blob: 8eb41329b2577494094aca82a2d77115a25f1807 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
*** qmail-smtpd.c.orig Thu Jan 9 16:24:52 2014
--- qmail-smtpd.c Thu Jan 9 16:30:52 2014
***************
*** 42,47 ****
--- 42,48 ----
int tls_verify();
void tls_nogateway();
int ssl_rfd = -1, ssl_wfd = -1; /* SSL_get_Xfd() are broken */
+ int forcetls = 0;
#endif
int safewrite(fd,buf,len) int fd; char *buf; int len;
***************
*** 700,705 ****
--- 701,709 ----
if (!stralloc_0(&proto)) die_nomem();
protocol = proto.s;
+ /* Check if we have to force users to use ssl when authenticating */
+ if(control_readint(&forcetls,"control/smtpforcetls") == -1) die_control();
+
/* have to discard the pre-STARTTLS HELO/EHLO argument, if any */
dohelo(remotehost);
}
***************
*** 894,899 ****
--- 898,912 ----
out("503 auth not available (#5.3.3)\r\n");
return;
}
+ #ifdef TLS
+ if (forcetls && !ssl)
+ {
+ out("538 auth not available without TLS (#5.3.3)\r\n");
+ flush();
+ die_read();
+ }
+ #endif
+
if (authd) { err_authd(); return; }
if (seenmail) { err_authmail(); return; }
|
