]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
submission-login: Fixed handling of ssl=required for trusted connections.
authorStephan Bosch <stephan.bosch@dovecot.fi>
Sat, 23 Dec 2017 18:40:09 +0000 (19:40 +0100)
committerStephan Bosch <stephan.bosch@dovecot.fi>
Sat, 23 Dec 2017 18:40:09 +0000 (19:40 +0100)
Normally, SSL is not required for trusted connections (e.g. localhost), but submission-login did not follow this standard.

src/submission-login/client.c

index bb545d0bc9e893563bc264af3f00202c95da6442..8d2832b907d9b5d4ab2fc93a791754c5127c41cb 100644 (file)
@@ -74,7 +74,8 @@ static void submission_client_create(struct client *client,
                smtp_set.capabilities |= SMTP_CAPABILITY_STARTTLS;
        smtp_set.hostname = subm_client->set->hostname;
        smtp_set.login_greeting = client->set->login_greeting;
-       smtp_set.tls_required = (strcmp(client->ssl_set->ssl, "required") == 0);
+       smtp_set.tls_required = !client->secured &&
+               (strcmp(client->ssl_set->ssl, "required") == 0);
        smtp_set.xclient_extensions = xclient_extensions;
        smtp_set.debug = client->set->auth_debug;