lib-smtp: client: Fix ignoring invalid certificate from server.

Although it initially allowed the invalid certificate, it would still fail later
on while reading/writing the SSL streams.

diff --git a/src/lib-smtp/smtp-client-connection.c b/src/lib-smtp/smtp-client-connection.c
index 72be80cfb9f16b3e6a76d2aae41cf88acb2f144d..6f669bb3d7ad523511b7c29ff17d4a2c4810afc1 100644 (file)
--- a/src/lib-smtp/smtp-client-connection.c
+++ b/src/lib-smtp/smtp-client-connection.c
@@ -1201,7 +1201,6 @@ static int
 smtp_client_connection_ssl_init(struct smtp_client_connection *conn,
                                const char **error_r)
 {
-       struct ssl_iostream_settings ssl_set;
        const char *error;
 
        if (smtp_client_connection_init_ssl_ctx(conn, &error) < 0) {
@@ -1210,11 +1209,6 @@ smtp_client_connection_ssl_init(struct smtp_client_connection *conn,
                return -1;
        }
 
-       i_zero(&ssl_set);
-       if (!conn->set.ssl->allow_invalid_cert) {
-               ssl_set.verbose_invalid_cert = TRUE;
-       }
-
        if (conn->set.debug)
                smtp_client_connection_debug(conn, "Starting SSL handshake");
 
@@ -1229,7 +1223,7 @@ smtp_client_connection_ssl_init(struct smtp_client_connection *conn,
        }
 
        if (io_stream_create_ssl_client(conn->ssl_ctx,
-               conn->host, &ssl_set,
+               conn->host, conn->set.ssl,
                &conn->conn.input, &conn->conn.output,
                &conn->ssl_iostream, &error) < 0) {
                *error_r = t_strdup_printf(