Use opportunistic TLS in SMTP connections - vw_small

commit 5d3b765a238f6df35e3233499d6da763ad7c6cd8
parent 70f3ab8ec3d6ccfd8ec8c71c888459de484d9b43
Author: Samuel Leweke <samuel@leweke.info>
Date:   Thu, 12 Mar 2020 11:26:54 +0100

Use opportunistic TLS in SMTP connections

If SSL is disabled, the SMTP ClientSecurity of the lettre crate
defaults to None, that is, an insecure connection. This is changed to
Opportunistic, which uses TLS if available. If TLS is not available,
the insecure connection is used (i.e., this change is backward
compatible).

Diffstat:
M src/mail.rs  | 18 +++++++++---------

1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/src/mail.rs b/src/mail.rs
@@ -18,21 +18,21 @@ use chrono::NaiveDateTime;
 fn mailer() -> SmtpTransport {
     let host = CONFIG.smtp_host().unwrap();
 
-    let client_security = if CONFIG.smtp_ssl() {
-        let tls = TlsConnector::builder()
-            .min_protocol_version(Some(Protocol::Tlsv11))
-            .build()
-            .unwrap();
+    let tls = TlsConnector::builder()
+        .min_protocol_version(Some(Protocol::Tlsv11))
+        .build()
+        .unwrap();
 
-        let params = ClientTlsParameters::new(host.clone(), tls);
+    let tls_params = ClientTlsParameters::new(host.clone(), tls);
 
+    let client_security = if CONFIG.smtp_ssl() {
         if CONFIG.smtp_explicit_tls() {
-            ClientSecurity::Wrapper(params)
+            ClientSecurity::Wrapper(tls_params)
         } else {
-            ClientSecurity::Required(params)
+            ClientSecurity::Required(tls_params)
         }
     } else {
-        ClientSecurity::None
+        ClientSecurity::Opportunistic(tls_params)
     };
 
     use std::time::Duration;

	vw_small Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
	git clone https://git.philomathiclife.com/repos/vw_small
	Log \| Files \| Refs \| README