1
0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2024-11-11 13:32:38 +01:00

Use opportunistic TLS in SMTP connections

If SSL is disabled, the SMTP ClientSecurity of the lettre crate
defaults to None, that is, an insecure connection. This is changed to
Opportunistic, which uses TLS if available. If TLS is not available,
the insecure connection is used (i.e., this change is backward
compatible).
This commit is contained in:
Samuel Leweke 2020-03-12 11:26:54 +01:00
parent 70f3ab8ec3
commit 5d3b765a23

View File

@ -18,21 +18,21 @@ use chrono::NaiveDateTime;
fn mailer() -> SmtpTransport {
let host = CONFIG.smtp_host().unwrap();
let client_security = if CONFIG.smtp_ssl() {
let tls = TlsConnector::builder()
.min_protocol_version(Some(Protocol::Tlsv11))
.build()
.unwrap();
let params = ClientTlsParameters::new(host.clone(), tls);
let tls_params = ClientTlsParameters::new(host.clone(), tls);
let client_security = if CONFIG.smtp_ssl() {
if CONFIG.smtp_explicit_tls() {
ClientSecurity::Wrapper(params)
ClientSecurity::Wrapper(tls_params)
} else {
ClientSecurity::Required(params)
ClientSecurity::Required(tls_params)
}
} else {
ClientSecurity::None
ClientSecurity::Opportunistic(tls_params)
};
use std::time::Duration;