summaryrefslogtreecommitdiff
path: root/files/arts/software/Code/elektropost/qmail-smtpd.c.force.tls.patch
blob: 8eb41329b2577494094aca82a2d77115a25f1807 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
*** qmail-smtpd.c.orig	Thu Jan  9 16:24:52 2014
--- qmail-smtpd.c	Thu Jan  9 16:30:52 2014
***************
*** 42,47 ****
--- 42,48 ----
  int tls_verify();
  void tls_nogateway();
  int ssl_rfd = -1, ssl_wfd = -1; /* SSL_get_Xfd() are broken */
+ int forcetls = 0;
  #endif
  
  int safewrite(fd,buf,len) int fd; char *buf; int len;
***************
*** 700,705 ****
--- 701,709 ----
    if (!stralloc_0(&proto)) die_nomem();
    protocol = proto.s;
  
+   /* Check if we have to force users to use ssl when authenticating */
+   if(control_readint(&forcetls,"control/smtpforcetls") == -1) die_control();
+ 
    /* have to discard the pre-STARTTLS HELO/EHLO argument, if any */
    dohelo(remotehost);
  }
***************
*** 894,899 ****
--- 898,912 ----
      out("503 auth not available (#5.3.3)\r\n");
      return;
    }
+ #ifdef TLS
+   if (forcetls && !ssl)
+   {
+     out("538 auth not available without TLS (#5.3.3)\r\n");
+     flush();
+     die_read();
+   }
+ #endif
+ 
    if (authd) { err_authd(); return; }
    if (seenmail) { err_authmail(); return; }