client_proxy_get_state(client), duration,
line == NULL ? "" : t_strdup_printf(
" - BUG: line not read: %s", line));
+
+ enum login_proxy_failure_type type =
+ login_proxy_failed_because_invalid_cert(client->login_proxy) ?
+ LOGIN_PROXY_FAILURE_TYPE_INTERNAL_CONFIG :
+ LOGIN_PROXY_FAILURE_TYPE_CONNECT;
login_proxy_failed(client->login_proxy,
login_proxy_get_event(client->login_proxy),
- LOGIN_PROXY_FAILURE_TYPE_CONNECT, reason);
+ type, reason);
return;
}
const char *reason = t_strdup_printf(
"Failed to start SSL handshake: %s",
ssl_iostream_get_last_error(proxy->server_ssl_iostream));
- login_proxy_failed(proxy, proxy->event,
- LOGIN_PROXY_FAILURE_TYPE_INTERNAL, reason);
+
+ enum login_proxy_failure_type type =
+ login_proxy_failed_because_invalid_cert(proxy) ?
+ LOGIN_PROXY_FAILURE_TYPE_INTERNAL_CONFIG :
+ LOGIN_PROXY_FAILURE_TYPE_INTERNAL;
+ login_proxy_failed(proxy, proxy->event, type, reason);
return -1;
}
proxy_rawlog_init(proxy);
return 0;
}
+bool login_proxy_failed_because_invalid_cert(struct login_proxy *proxy)
+{
+ if (proxy->server_ssl_iostream == NULL)
+ return FALSE;
+
+ enum ssl_iostream_state state =
+ ssl_iostream_get_state(proxy->server_ssl_iostream);
+ return state == SSL_IOSTREAM_STATE_INVALID_CERT ||
+ state == SSL_IOSTREAM_STATE_NAME_MISMATCH;
+}
+
void login_proxy_multiplex_input_start(struct login_proxy *proxy)
{
struct istream *input = i_stream_create_multiplex(proxy->server_input,
/* STARTTLS command was issued. */
int login_proxy_starttls(struct login_proxy *proxy);
+/* Returns TRUE if proxying failed because of invalid SSL certificate. */
+bool login_proxy_failed_because_invalid_cert(struct login_proxy *proxy);
/* MULTIPLEX input was started. */
void login_proxy_multiplex_input_start(struct login_proxy *proxy);
projects / thirdparty / dovecot / core.git / commitdiff
