Re: [evolution-patches] ui/string changes for SSL/TLS options in evolution mailer



sorry, our own UI team asked me to change the order of the SSL option
menu to go from "No encryption" *down* to "SSL encryption" rather than
the order it had been (which was the opposite order).

As I fixed that ordering, I noticed that the label in front of the menu
was "Use Secure Connection (SSL):" so UI had me change that to "Use
Secure Connection:" (remove the "(SSL)" bit)

so ignore the mail-tls.patch from before and instead review the attached
one.

Jeff

On Mon, 2004-09-27 at 14:18 -0400, Jeffrey Stedfast wrote:
> changes the behaviour and the labels of the "use SSL" menu in the
> account creation wizard/editor dingus
> 
> the bug is: http://bugzilla.ximian.com/show_bug.cgi?id=65714
> 
> I need both UI and string freeze approval I guess?
> 
> Jeff
> 
> Plain text document attachment (mail-tls.patch)
> ? evolution-mail-2.0.schemas
> ? mail-tls.patch
> Index: ChangeLog
> ===================================================================
> RCS file: /cvs/gnome/evolution/mail/ChangeLog,v
> retrieving revision 1.3444.2.9
> diff -u -r1.3444.2.9 ChangeLog
> --- ChangeLog	22 Sep 2004 01:31:16 -0000	1.3444.2.9
> +++ ChangeLog	23 Sep 2004 17:39:00 -0000
> @@ -1,3 +1,7 @@
> +2004-09-22  Jeffrey Stedfast  <fejj novell com>
> +
> +	* mail-account-gui.c: Changed the labels for the SSL menu
> +
>  2004-09-03  Not Zed  <NotZed Ximian com>
>  
>  	** See bug #65058.
> Index: mail-account-gui.c
> ===================================================================
> RCS file: /cvs/gnome/evolution/mail/mail-account-gui.c,v
> retrieving revision 1.171.14.2
> diff -u -r1.171.14.2 mail-account-gui.c
> --- mail-account-gui.c	16 Sep 2004 14:45:56 -0000	1.171.14.2
> +++ mail-account-gui.c	23 Sep 2004 17:39:00 -0000
> @@ -82,9 +82,9 @@
>  	char *label;
>  	char *value;
>  } ssl_options[] = {
> -	{ N_("Always"), "always" },
> -	{ N_("Whenever Possible"), "when-possible" },
> -	{ N_("Never"), "never" }
> +	{ N_("SSL encryption"), "always"        },
> +	{ N_("TLS encryption"), "when-possible" },
> +	{ N_("No encryption"),  "never"         }
>  };
>  
>  static int num_ssl_options = sizeof (ssl_options) / sizeof (ssl_options[0]);
> @@ -2285,7 +2285,7 @@
>  		
>  		/* set the value to either "always" or "when-possible"
>  		   but don't bother setting it for "never" */
> -		if (strcmp (use_ssl, "never"))
> +		if (strcmp (use_ssl, "never") != 0)
>  			camel_url_set_param (url, "use_ssl", use_ssl);
>  	}
>  	
> Plain text document attachment (camel-tls.patch)
> ? camel-tls.patch
> Index: ChangeLog
> ===================================================================
> RCS file: /cvs/gnome/evolution/camel/ChangeLog,v
> retrieving revision 1.2251.2.6
> diff -u -r1.2251.2.6 ChangeLog
> --- ChangeLog	27 Sep 2004 05:21:17 -0000	1.2251.2.6
> +++ ChangeLog	27 Sep 2004 17:36:15 -0000
> @@ -1,3 +1,21 @@
> +2004-09-22  Jeffrey Stedfast  <fejj novell com>
> +
> +	* providers/imap/camel-imap-store.c (connect_to_server): Instead
> +	of doing a host-lookup ourselves, get it passed in to us as an
> +	argument. Also simplified a bit (try_starttls is no longer an
> +	option).
> +	(connect_to_server_wrapper): Simplified (we no longer have
> +	fallback cases for SSL stuff). Also, perform host lookup here.
> +
> +	* providers/imap4/camel-imap4-store.c: Same changes as above.
> +
> +	* providers/pop3/camel-pop3-store.c: Same.
> +
> +	* providers/smtp/camel-smtp-transport.c: Same. Other changes
> +	include making the code consistant with the other providers.
> +
> +	* providers/nntp/camel-nntp-store.c: Same as pop/imap.
> +
>  2004-09-21  Not Zed  <NotZed Ximian com>
>  
>  	** See bug #63521.
> Index: camel-sasl-gssapi.c
> ===================================================================
> RCS file: /cvs/gnome/evolution/camel/camel-sasl-gssapi.c,v
> retrieving revision 1.10.2.1
> diff -u -r1.10.2.1 camel-sasl-gssapi.c
> --- camel-sasl-gssapi.c	23 Sep 2004 04:12:29 -0000	1.10.2.1
> +++ camel-sasl-gssapi.c	27 Sep 2004 17:36:16 -0000
> @@ -204,7 +204,6 @@
>  	gss_buffer_desc inbuf, outbuf;
>  	GByteArray *challenge = NULL;
>  	gss_buffer_t input_token;
> -	struct hostent *h;
>  	int conf_state;
>  	gss_qop_t qop;
>  	gss_OID mech;
> Index: providers/imap/camel-imap-store.c
> ===================================================================
> RCS file: /cvs/gnome/evolution/camel/providers/imap/camel-imap-store.c,v
> retrieving revision 1.300.2.1
> diff -u -r1.300.2.1 camel-imap-store.c
> --- providers/imap/camel-imap-store.c	23 Sep 2004 04:12:29 -0000	1.300.2.1
> +++ providers/imap/camel-imap-store.c	27 Sep 2004 17:36:16 -0000
> @@ -505,76 +505,52 @@
>  }
>  
>  enum {
> -	USE_SSL_NEVER,
> -	USE_SSL_ALWAYS,
> -	USE_SSL_WHEN_POSSIBLE
> +	MODE_CLEAR,
> +	MODE_SSL,
> +	MODE_TLS,
>  };
>  
>  #define SSL_PORT_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_SSL2 | CAMEL_TCP_STREAM_SSL_ENABLE_SSL3)
>  #define STARTTLS_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_TLS)
>  
>  static gboolean
> -connect_to_server (CamelService *service, int ssl_mode, int try_starttls, CamelException *ex)
> +connect_to_server (CamelService *service, struct addrinfo *ai, int ssl_mode, CamelException *ex)
>  {
>  	CamelImapStore *store = (CamelImapStore *) service;
>  	CamelImapResponse *response;
>  	CamelStream *tcp_stream;
>  	CamelSockOptData sockopt;
>  	gboolean force_imap4 = FALSE;
> -	int clean_quit;
> -	int ret;
> +	int clean_quit, ret;
>  	char *buf;
> -	struct addrinfo *ai, hints = { 0 };
> -	char *serv;
> -
> -	/* FIXME: this connect stuff is duplicated everywhere */
> -
> -	if (service->url->port) {
> -		serv = g_alloca(16);
> -		sprintf(serv, "%d", service->url->port);
> -	} else
> -		serv = "imap";
>  	
> -	if (ssl_mode != USE_SSL_NEVER) {
> +	if (ssl_mode != MODE_CLEAR) {
>  #ifdef HAVE_SSL
> -		if (try_starttls) {
> -			tcp_stream = camel_tcp_stream_ssl_new_raw (service->session, service->url->host, STARTTLS_FLAGS);
> +		if (ssl_mode == MODE_TLS) {
> +			tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host, STARTTLS_FLAGS);
>  		} else {
> -			if (service->url->port == 0)
> -				serv = "imaps";
>  			tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host, SSL_PORT_FLAGS);
