Menu
▾
▴
[Astlinux-commits] SF.net SVN: astlinux:[7789] branches/1.0
|
From: <abe...@us...> - 2016-08-04 00:12:46
|
Revision: 7789
http://sourceforge.net/p/astlinux/code/7789
Author: abelbeck
Date: 2016-08-04 00:12:44 +0000 (Thu, 04 Aug 2016)
Log Message:
-----------
msmtp, allow an empty 'SMTP Cert File' (SMTP_CA) which will default to the system ca-bundle.crt
Modified Paths:
--------------
branches/1.0/package/msmtp/msmtp.init
branches/1.0/package/webinterface/altweb/admin/network.php
branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
Modified: branches/1.0/package/msmtp/msmtp.init
===================================================================
--- branches/1.0/package/msmtp/msmtp.init 2016-08-03 17:35:08 UTC (rev 7788)
+++ branches/1.0/package/msmtp/msmtp.init 2016-08-04 00:12:44 UTC (rev 7789)
@@ -2,6 +2,8 @@
. /etc/rc.conf
+CA_BUNDLE="/usr/lib/ssl/certs/ca-bundle.crt"
+
ALIASES_FILE="/mnt/kd/msmtp-aliases.conf"
gen_msmtp_config() {
@@ -33,13 +35,16 @@
echo "tls_starttls $SMTP_STARTTLS"
fi
- if [ -n "$SMTP_CA" ]; then
- echo "tls_trust_file $SMTP_CA"
- fi
+ if [ "$SMTP_CERTCHECK" = "off" ]; then
+ echo "tls_certcheck off"
+ else
+ echo "tls_certcheck on"
- # may be 'off' or 'on'... use default if unset.
- if [ -n "$SMTP_CERTCHECK" ]; then
- echo "tls_certcheck $SMTP_CERTCHECK"
+ if [ -n "$SMTP_CA" ] && [ -f "$SMTP_CA" ]; then
+ echo "tls_trust_file $SMTP_CA"
+ else
+ echo "tls_trust_file $CA_BUNDLE"
+ fi
fi
fi
Modified: branches/1.0/package/webinterface/altweb/admin/network.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/network.php 2016-08-03 17:35:08 UTC (rev 7788)
+++ branches/1.0/package/webinterface/altweb/admin/network.php 2016-08-04 00:12:44 UTC (rev 7789)
@@ -1765,9 +1765,7 @@
putHtml('<option value="on"'.$sel.'>Check Cert</option>');
putHtml('</select>');
putHtml('</td><td style="text-align: left;" colspan="3">');
- if (($value = getVARdef($db, 'SMTP_CA', $cur_db)) === '') {
- $value = '/mnt/kd/ssl/ca-smtp.pem';
- }
+ $value = getVARdef($db, 'SMTP_CA', $cur_db);
putHtml('SMTP Cert File:<input type="text" size="24" maxlength="64" value="'.$value.'" name="smtp_ca_cert" /></td></tr>');
putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="3">');
$value = getVARdef($db, 'SMTP_USER', $cur_db);
Modified: branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2016-08-03 17:35:08 UTC (rev 7788)
+++ branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2016-08-04 00:12:44 UTC (rev 7789)
@@ -460,22 +460,21 @@
## The From: of SMTP messages.
#SMTP_FROM="us...@my..."
##
-## If SMTP_TLS is defined, we will use TLS. You should have a trusted cert list and
-## define its location with SMTP_CA. Optionally, you can turn off the certificate
-## verification. This is a security risk!
-#SMTP_TLS=yes
+## Enable TLS by setting SMTP_TLS to "yes"
+#SMTP_TLS="yes"
## SMTP_STARTTLS 'on' (default) For TLS/STARTTLS, commonly TCP port 587
## SMTP_STARTTLS 'off' For SMTP over SSL, commonly TCP port 465
-#SMTP_STARTTLS=off
-## SMTP_CA file, one or more certificates of trusted CA's in PEM format
+#SMTP_STARTTLS="on"
+## SMTP_CA file, one or more certificates of trusted CA's in PEM format.
+## If SMTP_CA is not defined, the system ca-bundle.crt will be used by default.
#SMTP_CA="/mnt/kd/ssl/ca-smtp.pem"
-## SMTP_CERTCHECK 'off' or 'on' (default), must be 'off' if SMTP_CA is not defined
-#SMTP_CERTCHECK=off
+## SMTP_CERTCHECK 'off' or 'on' (default)
+#SMTP_CERTCHECK="on"
## The username and password for communicating with the SMTP server.
-#SMTP_USER=username
-#SMTP_PASS=password
+#SMTP_USER="username"
+#SMTP_PASS="password"
## The SMTP login method (plain or login are supported)
-#SMTP_AUTH=plain
+#SMTP_AUTH="plain"
## SMTP port to connect to SMTP_SERVER on. Defaults to 25
#SMTP_PORT="25"
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
