SMTP: add support for required TLS

author: manuel <manuel@mausz.at> 2022-05-19 11:52:04 +0200
committer: manuel <manuel@mausz.at> 2022-05-19 11:52:04 +0200
commit: 026d6c79538ad9dbe646f3ee5559470419583fe9 (patch)
tree: 1895efa58c91c58c20b1962147452b3a83ad8355
parent: 34bc44373eed99e37cbcd00bb528bcdabc1461f9 (diff)
download: qmail-026d6c79538ad9dbe646f3ee5559470419583fe9.tar.gz
qmail-026d6c79538ad9dbe646f3ee5559470419583fe9.tar.bz2
qmail-026d6c79538ad9dbe646f3ee5559470419583fe9.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/qmail-smtpd.c b/qmail-smtpd.c
index 7867197..f038314 100644
--- a/qmail-smtpd.c
+++ b/qmail-smtpd.c
@@ -80,6 +80,7 @@ void tls_nogateway();
 int ssl_rfd = -1, ssl_wfd = -1; /* SSL_get_Xfd() are broken */
 stralloc proto = {0};
 int tls_before_auth = 0;
+int tls_require = 0;
 #endif
 #ifdef SMTPUTF8
@@ -345,6 +346,7 @@ void setup()
 #ifdef TLS
  if (env_get("TLSBEFOREAUTH")) tls_before_auth = 1;
+  if (env_get("TLSREQUIRE")) tls_require = 1;
  if (env_get("SMTPS")) { smtps = 1; tls_init(); }
  else
 #endif
@@ -724,6 +726,9 @@ void smtp_rset(arg) char *arg;
 void smtp_mail(arg) char *arg;
 {
  if (!seenhelo) { err_wanthelo(); return; }
+#if defined(TLS)
+  if (tls_require && !ssl) { err_wantstarttls(); return; }
+#endif
  if (!addrparse(arg)) { err_syntax(); return; }
  flagsize = 0;
  mailfrom_parms(arg);
author	manuel <manuel@mausz.at>	2022-05-19 11:52:04 +0200
committer	manuel <manuel@mausz.at>	2022-05-19 11:52:04 +0200
commit	026d6c79538ad9dbe646f3ee5559470419583fe9 (patch)
tree	1895efa58c91c58c20b1962147452b3a83ad8355
parent	34bc44373eed99e37cbcd00bb528bcdabc1461f9 (diff)
download	qmail-026d6c79538ad9dbe646f3ee5559470419583fe9.tar.gz qmail-026d6c79538ad9dbe646f3ee5559470419583fe9.tar.bz2 qmail-026d6c79538ad9dbe646f3ee5559470419583fe9.zip