>  		}
>  #else
> -		if (!try_starttls && service->url->port == 0)
> -			serv = "imaps";
> -		
>  		camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> -				      _("Could not connect to %s (port %s): %s"),
> -				      service->url->host, serv,
> -				      _("SSL unavailable"));
> +				      _("Could not connect to %s: %s"),
> +				      service->url->host, _("SSL unavailable"));
> +		
>  		return FALSE;
>  #endif /* HAVE_SSL */
>  	} else {
>  		tcp_stream = camel_tcp_stream_raw_new ();
>  	}
> -
> -	hints.ai_socktype = SOCK_STREAM;
> -	ai = camel_getaddrinfo(service->url->host, serv, &hints, ex);
> -	if (ai == NULL) {
> -		camel_object_unref(tcp_stream);
> -		return FALSE;
> -	}
>  	
> -	ret = camel_tcp_stream_connect(CAMEL_TCP_STREAM(tcp_stream), ai);
> -	camel_freeaddrinfo(ai);
> -	if (ret == -1) {
> +	if ((ret = camel_tcp_stream_connect ((CamelTcpStream *) tcp_stream, ai)) == -1) {
>  		if (errno == EINTR)
>  			camel_exception_set (ex, CAMEL_EXCEPTION_USER_CANCEL,
>  					     _("Connection cancelled"));
>  		else
>  			camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> -					      _("Could not connect to %s (port %s): %s"),
> -					      service->url->host, serv, g_strerror (errno));
> +					      _("Could not connect to %s: %s"),
> +					      service->url->host,
> +					      g_strerror (errno));
>  		
>  		camel_object_unref (tcp_stream);
>  		
> @@ -669,32 +645,18 @@
>  		store->server_level = IMAP_LEVEL_IMAP4;
>  	}
>  	
> -#ifdef HAVE_SSL
> -	if (ssl_mode == USE_SSL_WHEN_POSSIBLE) {
> -		if (store->capabilities & IMAP_CAPABILITY_STARTTLS)
> -			goto starttls;
> -	} else if (ssl_mode == USE_SSL_ALWAYS) {
> -		if (try_starttls) {
> -			if (store->capabilities & IMAP_CAPABILITY_STARTTLS) {
> -				/* attempt to toggle STARTTLS mode */
> -				goto starttls;
> -			} else {
> -				/* server doesn't support STARTTLS, abort */
> -				camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM,
> -						      _("Failed to connect to IMAP server %s in secure mode: %s"),
> -						      service->url->host, _("SSL/TLS extension not supported."));
> -				/* we have the possibility of quitting cleanly here */
> -				clean_quit = TRUE;
> -				goto exception;
> -			}
> -		}
> +	if (ssl_mode != MODE_TLS) {
> +		/* we're done */
> +		return TRUE;
>  	}
> -#endif /* HAVE_SSL */
> -	
> -	return TRUE;
>  	
> -#ifdef HAVE_SSL
> - starttls:
> +	if (!(store->capabilities & IMAP_CAPABILITY_STARTTLS)) {
> +		camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM,
> +				      _("Failed to connect to IMAP server %s in secure mode: %s"),
> +				      service->url->host, _("STARTTLS not supported"));
> +		
> +		goto exception;
> +	}
>  	
>  	/* as soon as we send a STARTTLS command, all hope is lost of a clean QUIT if problems arise */
>  	clean_quit = FALSE;
> @@ -759,7 +721,6 @@
>  	store->connected = FALSE;
>  	
>  	return FALSE;
> -#endif /* HAVE_SSL */
>  }
>  
>  static gboolean
> @@ -907,60 +868,54 @@
>  
>  static struct {
>  	char *value;
> +	char *serv;
>  	int mode;
>  } ssl_options[] = {
> -	{ "",              USE_SSL_ALWAYS        },
> -	{ "always",        USE_SSL_ALWAYS        },
> -	{ "when-possible", USE_SSL_WHEN_POSSIBLE },
> -	{ "never",         USE_SSL_NEVER         },
> -	{ NULL,            USE_SSL_NEVER         },
> +	{ "",              "imaps", MODE_SSL   },  /* really old (1.x) */
> +	{ "always",        "imaps", MODE_SSL   },
> +	{ "when-possible", "imap",  MODE_TLS   },
> +	{ "never",         "imap",  MODE_CLEAR },
> +	{ NULL,            "imap",  MODE_CLEAR },
>  };
>  
>  static gboolean
>  connect_to_server_wrapper (CamelService *service, CamelException *ex)
>  {
> -	const char *command;
> -#ifdef HAVE_SSL
> -	const char *use_ssl;
> -	int i, ssl_mode;
> -#endif
> -	command = camel_url_get_param (service->url, "command");
> -	if (command)
> +	const char *command, *ssl_mode;
> +	struct addrinfo hints, *ai;
> +	int mode, ret, i;
> +	char *serv;
> +	
> +	if ((command = camel_url_get_param (service->url, "command")))
>  		return connect_to_server_process (service, command, ex);
> -
> -#ifdef HAVE_SSL
> -	use_ssl = camel_url_get_param (service->url, "use_ssl");
> -	if (use_ssl) {
> +	
> +	if ((ssl_mode = camel_url_get_param (service->url, "use_ssl"))) {
>  		for (i = 0; ssl_options[i].value; i++)
> -			if (!strcmp (ssl_options[i].value, use_ssl))
> +			if (!strcmp (ssl_options[i].value, ssl_mode))
>  				break;
> -		ssl_mode = ssl_options[i].mode;
> -	} else
> -		ssl_mode = USE_SSL_NEVER;
> -	
> -	if (ssl_mode == USE_SSL_ALWAYS) {
> -		/* First try the ssl port */
> -		if (!connect_to_server (service, ssl_mode, FALSE, ex)) {
> -			if (camel_exception_get_id (ex) == CAMEL_EXCEPTION_SERVICE_UNAVAILABLE) {
> -				/* The ssl port seems to be unavailable, lets try STARTTLS */
> -				camel_exception_clear (ex);
> -				return connect_to_server (service, ssl_mode, TRUE, ex);
> -			} else {
> -				return FALSE;
> -			}
> -		}
> -		
> -		return TRUE;
> -	} else if (ssl_mode == USE_SSL_WHEN_POSSIBLE) {
> -		/* If the server supports STARTTLS, use it */
> -		return connect_to_server (service, ssl_mode, TRUE, ex);
> +		mode = ssl_options[i].mode;
> +		serv = ssl_options[i].serv;
>  	} else {
> -		/* User doesn't care about SSL */
> -		return connect_to_server (service, ssl_mode, FALSE, ex);
> +		mode = MODE_CLEAR;
> +		serv = "imap";
>  	}
> -#else
> -	return connect_to_server (service, USE_SSL_NEVER, FALSE, ex);
> -#endif
> +	
> +	if (service->url->port) {
> +		serv = g_alloca (16);
> +		sprintf (serv, "%d", service->url->port);
> +	}
> +	
> +	memset (&hints, 0, sizeof (hints));
> +	hints.ai_socktype = SOCK_STREAM;
> +	hints.ai_family = PF_UNSPEC;
> +	if (!(ai = camel_getaddrinfo (service->url->host, serv, &hints, ex)))
> +		return FALSE;
> +	
> +	ret = connect_to_server (service, ai, mode, ex);
> +	
> +	camel_freeaddrinfo (ai);
> +	
> +	return ret;
>  }
>  
>  extern CamelServiceAuthType camel_imap_password_authtype;
> Index: providers/imap4/camel-imap4-store.c
> ===================================================================
> RCS file: /cvs/gnome/evolution/camel/providers/imap4/camel-imap4-store.c,v
> retrieving revision 1.22
> diff -u -r1.22 camel-imap4-store.c
> --- providers/imap4/camel-imap4-store.c	3 Aug 2004 16:31:47 -0000	1.22
