From b3f992b1f3a1398f141b16a5e2c3a5d7f078b56b Mon Sep 17 00:00:00 2001 From: Aki Tuomi Date: Fri, 15 Nov 2024 11:51:21 +0200 Subject: [PATCH] lib-smtp: Set application protocol for TLS --- src/lib-smtp/smtp-client-connection.c | 12 ++++++++++-- src/lib-smtp/smtp-server-connection.c | 6 ++++++ 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/src/lib-smtp/smtp-client-connection.c b/src/lib-smtp/smtp-client-connection.c index 19e067773d..7685c3107f 100644 --- a/src/lib-smtp/smtp-client-connection.c +++ b/src/lib-smtp/smtp-client-connection.c @@ -1590,8 +1590,16 @@ smtp_client_connection_init_ssl_ctx(struct smtp_client_connection *conn, "Requested SSL connection, but no SSL settings given"; return -1; } - return ssl_iostream_client_context_cache_get(conn->set.ssl, - &conn->ssl_ctx, error_r); + if (ssl_iostream_client_context_cache_get(conn->set.ssl, &conn->ssl_ctx, + error_r) < 0) + return -1; + const char *application_protocol = smtp_protocol_name(conn->protocol); + const char *const names[] = { + application_protocol, + NULL + }; + ssl_iostream_context_set_application_protocols(conn->ssl_ctx, names); + return 0; } static int diff --git a/src/lib-smtp/smtp-server-connection.c b/src/lib-smtp/smtp-server-connection.c index b7cd7ad141..1a3dae1c66 100644 --- a/src/lib-smtp/smtp-server-connection.c +++ b/src/lib-smtp/smtp-server-connection.c @@ -388,6 +388,12 @@ smtp_server_connection_sni_callback(const char *name, const char **error_r, } settings_free(ssl_set); settings_free(ssl_server_set); + const char *application_protocol = smtp_protocol_name(conn->set.protocol); + const char *const names[] = { + application_protocol, + NULL + }; + ssl_iostream_context_set_application_protocols(ssl_ctx, names); ssl_iostream_change_context(conn->ssl_iostream, ssl_ctx); ssl_iostream_context_unref(&ssl_ctx); return 0; -- 2.47.3