mistakes, 2006-06-21) which rejected every argument with comma in --cc, --to and --bcc. Signed-off-by: Mathieu Lienard--Mayor <Mathieu.Lienard--Mayor@ensimag.imag.fr> Signed-off-by: Jorge Juan Garcia Garcia <Jorge-Juan.Garcia-Garcia@ensimag.imag.fr> Signed-off-by: Matthieu Moy <Matthieu.Moy@grenoble-inp.fr> Signed-off-by: Remi Lespinet <remi.lespinet@ensimag.grenoble-inp.fr> Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-07-07send-email: consider quote as delimiter instead of characterLibravatar Remi Lespinet1-2/+4
Do not consider quote inside a recipient name as character when they are not escaped. This interprets: "Jane" "Doe" <jdoe@example.com> as: "Jane Doe" <jdoe@example.com> instead of: "Jane\" \"Doe" <jdoe@example.com> Signed-off-by: Remi Lespinet <remi.lespinet@ensimag.grenoble-inp.fr> Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-07-07send-email: reduce dependencies impact on parse_address_lineLibravatar Remi Lespinet1-1/+1
parse_address_line had not the same behavior whether the user had Mail::Address or not. Teach parse_address_line to behave like Mail::Address. When the user input is correct, this implementation behaves exactly like Mail::Address except when there are quotes inside the name: "Jane Do"e <jdoe@example.com> In this case the result of parse_address_line is: With M::A : "Jane Do" e <jdoe@example.com> Without : "Jane Do e" <jdoe@example.com> When the user input is not correct, the behavior is also mostly the same. Unlike Mail::Address, this doesn't parse groups and recursive commentaries. Signed-off-by: Remi Lespinet <remi.lespinet@ensimag.grenoble-inp.fr> Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-06-30send-email: minor code refactoringLibravatar Remi Lespinet1-3/+3
Group expressions in a single if statement. This avoid checking multiple time if the variable $sender is defined. Signed-off-by: Remi Lespinet <remi.lespinet@ensimag.grenoble-inp.fr> Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-06-30send-email: allow use of aliases in the From field of --compose modeLibravatar Remi Lespinet1-2/+2
Aliases were expanded before considering the From field of the --compose option. This is inconsistent with other fields (To, Cc, ...) which already support aliases. Signed-off-by: Remi Lespinet <remi.lespinet@ensimag.grenoble-inp.fr> Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-06-30send-email: refactor address list processLibravatar Remi Lespinet1-10/+12
Simplify code by creating a function which transform a list of strings containing email addresses (separated by commas, comporting aliases) into a clean list of valid email addresses. Signed-off-by: Remi Lespinet <remi.lespinet@ensimag.grenoble-inp.fr> Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-06-30send-email: allow aliases in patch header and command script outputsLibravatar Remi Lespinet1-0/+2
Interpret aliases in: - Header fields of patches generated by git format-patch (using --to, --cc, --add-header for example) or manually modified. Example of fields in header: To: alias1 Cc: alias2 Cc: alias3 - Outputs of command scripts specified by --cc-cmd and --to-cmd. Example of script: #!/bin/sh echo alias1 echo alias2 Signed-off-by: Remi Lespinet <remi.lespinet@ensimag.grenoble-inp.fr> Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-06-01send-email: further warn about unsupported sendmail aliases featuresLibravatar Eric Sunshine1-0/+4
The sendmail aliases parser diagnoses unsupported features and unrecognized lines. For completeness, also warn about unsupported redirection to "/path/name" and "|command", as well as ":include:". Signed-off-by: Eric Sunshine <sunshine@sunshineco.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-06-01send-email: implement sendmail aliases line continuation supportLibravatar Eric Sunshine1-3/+7
Logical lines in sendmail aliases files can be spread over multiple physical lines[1]. A line beginning with whitespace is folded into the preceding line. A line ending with '\' consumes the following line. [1]: https://www.freebsd.org/cgi/man.cgi?query=aliases&sektion=5 Signed-off-by: Eric Sunshine <sunshine@sunshineco.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-06-01send-email: simplify sendmail aliases comment and blank line recognizerLibravatar Eric Sunshine1-1/+1