> +++ providers/imap4/camel-imap4-store.c	27 Sep 2004 17:36:16 -0000
> @@ -181,39 +181,33 @@
>  }
>  
>  enum {
> -	USE_SSL_NEVER,
> -	USE_SSL_ALWAYS,
> -	USE_SSL_WHEN_POSSIBLE
> +	MODE_CLEAR,
> +	MODE_SSL,
> +	MODE_TLS,
>  };
>  
>  #define SSL_PORT_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_SSL2 | CAMEL_TCP_STREAM_SSL_ENABLE_SSL3)
>  #define STARTTLS_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_TLS)
>  
>  static gboolean
> -connect_to_server (CamelIMAP4Engine *engine, struct hostent *host, int ssl_mode, int try_starttls, CamelException *ex)
> +connect_to_server (CamelIMAP4Engine *engine, struct addrinfo *ai, int ssl_mode, CamelException *ex)
>  {
>  	CamelService *service = engine->service;
>  	CamelStream *tcp_stream;
> -	int port, ret;
> +	CamelIMAP4Command *ic;
> +	int id, ret;
>  	
> -	port = service->url->port ? service->url->port : 143;
> -	
> -	if (ssl_mode) {
> +	if (ssl_mode != MODE_CLEAR) {
>  #ifdef HAVE_SSL
> -		if (try_starttls) {
> +		if (ssl_mode == MODE_TLS) {
>  			tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host, STARTTLS_FLAGS);
>  		} else {
> -			port = service->url->port ? service->url->port : 993;
>  			tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host, SSL_PORT_FLAGS);
>  		}
>  #else
> -		if (!try_starttls)
> -			port = service->url->port ? service->url->port : 993;
> -		
>  		camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> -				      _("Could not connect to %s (port %d): %s"),
> -				      service->url->host, port,
> -				      _("SSL unavailable"));
> +				      _("Could not connect to %s: %s"),
> +				      service->url->host, _("SSL unavailable"));
>  		
>  		return FALSE;
>  #endif /* HAVE_SSL */
> @@ -221,14 +215,14 @@
>  		tcp_stream = camel_tcp_stream_raw_new ();
>  	}
>  	
> -	if ((ret = camel_tcp_stream_connect ((CamelTcpStream *) tcp_stream, host, port)) == -1) {
> +	if ((ret = camel_tcp_stream_connect ((CamelTcpStream *) tcp_stream, ai)) == -1) {
>  		if (errno == EINTR)
>  			camel_exception_set (ex, CAMEL_EXCEPTION_USER_CANCEL,
>  					     _("Connection cancelled"));
>  		else
>  			camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> -					      _("Could not connect to %s (port %d): %s"),
> -					      service->url->host, port,
> +					      _("Could not connect to %s: %s"),
> +					      service->url->host,
>  					      g_strerror (errno));
>  		
>  		camel_object_unref (tcp_stream);
> @@ -242,111 +236,88 @@
>  	if (camel_imap4_engine_capability (engine, ex) == -1)
>  		return FALSE;
>  	
> -#ifdef HAVE_SSL
> -	if (ssl_mode == USE_SSL_WHEN_POSSIBLE) {
> -		/* try_starttls is always TRUE here */
> -		if (engine->capa & CAMEL_IMAP4_CAPABILITY_STARTTLS)
> -			goto starttls;
> -	} else if (ssl_mode == USE_SSL_ALWAYS) {
> -		if (try_starttls) {
> -			if (engine->capa & CAMEL_IMAP4_CAPABILITY_STARTTLS) {
> -				goto starttls;
> -			} else {
> -				/* server doesn't support STARTTLS, abort */
> -				camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> -						      _("Failed to connect to IMAP server %s in secure mode: "
> -							"Server does not support STARTTLS"),
> -						      service->url->host);
> -				return FALSE;
> -			}
> -		}
> +	if (ssl_mode != MODE_TLS) {
> +		/* we're done */
> +		return TRUE;
>  	}
> -#endif /* HAVE_SSL */
> -	
> -	return TRUE;
>  	
> -#ifdef HAVE_SSL
> - starttls:
> +	if (!(engine->capa & CAMEL_IMAP4_CAPABILITY_STARTTLS)) {
> +		camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM,
> +				      _("Failed to connect to IMAP server %s in secure mode: %s"),
> +				      service->url->host, _("SSL negotiations failed"));
> +		
> +		return FALSE;
> +	}
>  	
> -	if (1) {
> -		CamelIMAP4Command *ic;
> -		int id;
> -		
> -		ic = camel_imap4_engine_prequeue (engine, NULL, "STARTTLS\r\n");
> -		while ((id = camel_imap4_engine_iterate (engine)) < ic->id && id != -1)
> -			;
> -		
> -		if (id == -1 || ic->result != CAMEL_IMAP4_RESULT_OK) {
> -			if (ic->result != CAMEL_IMAP4_RESULT_OK) {
> -				camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM,
> -						      _("Failed to connect to IMAP server %s in secure mode: %s"),
> -						      service->url->host, _("Unknown error"));
> -			} else {
> -				camel_exception_xfer (ex, &ic->ex);
> -			}
> -			
> -			camel_imap4_command_unref (ic);
> -			
> -			return FALSE;
> +	ic = camel_imap4_engine_prequeue (engine, NULL, "STARTTLS\r\n");
> +	while ((id = camel_imap4_engine_iterate (engine)) < ic->id && id != -1)
> +		;
> +	
> +	if (id == -1 || ic->result != CAMEL_IMAP4_RESULT_OK) {
> +		if (ic->result != CAMEL_IMAP4_RESULT_OK) {
> +			camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM,
> +					      _("Failed to connect to IMAP server %s in secure mode: %s"),
> +					      service->url->host, _("Unknown error"));
> +		} else {
> +			camel_exception_xfer (ex, &ic->ex);
>  		}
>  		
>  		camel_imap4_command_unref (ic);
> +		
> +		return FALSE;
>  	}
>  	
> +	camel_imap4_command_unref (ic);
> +	
>  	return TRUE;
> -#endif /* HAVE_SSL */
>  }
>  
>  static struct {
>  	char *value;
> +	char *serv;
>  	int mode;
>  } ssl_options[] = {
> -	{ "",              USE_SSL_ALWAYS        },
> -	{ "always",        USE_SSL_ALWAYS        },
> -	{ "when-possible", USE_SSL_WHEN_POSSIBLE },
> -	{ "never",         USE_SSL_NEVER         },
> -	{ NULL,            USE_SSL_NEVER         },
> +	{ "",              "imaps", MODE_SSL   },  /* really old (1.x) */
> +	{ "always",        "imaps", MODE_SSL   },
> +	{ "when-possible", "imap",  MODE_TLS   },
> +	{ "never",         "imap",  MODE_CLEAR },
> +	{ NULL,            "imap",  MODE_CLEAR },
>  };
>  
>  static gboolean
>  connect_to_server_wrapper (CamelIMAP4Engine *engine, CamelException *ex)
>  {
>  	CamelService *service = engine->service;
> -	const char *use_ssl;
> -	struct hostent *h;
> -	int ssl_mode;
> -	int ret, i;
> -	
> -	if (!(h = camel_service_gethost (service, ex)))
> -		return FALSE;
> +	struct addrinfo *ai, hints;
> +	const char *ssl_mode;
> +	int mode, ret, i;
> +	char *serv;
>  	
> -	if ((use_ssl = camel_url_get_param (service->url, "use_ssl"))) {
> +	if ((ssl_mode = camel_url_get_param (service->url, "use_ssl"))) {
>  		for (i = 0; ssl_options[i].value; i++)
