summaryrefslogtreecommitdiff
path: root/files/arts/software/Code/elektropost/qmail-smtpd.c.force.tls.patch
diff options
context:
space:
mode:
Diffstat (limited to 'files/arts/software/Code/elektropost/qmail-smtpd.c.force.tls.patch')
-rw-r--r--files/arts/software/Code/elektropost/qmail-smtpd.c.force.tls.patch42
1 files changed, 42 insertions, 0 deletions
diff --git a/files/arts/software/Code/elektropost/qmail-smtpd.c.force.tls.patch b/files/arts/software/Code/elektropost/qmail-smtpd.c.force.tls.patch
new file mode 100644
index 0000000..8eb4132
--- /dev/null
+++ b/files/arts/software/Code/elektropost/qmail-smtpd.c.force.tls.patch
@@ -0,0 +1,42 @@
1*** qmail-smtpd.c.orig Thu Jan 9 16:24:52 2014
2--- qmail-smtpd.c Thu Jan 9 16:30:52 2014
3***************
4*** 42,47 ****
5--- 42,48 ----
6 int tls_verify();
7 void tls_nogateway();
8 int ssl_rfd = -1, ssl_wfd = -1; /* SSL_get_Xfd() are broken */
9+ int forcetls = 0;
10 #endif
11
12 int safewrite(fd,buf,len) int fd; char *buf; int len;
13***************
14*** 700,705 ****
15--- 701,709 ----
16 if (!stralloc_0(&proto)) die_nomem();
17 protocol = proto.s;
18
19+ /* Check if we have to force users to use ssl when authenticating */
20+ if(control_readint(&forcetls,"control/smtpforcetls") == -1) die_control();
21+
22 /* have to discard the pre-STARTTLS HELO/EHLO argument, if any */
23 dohelo(remotehost);
24 }
25***************
26*** 894,899 ****
27--- 898,912 ----
28 out("503 auth not available (#5.3.3)\r\n");
29 return;
30 }
31+ #ifdef TLS
32+ if (forcetls && !ssl)
33+ {
34+ out("538 auth not available without TLS (#5.3.3)\r\n");
35+ flush();
36+ die_read();
37+ }
38+ #endif
39+
40 if (authd) { err_authd(); return; }
41 if (seenmail) { err_authmail(); return; }
42