Replace unnecessarily complex regular expression for recognizing comment and blank lines in sendmail aliases with idiomatic expressions which can be easily understood at a glance. Signed-off-by: Eric Sunshine <sunshine@sunshineco.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-06-01send-email: refactor sendmail aliases parserLibravatar Eric Sunshine1-14/+24
The sendmail aliases parser inlined into %parse_alias is already uncomfortably large and is expected to grow as additional functionality is implemented, so extract it to improve manageability. Signed-off-by: Eric Sunshine <sunshine@sunshineco.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-06-01send-email: fix style: cuddle 'elsif' and 'else' with closing braceLibravatar Eric Sunshine1-12/+5
Signed-off-by: Eric Sunshine <sunshine@sunshineco.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-06-01send-email: drop noise comments which merely repeat what code saysLibravatar Eric Sunshine1-5/+0
Signed-off-by: Eric Sunshine <sunshine@sunshineco.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-06-01send-email: visually distinguish sendmail aliases parser warningsLibravatar Eric Sunshine1-3/+3
Although emitted to stderr, warnings from the sendmail aliases parser are not visually distinguished as such, and thus can easily be overlooked in the normal noisy send-email output. Signed-off-by: Eric Sunshine <sunshine@sunshineco.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-05-27send-email: add sendmail email aliases formatLibravatar Allen Hubbe1-0/+25
Teach send-email to read aliases in the sendmail aliases format, i.e. <alias>: <address|alias>[, <address|alias>...] Examples: alice: Alice W Land <awol@example.com> bob: Robert Bobbyton <bob@example.com> # this is a comment # this is also a comment chloe: chloe@example.com abgroup: alice, bob bcgrp: bob, chloe, Other <o@example.com> - Quoted aliases and quoted addresses are not supported. - Line continuations are not supported. Warnings are printed for explicitly unsupported constructs, and any other lines that are not matched by the parser. Signed-off-by: Allen Hubbe <allenbh@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-03-03Merge branch 'km/send-email-getopt-long-workarounds'Libravatar Junio C Hamano1-0/+10
Even though we officially haven't dropped Perl 5.8 support, the Getopt::Long package that came with it does not support "--no-" prefix to negate a boolean option; manually add support to help people with older Getopt::Long package. * km/send-email-getopt-long-workarounds: git-send-email.perl: support no- prefix with older GetOptions
2015-02-25Merge branch 'jc/send-email-sensible-encoding'Libravatar Junio C Hamano1-0/+1
"git send-email" used to accept a mistaken "y" (or "yes") as an answer to "What encoding do you want to use [UTF-8]? " without questioning. Now it asks for confirmation when the answer looks too short to be a valid encoding name. * jc/send-email-sensible-encoding: send-email: ask confirmation if given encoding name is very short
2015-02-16git-send-email.perl: support no- prefix with older GetOptionsLibravatar Kyle J. McKay1-0/+10
Only Perl version 5.8.0 or later is required, but that comes with an older Getopt::Long (2.32) that does not support the 'no-' prefix. Support for that was added in Getopt::Long version 2.33. Since the help only mentions the 'no-' prefix and not the 'no' prefix, add explicit support for the 'no-' prefix to support older GetOptions versions. Reported-by: Tom G. Christensen <tgc@statsbiblioteket.dk> Signed-off-by: Kyle J. McKay <mackyle@gmail.com> Tested-by: Tom G. Christensen <tgc@statsbiblioteket.dk> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-13send-email: ask confirmation if given encoding name is very shortLibravatar Junio C Hamano1-0/+1
Sometimes people respond "y<ENTER>" (or "yes<ENTER>") when asked this question: Which 8bit encoding should I declare [UTF-8]? We already have a mechanism to avoid accepting a mistyped e-mail address (we ask to confirm when the given address lacks "@" in it); reuse it to trigger the same confirmation when given a very short answer. As a typical charset name is probably at least 4 chars or longer (e.g. "UTF8" spelled without the dash, or "Big5"), this would prevent such a mistake. Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-01-07Merge branch 'lh/send-email-hide-x-mailer'Libravatar Junio C Hamano1-3/+8
