dma: treat encrypted connections as secure

Users have to set the INSECURE config option to allow dma to send
plaintext passwords on login.  This commit allows dma to send plaintext
passwords through TLS connections even if the INSECURE config option is
not set.

The downside is that this allows a man-in-the-middle attack on the
password exchange.  The only solution to this is checking the server
certificate, but we don't do that (yet).

diff --git a/net.c b/net.c
index 4a5ded50a93b8783c14599fa1f2fa20a47034ed0..d9af3541b00c5b0a6ba99c8728b2725eba852a1d 100644 (file)
--- a/net.c
+++ b/net.c
@@ -209,7 +209,8 @@ smtp_login(struct qitem *it, int fd, char *login, char* password)
                return (-1);
        }
 
-       if ((config->features & INSECURE) != 0) {
+       if ((config->features & INSECURE) != 0 ||
+           (config->features & SECURETRANS) != 0) {
                /* Send AUTH command according to RFC 2554 */
                send_remote_command(fd, "AUTH LOGIN");
                if (read_remote(fd, 0, NULL) != 3) {