mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2024-11-11 13:32:38 +01:00
Use opportunistic TLS in SMTP connections
If SSL is disabled, the SMTP ClientSecurity of the lettre crate defaults to None, that is, an insecure connection. This is changed to Opportunistic, which uses TLS if available. If TLS is not available, the insecure connection is used (i.e., this change is backward compatible).
This commit is contained in:
parent
70f3ab8ec3
commit
5d3b765a23
10
src/mail.rs
10
src/mail.rs
@ -18,21 +18,21 @@ use chrono::NaiveDateTime;
|
||||
fn mailer() -> SmtpTransport {
|
||||
let host = CONFIG.smtp_host().unwrap();
|
||||
|
||||
let client_security = if CONFIG.smtp_ssl() {
|
||||
let tls = TlsConnector::builder()
|
||||
.min_protocol_version(Some(Protocol::Tlsv11))
|
||||
.build()
|
||||
.unwrap();
|
||||
|
||||
let params = ClientTlsParameters::new(host.clone(), tls);
|
||||
let tls_params = ClientTlsParameters::new(host.clone(), tls);
|
||||
|
||||
let client_security = if CONFIG.smtp_ssl() {
|
||||
if CONFIG.smtp_explicit_tls() {
|
||||
ClientSecurity::Wrapper(params)
|
||||
ClientSecurity::Wrapper(tls_params)
|
||||
} else {
|
||||
ClientSecurity::Required(params)
|
||||
ClientSecurity::Required(tls_params)
|
||||
}
|
||||
} else {
|
||||
ClientSecurity::None
|
||||
ClientSecurity::Opportunistic(tls_params)
|
||||
};
|
||||
|
||||
use std::time::Duration;
|
||||
|
Loading…
Reference in New Issue
Block a user