"git send-email" normally identifies itself via X-Mailer: header in the message it sends out. A new command line flag allows the user to squelch the header. * lh/send-email-hide-x-mailer: test/send-email: --[no-]xmailer tests send-email: add --[no-]xmailer option
2015-01-07Merge branch 'rd/send-email-2047-fix'Libravatar Junio C Hamano1-11/+25
"git send-email" did not handle RFC 2047 encoded headers quite right. * rd/send-email-2047-fix: send-email: handle adjacent RFC 2047-encoded words properly send-email: align RFC 2047 decoding more closely with the spec
2014-12-15send-email: add --[no-]xmailer optionLibravatar Luis Henriques1-3/+8
Add --[no-]xmailer that allows a user to disable adding the 'X-Mailer:' header to the email being sent. Signed-off-by: Luis Henriques <henrix@camandro.org> Acked-by: Eric Wong <normalperson@yhbt.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-12-15send-email: handle adjacent RFC 2047-encoded words properlyLibravatar Роман Донченко1-10/+16
The RFC says that they are to be concatenated after decoding (i.e. the intervening whitespace is ignored). Signed-off-by: Роман Донченко <dpb@corrigendum.ru> Acked-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-12-15send-email: align RFC 2047 decoding more closely with the specLibravatar Роман Донченко1-11/+19
More specifically: * Add "\" to the list of characters not allowed in a token (see RFC 2047 errata). * Share regexes between unquote_rfc2047 and is_rfc2047_quoted. Besides removing duplication, this also makes unquote_rfc2047 more stringent. * Allow both "q" and "Q" to identify the encoding. * Allow lowercase hexadecimal digits in the "Q" encoding. And, more on the cosmetic side: * Change the "encoded-text" regex to exclude rather than include characters, for clarity and consistency with "token". Signed-off-by: Роман Донченко <dpb@corrigendum.ru> Acked-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-11-25git-send-email: add --transfer-encoding optionLibravatar Paolo Bonzini1-0/+36
The thread at http://thread.gmane.org/gmane.comp.version-control.git/257392 details problems when applying patches with "git am" in a repository with CRLF line endings. In the example in the thread, the repository originated from "git-svn" so it is not possible to use core.eol and friends on it. Right now, the best option is to use "git am --keep-cr". However, when a patch create new files, the patch application process will reject the new file because it finds a "/dev/null\r" string instead of "/dev/null". The problem is that SMTP transport is CRLF-unsafe. Sending a patch by email is the same as passing it through "dos2unix | unix2dos". The newly introduced CRLFs are normally transparent because git-am strips them. The keepcr=true setting preserves them, but it is mostly working by chance and it would be very problematic to have a "git am" workflow in a repository with mixed LF and CRLF line endings. The MIME solution to this is the quoted-printable transfer enconding. This is not something that we want to enable by default, since it makes received emails horrible to look at. However, it is a very good match for projects that store CRLF line endings in the repository. The only disadvantage of quoted-printable is that quoted-printable patches fail to apply if the maintainer uses "git am --keep-cr". This is because the decoded patch will have two carriage returns at the end of the line. Therefore, add support for base64 transfer encoding too, which makes received emails downright impossible to look at outside a MUA, but really just works. The patch covers all bases, including users that still live in the late 80s, by also providing a 7bit content transfer encoding that refuses to send emails with non-ASCII character in them. And finally, "8bit" will add a Content-Transfer-Encoding header but otherwise do nothing. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-11-25git-send-email: delay creation of MIME headersLibravatar Paolo Bonzini1-6/+19
After the next patch, git-send-email will sometimes modify existing Content-Transfer-Encoding headers. Delay the addition of the header to @xh until just before sending. Do the same for MIME-Version, to avoid adding it twice. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-20Merge branch 'mt/send-email-cover-to-cc'Libravatar Junio C Hamano1-0/+16
* mt/send-email-cover-to-cc: t9001: avoid non-portable '\n' with sed test/send-email: to-cover, cc-cover tests git-send-email: two new options: to-cover, cc-cover