> -			if (!strcmp (ssl_options[i].value, use_ssl))
> +			if (!strcmp (ssl_options[i].value, ssl_mode))
>  				break;
> -		ssl_mode = ssl_options[i].mode;
> +		mode = ssl_options[i].mode;
> +		serv = ssl_options[i].serv;
>  	} else {
> -		ssl_mode = USE_SSL_NEVER;
> +		mode = MODE_CLEAR;
> +		serv = "imap";
>  	}
>  	
> -	if (ssl_mode == USE_SSL_ALWAYS) {
> -		/* First try the ssl port */
> -		if (!(ret = connect_to_server (engine, h, ssl_mode, FALSE, ex))) {
> -			if (camel_exception_get_id (ex) == CAMEL_EXCEPTION_SERVICE_UNAVAILABLE) {
> -				/* The ssl port seems to be unavailable, lets try STARTTLS */
> -				camel_exception_clear (ex);
> -				ret = connect_to_server (engine, h, ssl_mode, TRUE, ex);
> -			}
> -		}
> -	} else if (ssl_mode == USE_SSL_WHEN_POSSIBLE) {
> -		/* If the server supports STARTTLS, use it */
> -		ret = connect_to_server (engine, h, ssl_mode, TRUE, ex);
> -	} else {
> -		/* User doesn't care about SSL */
> -		ret = connect_to_server (engine, h, USE_SSL_NEVER, FALSE, ex);
> +	if (service->url->port) {
> +		serv = g_alloca (16);
> +		sprintf (serv, "%d", service->url->port);
>  	}
>  	
> -	camel_free_host (h);
> +	memset (&hints, 0, sizeof (hints));
> +	hints.ai_socktype = SOCK_STREAM;
> +	hints.ai_family = PF_UNSPEC;
> +	if (!(ai = camel_getaddrinfo (service->url->host, serv, &hints, ex)))
> +		return FALSE;
> +	
> +	ret = connect_to_server (engine, ai, mode, ex);
> +	
> +	camel_freeaddrinfo (ai);
>  	
>  	return ret;
>  }
> Index: providers/nntp/camel-nntp-store.c
> ===================================================================
> RCS file: /cvs/gnome/evolution/camel/providers/nntp/camel-nntp-store.c,v
> retrieving revision 1.65.14.2
> diff -u -r1.65.14.2 camel-nntp-store.c
> --- providers/nntp/camel-nntp-store.c	23 Sep 2004 04:12:29 -0000	1.65.14.2
> +++ providers/nntp/camel-nntp-store.c	27 Sep 2004 17:36:16 -0000
> @@ -81,12 +81,6 @@
>  	return TRUE;
>  }
>  
> -enum {
> -	USE_SSL_NEVER,
> -	USE_SSL_ALWAYS,
> -	USE_SSL_WHEN_POSSIBLE
> -};
> -
>  static struct {
>  	const char *name;
>  	int type;
> @@ -153,8 +147,17 @@
>  	return ret;
>  }
>  
> +enum {
> +	MODE_CLEAR,
> +	MODE_SSL,
> +	MODE_TLS,
> +};
> +
> +#define SSL_PORT_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_SSL2 | CAMEL_TCP_STREAM_SSL_ENABLE_SSL3)
> +#define STARTTLS_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_TLS)
> +
>  static gboolean
> -connect_to_server (CamelService *service, int ssl_mode, CamelException *ex)
> +connect_to_server (CamelService *service, struct addrinfo *ai, int ssl_mode, CamelException *ex)
>  {
>  	CamelNNTPStore *store = (CamelNNTPStore *) service;
>  	CamelDiscoStore *disco_store = (CamelDiscoStore*) service;
> @@ -164,8 +167,6 @@
>  	unsigned int len;
>  	int ret;
>  	char *path;
> -	struct addrinfo *ai, hints = { 0 };
> -	char *serv;
>  	
>  	CAMEL_NNTP_STORE_LOCK(store, command_lock);
>  
> @@ -182,42 +183,34 @@
>  		camel_data_cache_set_expire_age (store->cache, 60*60*24*14);
>  		camel_data_cache_set_expire_access (store->cache, 60*60*24*5);
>  	}
> -
> -	if (service->url->port) {
> -		serv = g_alloca(16);
> -		sprintf(serv, "%d", service->url->port);
> -	} else
> -		serv = "nntp";
>  	
> +	if (ssl_mode != MODE_CLEAR) {
>  #ifdef HAVE_SSL
> -	if (ssl_mode != USE_SSL_NEVER) {
> -		if (service->url->port == 0)
> -			serv = "nntps";
> -		tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host, CAMEL_TCP_STREAM_SSL_ENABLE_SSL2 | CAMEL_TCP_STREAM_SSL_ENABLE_SSL3);
> -	} else {
> -		tcp_stream = camel_tcp_stream_raw_new ();
> -	}
> +		if (ssl_mode == MODE_TLS) {
> +			tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host, STARTTLS_FLAGS);
> +		} else {
> +			tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host, SSL_PORT_FLAGS);
> +		}
>  #else
> -	tcp_stream = camel_tcp_stream_raw_new ();
> -#endif /* HAVE_SSL */
> -
> -	hints.ai_socktype = SOCK_STREAM;
> -	ai = camel_getaddrinfo(service->url->host, serv, &hints, ex);
> -	if (ai == NULL) {
> -		camel_object_unref(tcp_stream);
> +		camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> +				      _("Could not connect to %s: %s"),
> +				      service->url->host, _("SSL unavailable"));
> +		
>  		goto fail;
> +#endif /* HAVE_SSL */
> +	} else {
> +		tcp_stream = camel_tcp_stream_raw_new ();
>  	}
>  	
> -	ret = camel_tcp_stream_connect(CAMEL_TCP_STREAM(tcp_stream), ai);
> -	camel_freeaddrinfo(ai);
> -	if (ret == -1) {
> +	if ((ret = camel_tcp_stream_connect ((CamelTcpStream *) tcp_stream, ai)) == -1) {
>  		if (errno == EINTR)
>  			camel_exception_set (ex, CAMEL_EXCEPTION_USER_CANCEL,
>  					     _("Connection cancelled"));
>  		else
>  			camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> -					      _("Could not connect to %s (port %s): %s"),
> -					      service->url->host, serv, g_strerror (errno));
> +					      _("Could not connect to %s: %s"),
> +					      service->url->host,
> +					      g_strerror (errno));
>  		
>  		camel_object_unref (tcp_stream);
>  		
> @@ -279,54 +272,51 @@
>  
>  static struct {
>  	char *value;
> +	char *serv;
>  	int mode;
>  } ssl_options[] = {
> -	{ "",              USE_SSL_ALWAYS        },
> -	{ "always",        USE_SSL_ALWAYS        },
> -	{ "when-possible", USE_SSL_WHEN_POSSIBLE },
> -	{ "never",         USE_SSL_NEVER         },
> -	{ NULL,            USE_SSL_NEVER         },
> +	{ "",              "nntps", MODE_SSL   },  /* really old (1.x) */
> +	{ "always",        "nntps", MODE_SSL   },
> +	{ "when-possible", "nntp",  MODE_TLS   },
> +	{ "never",         "nntp",  MODE_CLEAR },
> +	{ NULL,            "nntp",  MODE_CLEAR },
>  };
>  
>  static gboolean
>  nntp_connect_online (CamelService *service, CamelException *ex)
>  {
> -#ifdef HAVE_SSL
> -	const char *use_ssl;
> -	int i, ssl_mode;
> +	struct addrinfo hints, *ai;
> +	const char *ssl_mode;
> +	int mode, ret, i;
> +	char *serv;
>  	
> -	use_ssl = camel_url_get_param (service->url, "use_ssl");
> -	if (use_ssl) {
> +	if ((ssl_mode = camel_url_get_param (service->url, "use_ssl"))) {
>  		for (i = 0; ssl_options[i].value; i++)
> -			if (!strcmp (ssl_options[i].value, use_ssl))
> +			if (!strcmp (ssl_options[i].value, ssl_mode))
>  				break;
> -		ssl_mode = ssl_options[i].mode;
> -	} else
> -		ssl_mode = USE_SSL_NEVER;
> -	
> -	if (ssl_mode == USE_SSL_ALWAYS) {
