On Wed, Jan 14, 2015 at 09:39:21PM -0500, Wietse Venema wrote:
> > Not quite sure what the TLS library will do if handed a request to
> > do TLS when the security level happens to be "none". In particular,
> > various TLS-related bits for the session may not be set, and crashes
> > are possible. We need a check that the current destination's policy
> > is not TLS_LEV_NONE.
>
> In that case there is no smtp_tls_ctx. And the patch already
> warns about that.
We have a non-null smtp_tls_ctx when either the default level is
not "none" or when a policy table is configured. Two examples:
1.
main.cf:
smtp_tls_security_level = none
smtp_tls_policy_maps = ${indexed}tls-policy
smtp_fallback_relay = [smtp.ntlworld.com]:465
tls-policy:
gmail.com secure
# Negligent, also need:
# [smtp.ntlworld.com]:465 secure
2.
main.cf:
relayhost = [smtp.ntlworld.com]:465
smtp_tls_security_level = may
smtp_tls_policy_maps = ${indexed}tls-policy
tls-policy:
# Perverse, must not set:
[smtp.ntlworld.com]:465 none
And of course with "may", we need to avoid any attempt at cleartext
fallback if we're doing wrapper-mode SMTP.
--
Viktor.