2014-04-29git-send-email: two new options: to-cover, cc-coverLibravatar Michael S. Tsirkin1-0/+16
Allow extracting To/Cc addresses from the first patch (typically the cover letter), and use them as To/Cc addresses of the remainder of the series. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-04-23send-email: windows drive prefix (e.g. C:) appears only at the beginningLibravatar Junio C Hamano1-1/+1
Tighten the regexp used in the "file_name_is_absolute" replacement used on msys to declare that only "[a-zA-Z]:" that appear at the very beginning is a path with a drive-prefix. Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-04-16send-email: recognize absolute path on WindowsLibravatar Erik Faye-Lund1-2/+14
On Windows, absolute paths might start with a DOS drive prefix, which these two checks failed to recognize. Unfortunately, we cannot simply use the file_name_is_absolute helper in File::Spec::Functions, because Git for Windows has an MSYS-based Perl, where this helper doesn't grok DOS drive-prefixes. So let's manually check for these in that case, and fall back to the File::Spec-helper on other platforms (e.g Win32 with native Perl) Signed-off-by: Erik Faye-Lund <kusmabite@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-02-13Merge branch 'rk/send-email-ssl-cert' into maintLibravatar Junio C Hamano1-1/+2
A recent update to "git send-email" broke platforms where /etc/ssl/certs/ directory exists but cannot be used as SSL_ca_path (e.g. Fedora rawhide). * rk/send-email-ssl-cert: send-email: /etc/ssl/certs/ directory may not be usable as ca_path
2014-01-27Merge branch 'rk/send-email-ssl-cert'Libravatar Junio C Hamano1-1/+2
The "if /etc/ssl/certs/ directory exists, explicitly telling the library to use it as SSL_ca_path" blind-defaulting in "git send-email" broke platforms where /etc/ssl/certs/ directory exists, but it cannot used as SSL_ca_path (e.g. Fedora rawhide). Fix it by not specifying any SSL_ca_path/SSL_ca_file but still asking for peer verification in such a case. * rk/send-email-ssl-cert: send-email: /etc/ssl/certs/ directory may not be usable as ca_path
2014-01-16send-email: /etc/ssl/certs/ directory may not be usable as ca_pathLibravatar Ruben Kerkhof1-1/+2
When sending patches on Fedora rawhide with git-1.8.5.2-1.fc21.x86_64 and perl-IO-Socket-SSL-1.962-1.fc21.noarch, with the following [sendemail] smtpencryption = tls smtpserver = smtp.gmail.com smtpuser = ruben@rubenkerkhof.com smtpserverport = 587 git-send-email fails with: STARTTLS failed! SSL connect attempt failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/libexec/git-core/git-send-email line 1236. The current code detects the presence of /etc/ssl/certs directory (it actually is a symlink to another directory, but that does not matter) and uses SSL_ca_path to point at it when initializing the connection with IO::Socket::SSL or Net::SMTP::SSL. However, on the said platform, it seems that this directory is not designed to be used as SSL_ca_path. Using a single file inside that directory (cert.pem, which is a Mozilla CA bundle) with SSL_ca_file does work, and also not specifying any SSL_ca_file/SSL_ca_path (and letting the library use its own default) and asking for peer verification does work. By removing the code that blindly defaults $smtp_ssl_cert_path to "/etc/ssl/certs", we can prevent the codepath that treats any directory specified with that variable as usable for SSL_ca_path from incorrectly triggering. This change could introduce a regression for people on a platform whose certificate directory is /etc/ssl/certs but its IO::Socket:SSL somehow fails to use it as SSL_ca_path without being told. Using /etc/ssl/certs directory as SSL_ca_path by default like the current code does would have been hiding such a broken installation without its user needing to do anything. These users can still work around such a platform bug by setting the configuration variable explicitly to point at /etc/ssl/certs. This change should not negate what 35035bbf (send-email: be explicit with SSL certificate verification, 2013-07-18), which was the original change that introduced the defaulting to /etc/ssl/certs/, attempted to do, which is to make sure we do not communicate over insecure connection by default, triggering warning from the library. Cf. https://bugzilla.redhat.com/show_bug.cgi?id=1043194 Tested-by: Igor Gnatenko <i.gnatenko.brain@gmail.com> Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-12-04send-email: set SSL options through IO::Socket::SSL::set_client_defaultsLibravatar Thomas Rast1-2/+5