> -		/* Connect via SSL */
> -		return connect_to_server (service, ssl_mode, ex);
> -	} else if (ssl_mode == USE_SSL_WHEN_POSSIBLE) {
> -		/* If the server supports SSL, use it */
> -		if (!connect_to_server (service, ssl_mode, ex)) {
> -			if (camel_exception_get_id (ex) == CAMEL_EXCEPTION_SERVICE_UNAVAILABLE) {
> -				/* The ssl port seems to be unavailable, fall back to plain NNTP */
> -				camel_exception_clear (ex);
> -				return connect_to_server (service, USE_SSL_NEVER, ex);
> -			} else {
> -				return FALSE;
> -			}
> -		}
> -		
> -		return TRUE;
> +		mode = ssl_options[i].mode;
> +		serv = ssl_options[i].serv;
>  	} else {
> -		/* User doesn't care about SSL */
> -		return connect_to_server (service, ssl_mode, ex);
> +		mode = MODE_CLEAR;
> +		serv = "nntp";
>  	}
> -#else
> -	return connect_to_server (service, USE_SSL_NEVER, ex);
> -#endif
> +	
> +	if (service->url->port) {
> +		serv = g_alloca (16);
> +		sprintf (serv, "%d", service->url->port);
> +	}
> +	
> +	memset (&hints, 0, sizeof (hints));
> +	hints.ai_socktype = SOCK_STREAM;
> +	hints.ai_family = PF_UNSPEC;
> +	if (!(ai = camel_getaddrinfo (service->url->host, serv, &hints, ex)))
> +		return FALSE;
> +	
> +	ret = connect_to_server (service, ai, mode, ex);
> +	
> +	camel_freeaddrinfo (ai);
> +	
> +	return ret;
>  }
>  
>  static gboolean
> Index: providers/pop3/camel-pop3-store.c
> ===================================================================
> RCS file: /cvs/gnome/evolution/camel/providers/pop3/camel-pop3-store.c,v
> retrieving revision 1.106.14.2
> diff -u -r1.106.14.2 camel-pop3-store.c
> --- providers/pop3/camel-pop3-store.c	27 Sep 2004 05:21:17 -0000	1.106.14.2
> +++ providers/pop3/camel-pop3-store.c	27 Sep 2004 17:36:16 -0000
> @@ -134,16 +134,16 @@
>  }
>  
>  enum {
> -	USE_SSL_NEVER,
> -	USE_SSL_ALWAYS,
> -	USE_SSL_WHEN_POSSIBLE
> +	MODE_CLEAR,
> +	MODE_SSL,
> +	MODE_TLS,
>  };
>  
>  #define SSL_PORT_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_SSL2 | CAMEL_TCP_STREAM_SSL_ENABLE_SSL3)
>  #define STARTTLS_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_TLS)
>  
>  static gboolean
> -connect_to_server (CamelService *service, int ssl_mode, int try_starttls, CamelException *ex)
> +connect_to_server (CamelService *service, struct addrinfo *ai, int ssl_mode, CamelException *ex)
>  {
>  	CamelPOP3Store *store = CAMEL_POP3_STORE (service);
>  	CamelStream *tcp_stream;
> @@ -151,56 +151,34 @@
>  	guint32 flags = 0;
>  	int clean_quit;
>  	int ret;
> -	struct addrinfo *ai, hints = { 0 };
> -	char *serv;
> -
> -	if (service->url->port) {
> -		serv = g_alloca(16);
> -		sprintf(serv, "%d", service->url->port);
> -	} else
> -		serv = "pop3";
> -		
> -	if (ssl_mode != USE_SSL_NEVER) {
> +	
> +	if (ssl_mode != MODE_CLEAR) {
>  #ifdef HAVE_SSL
> -		if (try_starttls) {
> -			tcp_stream = camel_tcp_stream_ssl_new_raw (service->session, service->url->host, STARTTLS_FLAGS);
> +		if (ssl_mode == MODE_TLS) {
> +			tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host, STARTTLS_FLAGS);
>  		} else {
> -			if (service->url->port == 0)
> -				serv = "pop3s";
>  			tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host, SSL_PORT_FLAGS);
>  		}
>  #else
> -		if (!try_starttls && service->url->port == 0)
> -			serv = "pop3s";
> -		
>  		camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> -				      _("Could not connect to %s (port %s): %s"),
> -				      service->url->host, serv,
> -				      _("SSL unavailable"));
> +				      _("Could not connect to %s: %s"),
> +				      service->url->host, _("SSL unavailable"));
>  		
>  		return FALSE;
>  #endif /* HAVE_SSL */
>  	} else {
>  		tcp_stream = camel_tcp_stream_raw_new ();
>  	}
> -
> -	hints.ai_socktype = SOCK_STREAM;
> -	ai = camel_getaddrinfo(service->url->host, serv, &hints, ex);
> -	if (ai == NULL) {
> -		camel_object_unref(tcp_stream);
> -		return FALSE;
> -	}
>  	
> -	ret = camel_tcp_stream_connect(CAMEL_TCP_STREAM(tcp_stream), ai);
> -	camel_freeaddrinfo(ai);
> -	if (ret == -1) {
> +	if ((ret = camel_tcp_stream_connect ((CamelTcpStream *) tcp_stream, ai)) == -1) {
>  		if (errno == EINTR)
>  			camel_exception_set (ex, CAMEL_EXCEPTION_USER_CANCEL,
>  					     _("Connection cancelled"));
>  		else
>  			camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> -					      _("Could not connect to POP server %s (port %s): %s"),
> -					      service->url->host, serv, g_strerror (errno));
> +					      _("Could not connect to %s: %s"),
> +					      service->url->host,
> +					      g_strerror (errno));
>  		
>  		camel_object_unref (tcp_stream);
>  		
> @@ -218,41 +196,24 @@
>  	
>  	if (!(store->engine = camel_pop3_engine_new (tcp_stream, flags))) {
>  		camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM,
> -				      _("Failed to read a valid greeting from POP server %s (port %s)"),
> -				      service->url->host, serv);
> +				      _("Failed to read a valid greeting from POP server %s"),
> +				      service->url->host);
> +		
>  		return FALSE;
>  	}
>  	
> -#ifdef HAVE_SSL
> -	if (store->engine) {
> -		if (ssl_mode == USE_SSL_WHEN_POSSIBLE) {
> -			if (store->engine->capa & CAMEL_POP3_CAP_STLS)
> -				goto starttls;
> -		} else if (ssl_mode == USE_SSL_ALWAYS) {
> -			if (try_starttls) {
> -				if (store->engine->capa & CAMEL_POP3_CAP_STLS) {
> -				/* attempt to toggle STARTTLS mode */
> -					goto starttls;
> -				} else {
> -				/* server doesn't support STARTTLS, abort */
> -					camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM,
> -							      _("Failed to connect to POP server %s in secure mode: %s"),
> -							      service->url->host, _("SSL/TLS extension not supported."));
> -					/* we have the possibility of quitting cleanly here */
> -					clean_quit = TRUE;
> -					goto stls_exception;
> -				}
> -			}
> -		}
> +	if (ssl_mode != MODE_TLS) {
> +		camel_object_unref (tcp_stream);
> +		return TRUE;
>  	}
> -#endif /* HAVE_SSL */
> -	
> -	camel_object_unref (tcp_stream);
>  	
> -	return store->engine != NULL;
> +	if (!(store->engine->capa & CAMEL_POP3_CAP_STLS)) {
> +		camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM,
> +				      _("Failed to connect to POP server %s in secure mode: %s"),
> +				      service->url->host, _("STLS not supported"));
> +		goto stls_exception;
> +	}
>  	
> -#ifdef HAVE_SSL
> - starttls:
>  	/* as soon as we send a STLS command, all hope is lost of a clean QUIT if problems arise */
>  	clean_quit = FALSE;
>  	
> @@ -302,59 +263,55 @@
>  	store->engine = NULL;
>  	
>  	return FALSE;
> -#endif /* HAVE_SSL */
>  }
>  
>  static struct {
>  	char *value;
> +	char *serv;
>  	int mode;
>  } ssl_options[] = {
> -	{ "",              USE_SSL_ALWAYS        },
> -	{ "always",        USE_SSL_ALWAYS        },
> -	{ "when-possible", USE_SSL_WHEN_POSSIBLE },
> -	{ "never",         USE_SSL_NEVER         },
> -	{ NULL,            USE_SSL_NEVER         },
> +	{ "",              "pop3s", MODE_SSL   },  /* really old (1.x) */
> +	{ "always",        "pop3s", MODE_SSL   },
> +	{ "when-possible", "pop3",  MODE_TLS   },
> +	{ "never",         "pop3",  MODE_CLEAR },
> +	{ NULL,            "pop3",  MODE_CLEAR },
>  };
>  
>  static gboolean
>  connect_to_server_wrapper (CamelService *service, CamelException *ex)
>  {
> -#ifdef HAVE_SSL
> -	const char *use_ssl;
> -	int i, ssl_mode;
> +	struct addrinfo hints, *ai;
> +	const char *ssl_mode;
> +	int mode, ret, i;
> +	char *serv;
>  	
> -	use_ssl = camel_url_get_param (service->url, "use_ssl");
> -	if (use_ssl) {
> +	if ((ssl_mode = camel_url_get_param (service->url, "use_ssl"))) {
>  		for (i = 0; ssl_options[i].value; i++)
> -			if (!strcmp (ssl_options[i].value, use_ssl))
> +			if (!strcmp (ssl_options[i].value, ssl_mode))
>  				break;
> -		ssl_mode = ssl_options[i].mode;
> -	} else
> -		ssl_mode = USE_SSL_NEVER;
> -	
> -	if (ssl_mode == USE_SSL_ALWAYS) {
> -		/* First try the ssl port */
> -		if (!connect_to_server (service, ssl_mode, FALSE, ex)) {
> -			if (camel_exception_get_id (ex) == CAMEL_EXCEPTION_SERVICE_UNAVAILABLE) {
> -				/* The ssl port seems to be unavailable, lets try STARTTLS */
> -				camel_exception_clear (ex);
> -				return connect_to_server (service, ssl_mode, TRUE, ex);
> -			} else {
> -				return FALSE;
> -			}
> -		}
> -		
> -		return TRUE;
> -	} else if (ssl_mode == USE_SSL_WHEN_POSSIBLE) {
> -		/* If the server supports STARTTLS, use it */
> -		return connect_to_server (service, ssl_mode, TRUE, ex);
> +		mode = ssl_options[i].mode;
> +		serv = ssl_options[i].serv;
>  	} else {
> -		/* User doesn't care about SSL */
> -		return connect_to_server (service, ssl_mode, FALSE, ex);
> +		mode = MODE_CLEAR;
> +		serv = "pop3";
>  	}
> -#else
> -	return connect_to_server (service, USE_SSL_NEVER, FALSE, ex);
> -#endif
> +	
> +	if (service->url->port) {
> +		serv = g_alloca (16);
> +		sprintf (serv, "%d", service->url->port);
> +	}
> +	
> +	memset (&hints, 0, sizeof (hints));
> +	hints.ai_socktype = SOCK_STREAM;
> +	hints.ai_family = PF_UNSPEC;
> +	if (!(ai = camel_getaddrinfo (service->url->host, serv, &hints, ex)))
> +		return FALSE;
> +	
> +	ret = connect_to_server (service, ai, mode, ex);
> +	
> +	camel_freeaddrinfo (ai);
> +	
> +	return ret;
>  }
>  
>  extern CamelServiceAuthType camel_pop3_password_authtype;
> Index: providers/smtp/camel-smtp-transport.c
> ===================================================================
> RCS file: /cvs/gnome/evolution/camel/providers/smtp/camel-smtp-transport.c,v
> retrieving revision 1.157.14.1
> diff -u -r1.157.14.1 camel-smtp-transport.c
> --- providers/smtp/camel-smtp-transport.c	23 Sep 2004 04:12:30 -0000	1.157.14.1
> +++ providers/smtp/camel-smtp-transport.c	27 Sep 2004 17:36:16 -0000
> @@ -145,18 +145,7 @@
>  		CamelProvider *provider, CamelURL *url,
>  		CamelException *ex)
>  {
> -	CamelSmtpTransport *smtp_transport = CAMEL_SMTP_TRANSPORT (service);
> -	const char *use_ssl;
> -	
>  	CAMEL_SERVICE_CLASS (parent_class)->construct (service, session, provider, url, ex);
> -	
> -	if ((use_ssl = camel_url_get_param (url, "use_ssl"))) {
> -		/* Note: previous versions would use "" to toggle use_ssl to 'on' */
> -		if (!*use_ssl || !strcmp (use_ssl, "always"))
> -			smtp_transport->flags |= CAMEL_SMTP_TRANSPORT_USE_SSL_ALWAYS;
> -		else if (!strcmp (use_ssl, "when-possible"))
> -			smtp_transport->flags |= CAMEL_SMTP_TRANSPORT_USE_SSL_WHEN_POSSIBLE;
> -	}
>  }
>  
>  static const char *
> @@ -228,70 +217,56 @@
>  	}
>  }
>  
> +enum {
> +	MODE_CLEAR,
> +	MODE_SSL,
> +	MODE_TLS,
> +};
> +
>  #define SSL_PORT_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_SSL2 | CAMEL_TCP_STREAM_SSL_ENABLE_SSL3)
>  #define STARTTLS_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_TLS)
>  
>  static gboolean
> -connect_to_server (CamelService *service, int try_starttls, CamelException *ex)
> +connect_to_server (CamelService *service, struct addrinfo *ai, int ssl_mode, CamelException *ex)
>  {
>  	CamelSmtpTransport *transport = CAMEL_SMTP_TRANSPORT (service);
>  	CamelStream *tcp_stream;
>  	char *respbuf = NULL;
>  	int ret;
> -	struct addrinfo *ai, hints = { 0 };
> -	char *serv;
>  	
>  	if (!CAMEL_SERVICE_CLASS (parent_class)->connect (service, ex))
>  		return FALSE;
>  	
>  	/* set some smtp transport defaults */
> -	transport->flags &= CAMEL_SMTP_TRANSPORT_USE_SSL; /* reset all but ssl flags */
> +	transport->flags = 0;
>  	transport->authtypes = NULL;
> -
> -	if (service->url->port) {
> -		serv = g_alloca(16);
> -		sprintf(serv, "%d", service->url->port);
> -	} else
> -		serv = "smtp";
>  	
> -	if (transport->flags & CAMEL_SMTP_TRANSPORT_USE_SSL) {
> +	if (ssl_mode != MODE_CLEAR) {
>  #ifdef HAVE_SSL
> -		if (try_starttls) {
> -			tcp_stream = camel_tcp_stream_ssl_new_raw (service->session, service->url->host, STARTTLS_FLAGS);
> +		if (ssl_mode == MODE_TLS) {
> +			tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host, STARTTLS_FLAGS);
>  		} else {
> -			if (service->url->port == 0)
> -				serv = "smtps";
>  			tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host, SSL_PORT_FLAGS);
>  		}
>  #else
> -		if (!try_starttls && service->url->port == 0)
> -			serv = "smtps";
> -		
>  		camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> -				      _("Could not connect to %s (port %s): %s"),
> -				      service->url->host, serv,
> -				      _("SSL unavailable"));
> -
> +				      _("Could not connect to %s: %s"),
> +				      service->url->host, _("SSL unavailable"));
> +		
>  		return FALSE;
>  #endif /* HAVE_SSL */