When --smtp-encryption=ssl, we use a Net::SMTP::SSL connection, passing its ->new all the options that would otherwise go to Net::SMTP->new (most options) and IO::Socket::SSL->start_SSL (for the SSL options). However, while Net::SMTP::SSL replaces the underlying socket class with an SSL socket, it does nothing to allow passing options to that socket. So the SSL-relevant options are lost. Fortunately there is an escape hatch: we can directly set the options with IO::Socket::SSL::set_client_defaults. They will then persist within the IO::Socket::SSL module. Signed-off-by: Thomas Rast <tr@thomasrast.ch> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-12-04send-email: --smtp-ssl-cert-path takes an argumentLibravatar Thomas Rast1-1/+1
35035bb (send-email: be explicit with SSL certificate verification, 2013-07-18) forgot to specify that --smtp-ssl-cert-path takes a string argument. This means that the option could not actually be used as intended. Presumably noone noticed because it's much easier to set it through configs anyway. Add the required "=s". Signed-off-by: Thomas Rast <tr@thomasrast.ch> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-12-04send-email: pass Debug to Net::SMTP::SSL::newLibravatar Thomas Rast1-0/+1
We forgot to pass the Debug option through to Net::SMTP::SSL->new -- which is the same as Net::SMTP->new. This meant that with security set to SSL, we would never enable debug output. Pass through the flag. Signed-off-by: Thomas Rast <tr@thomasrast.ch> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-09-10send-email: don't call methods on undefined valuesLibravatar Brian M. Carlson1-1/+1
If SSL verification is enabled in git send-email, we could attempt to call a method on an undefined value if the verification failed, since $smtp would end up being undef. Look up the error string in a way that will produce a helpful error message and not cause further errors. Signed-off-by: Brian M. Carlson <sandals@crustytoothpaste.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-07-22Merge branch 'rr/send-email-ssl-verify'Libravatar Junio C Hamano1-3/+38
Newer Net::SMTP::SSL module does not want the user programs to use the default behaviour to let server certificate go without verification, so by default enable the verification with a mechanism to turn it off if needed. * rr/send-email-ssl-verify: send-email: be explicit with SSL certificate verification
2013-07-18send-email: be explicit with SSL certificate verificationLibravatar Ramkumar Ramachandra1-3/+38
When initiating an SSL connection without explicitly specifying the SSL certificate verification mode, Net::SMTP::SSL defaults to no verification, but recent versions of the module gives a warning against this use of the default. Enable certificate verification by default, using /etc/ssl/certs as the default path for certificates of certificate authorities. This path can be overriden by the --smtp-ssl-cert-path command line option and the sendemail.smtpSSLCertPath configuration variable. Passing an empty string as the path for CA certificates path disables the SSL certificate verification explicitly, which does not trigger the warning from recent versions of Net::SMTP::SSL. Signed-off-by: Ramkumar Ramachandra <artagnon@gmail.com> Helped-by: Brian M. Carlson <sandals@crustytoothpaste.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-07-15Merge branch 'bc/send-email-use-port-as-separate-param'Libravatar Junio C Hamano1-2/+4
Pass port number as a separate argument when send-email initializes Net::SMTP, instead of as a part of the hostname, i.e. host:port. This allows GSSAPI codepath to match with the hostname given. * bc/send-email-use-port-as-separate-param: send-email: provide port separately from hostname
2013-07-04send-email: provide port separately from hostnameLibravatar brian m. carlson1-2/+4
If the SMTP port is provided as part of the hostname to Net::SMTP, it passes the combined string to the SASL provider; this causes GSSAPI authentication to fail since Kerberos does not want the port information. Instead, pass the port as a separate argument as is done for SSL connections. Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>