>  	} else {
>  		tcp_stream = camel_tcp_stream_raw_new ();
>  	}
> -
> -	hints.ai_socktype = SOCK_STREAM;
> -	ai = camel_getaddrinfo(service->url->host, serv, &hints, ex);
> -	if (ai == NULL) {
> -		camel_object_unref(tcp_stream);
> -		return FALSE;
> -	}
>  	
> -	ret = camel_tcp_stream_connect(CAMEL_TCP_STREAM(tcp_stream), ai);
> -	camel_freeaddrinfo(ai);
> -	if (ret == -1) {
> -		camel_exception_setv (ex, errno == EINTR ? CAMEL_EXCEPTION_USER_CANCEL : CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> -				      _("Could not connect to %s (port %s): %s"),
> -				      service->url->host, serv,
> -				      g_strerror (errno));
> +	if ((ret = camel_tcp_stream_connect ((CamelTcpStream *) tcp_stream, ai)) == -1) {
> +		if (errno == EINTR)
> +			camel_exception_set (ex, CAMEL_EXCEPTION_USER_CANCEL,
> +					     _("Connection cancelled"));
> +		else
> +			camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_UNAVAILABLE,
> +					      _("Could not connect to %s: %s"),
> +					      service->url->host, g_strerror (errno));
>  		
>  		camel_object_unref (tcp_stream);
>  		
> @@ -335,30 +310,19 @@
>  	/* clear any EHLO/HELO exception and assume that any SMTP errors encountered were non-fatal */
>  	camel_exception_clear (ex);
>  	
> -#ifdef HAVE_SSL
> -	if (transport->flags & CAMEL_SMTP_TRANSPORT_USE_SSL_WHEN_POSSIBLE) {
> -		/* try_starttls is always TRUE here */
> -		if (transport->flags & CAMEL_SMTP_TRANSPORT_STARTTLS)
> -			goto starttls;
> -	} else if (transport->flags & CAMEL_SMTP_TRANSPORT_USE_SSL_ALWAYS) {
> -		if (try_starttls) {
> -			if (transport->flags & CAMEL_SMTP_TRANSPORT_STARTTLS) {
> -				goto starttls;
> -			} else {
> -				/* server doesn't support STARTTLS, abort */
> -				camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM,
> -						      _("Failed to connect to SMTP server %s in secure mode: %s"),
> -						      service->url->host, _("server does not appear to support SSL"));
> -				goto exception_cleanup;
> -			}
> -		}
> +	if (ssl_mode != MODE_TLS) {
> +		/* we're done */
> +		return TRUE;
>  	}
> -#endif /* HAVE_SSL */
>  	
> -	return TRUE;
> +	if (!(transport->flags & CAMEL_SMTP_TRANSPORT_STARTTLS)) {
> +		camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM,
> +				      _("Failed to connect to SMTP server %s in secure mode: %s"),
> +				      service->url->host, _("STARTTLS not supported"));
> +		
> +		goto exception_cleanup;
> +	}
>  	
> -#ifdef HAVE_SSL
> - starttls:
>  	d(fprintf (stderr, "sending : STARTTLS\r\n"));
>  	if (camel_stream_write (tcp_stream, "STARTTLS\r\n", 10) == -1) {
>  		camel_exception_setv (ex, errno == EINTR ? CAMEL_EXCEPTION_USER_CANCEL : CAMEL_EXCEPTION_SYSTEM,
> @@ -408,38 +372,55 @@
>  	transport->connected = FALSE;
>  	
>  	return FALSE;
> -#endif /* HAVE_SSL */
>  }
>  
> +static struct {
> +	char *value;
> +	char *serv;
> +	int mode;
> +} ssl_options[] = {
> +	{ "",              "smtps", MODE_SSL   },  /* really old (1.x) */
> +	{ "always",        "smtps", MODE_SSL   },
> +	{ "when-possible", "smtp",  MODE_TLS   },
> +	{ "never",         "smtp",  MODE_CLEAR },
> +	{ NULL,            "smtp",  MODE_CLEAR },
> +};
> +
>  static gboolean
>  connect_to_server_wrapper (CamelService *service, CamelException *ex)
>  {
> -#ifdef HAVE_SSL
> -	CamelSmtpTransport *transport = (CamelSmtpTransport *) service;
> +	struct addrinfo hints, *ai;
> +	const char *ssl_mode;
> +	int mode, ret, i;
> +	char *serv;
>  	
> -	if (transport->flags & CAMEL_SMTP_TRANSPORT_USE_SSL_ALWAYS) {
> -		/* First try connecting to the SSL port  */
> -		if (!connect_to_server (service, FALSE, ex)) {
> -			if (camel_exception_get_id (ex) == CAMEL_EXCEPTION_SERVICE_UNAVAILABLE) {
> -				/* Seems the SSL port is unavailable, lets try STARTTLS */
> -				camel_exception_clear (ex);
> -				return connect_to_server (service, TRUE, ex);
> -			} else {
> -				return FALSE;
> -			}
> -		}
> -		
> -		return TRUE;
> -	} else if (transport->flags & CAMEL_SMTP_TRANSPORT_USE_SSL_WHEN_POSSIBLE) {
> -		/* If the server supports STARTTLS, use it */
> -		return connect_to_server (service, TRUE, ex);
> +	if ((ssl_mode = camel_url_get_param (service->url, "use_ssl"))) {
> +		for (i = 0; ssl_options[i].value; i++)
> +			if (!strcmp (ssl_options[i].value, ssl_mode))
> +				break;
> +		mode = ssl_options[i].mode;
> +		serv = ssl_options[i].serv;
>  	} else {
> -		/* User doesn't care about SSL */
> -		return connect_to_server (service, FALSE, ex);
> +		mode = MODE_CLEAR;
> +		serv = "smtp";
>  	}
> -#else
> -	return connect_to_server (service, FALSE, ex);
> -#endif
> +	
> +	if (service->url->port) {
> +		serv = g_alloca (16);
> +		sprintf (serv, "%d", service->url->port);
> +	}
> +	
> +	memset (&hints, 0, sizeof (hints));
> +	hints.ai_socktype = SOCK_STREAM;
> +	hints.ai_family = PF_UNSPEC;
> +	if (!(ai = camel_getaddrinfo (service->url->host, serv, &hints, ex)))
> +		return FALSE;
> +	
> +	ret = connect_to_server (service, ai, mode, ex);
> +	
> +	camel_freeaddrinfo (ai);
> +	
> +	return ret;
>  }
>  
>  static gboolean
> Index: providers/smtp/camel-smtp-transport.h
> ===================================================================
> RCS file: /cvs/gnome/evolution/camel/providers/smtp/camel-smtp-transport.h,v
> retrieving revision 1.17.56.1
> diff -u -r1.17.56.1 camel-smtp-transport.h
> --- providers/smtp/camel-smtp-transport.h	23 Sep 2004 04:12:30 -0000	1.17.56.1
> +++ providers/smtp/camel-smtp-transport.h	27 Sep 2004 17:36:16 -0000
> @@ -43,13 +43,7 @@
>  #define CAMEL_SMTP_TRANSPORT_ENHANCEDSTATUSCODES    (1 << 2)
>  #define CAMEL_SMTP_TRANSPORT_STARTTLS               (1 << 3)
>  
> -#define CAMEL_SMTP_TRANSPORT_USE_SSL_ALWAYS         (1 << 4)
> -#define CAMEL_SMTP_TRANSPORT_USE_SSL_WHEN_POSSIBLE  (1 << 5)
> -
> -#define CAMEL_SMTP_TRANSPORT_USE_SSL                (CAMEL_SMTP_TRANSPORT_USE_SSL_ALWAYS | \
> -						     CAMEL_SMTP_TRANSPORT_USE_SSL_WHEN_POSSIBLE)
> -
> -#define CAMEL_SMTP_TRANSPORT_AUTH_EQUAL             (1 << 6)  /* set if we are using authtypes from a broken AUTH= */
> +#define CAMEL_SMTP_TRANSPORT_AUTH_EQUAL             (1 << 4)  /* set if we are using authtypes from a broken AUTH= */
>  
>  typedef struct {
>  	CamelTransport parent_object;
-- 
Jeffrey Stedfast
Evolution Hacker - Novell, Inc.
fejj ximian com  - www.novell.com
Index: ChangeLog
===================================================================
RCS file: /cvs/gnome/evolution/mail/ChangeLog,v
retrieving revision 1.3444.2.14
retrieving revision 1.3444.2.15
diff -u -r1.3444.2.14 -r1.3444.2.15
--- ChangeLog	27 Sep 2004 05:21:46 -0000	1.3444.2.14
+++ ChangeLog	27 Sep 2004 17:37:22 -0000	1.3444.2.15
@@ -1,3 +1,7 @@
+2004-09-22  Jeffrey Stedfast  <fejj novell com>
+
+	* mail-account-gui.c: Changed the labels for the SSL menu
+
 2004-09-21  Not Zed  <NotZed Ximian com>
 
 	** See bug #63521.
Index: mail-account-gui.c
===================================================================
RCS file: /cvs/gnome/evolution/mail/mail-account-gui.c,v
retrieving revision 1.171.14.2
retrieving revision 1.171.14.4
diff -u -r1.171.14.2 -r1.171.14.4
--- mail-account-gui.c	16 Sep 2004 14:45:56 -0000	1.171.14.2
+++ mail-account-gui.c	27 Sep 2004 18:31:53 -0000	1.171.14.4
@@ -82,9 +82,9 @@
 	char *label;
 	char *value;
 } ssl_options[] = {
-	{ N_("Always"), "always" },
-	{ N_("Whenever Possible"), "when-possible" },
-	{ N_("Never"), "never" }
+	{ N_("No encryption"),  "never"         },
+	{ N_("TLS encryption"), "when-possible" },
+	{ N_("SSL encryption"), "always"        }
 };
 
 static int num_ssl_options = sizeof (ssl_options) / sizeof (ssl_options[0]);
@@ -1473,7 +1473,7 @@
 	gtk_option_menu_remove_menu (service->use_ssl);
 	gtk_option_menu_set_menu (service->use_ssl, menu);
 	
-	gtk_option_menu_set_history (service->use_ssl, i - 1);
+	gtk_option_menu_set_history (service->use_ssl, 0);
 	g_signal_emit_by_name (item, "activate", service);
 }
 
@@ -2285,7 +2285,7 @@
 		
 		/* set the value to either "always" or "when-possible"
 		   but don't bother setting it for "never" */
-		if (strcmp (use_ssl, "never"))
+		if (strcmp (use_ssl, "never") != 0)
 			camel_url_set_param (url, "use_ssl", use_ssl);
 	}
 	
Index: mail-config.glade
===================================================================
RCS file: /cvs/gnome/evolution/mail/mail-config.glade,v
retrieving revision 1.148.4.2
retrieving revision 1.148.4.4
diff -u -r1.148.4.2 -r1.148.4.4
--- mail-config.glade	7 Sep 2004 21:06:39 -0000	1.148.4.2
+++ mail-config.glade	27 Sep 2004 18:37:16 -0000	1.148.4.4
@@ -1353,7 +1353,7 @@
 			      <child>
 				<widget class="GtkLabel" id="lblSourceUseSSL">
 				  <property name="visible">True</property>
-				  <property name="label" translatable="yes">_Use Secure Connection (SSL):</property>
+				  <property name="label" translatable="yes">_Use Secure Connection:</property>
 				  <property name="use_underline">True</property>
 				  <property name="use_markup">False</property>
 				  <property name="justify">GTK_JUSTIFY_CENTER</property>
@@ -1385,7 +1385,7 @@
 				      <child>
 					<widget class="GtkMenuItem" id="convertwidget10">
 					  <property name="visible">True</property>
-					  <property name="label" translatable="yes">Always</property>
+					  <property name="label" translatable="yes">No encryption</property>
 					  <property name="use_underline">True</property>
 					</widget>
 				      </child>
@@ -1393,7 +1393,7 @@
 				      <child>
 					<widget class="GtkMenuItem" id="convertwidget11">
 					  <property name="visible">True</property>
-					  <property name="label" translatable="yes">Whenever Possible</property>
+					  <property name="label" translatable="yes">TLS encryption</property>
 					  <property name="use_underline">True</property>
 					</widget>
 				      </child>
@@ -1401,7 +1401,7 @@
 				      <child>
 					<widget class="GtkMenuItem" id="convertwidget12">
 					  <property name="visible">True</property>
-					  <property name="label" translatable="yes">Never</property>
+					  <property name="label" translatable="yes">SSL encryption</property>
 					  <property name="use_underline">True</property>
 					</widget>
 				      </child>
@@ -2315,7 +2315,7 @@
 				  <child>
 				    <widget class="GtkLabel" id="lblTransportUseSSL">
 				      <property name="visible">True</property>
-				      <property name="label" translatable="yes">_Use Secure Connection (SSL):</property>
+				      <property name="label" translatable="yes">_Use Secure Connection:</property>
 				      <property name="use_underline">True</property>
 				      <property name="use_markup">False</property>
 				      <property name="justify">GTK_JUSTIFY_CENTER</property>
@@ -2347,7 +2347,7 @@
 					  <child>
 					    <widget class="GtkMenuItem" id="convertwidget20">
 					      <property name="visible">True</property>
-					      <property name="label" translatable="yes">Always</property>
+					      <property name="label" translatable="yes">No encryption</property>
 					      <property name="use_underline">True</property>
 					    </widget>
 					  </child>
@@ -2355,7 +2355,7 @@
 					  <child>
 					    <widget class="GtkMenuItem" id="convertwidget21">
 					      <property name="visible">True</property>
-					      <property name="label" translatable="yes">Whenever Possible</property>
+					      <property name="label" translatable="yes">TLS encryption</property>
 					      <property name="use_underline">True</property>
 					    </widget>
 					  </child>
@@ -2363,7 +2363,7 @@
 					  <child>
 					    <widget class="GtkMenuItem" id="convertwidget22">
 					      <property name="visible">True</property>
-					      <property name="label" translatable="yes">Never</property>
+					      <property name="label" translatable="yes">SSL encryption</property>
 					      <property name="use_underline">True</property>
 					    </widget>
 					  </child>

Attachment: smime.p7s
Description: S/MIME cryptographic signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]