From: <abe...@us...> - 2016-08-04 00:12:46
|
Revision: 7789 http://sourceforge.net/p/astlinux/code/7789 Author: abelbeck Date: 2016-08-04 00:12:44 +0000 (Thu, 04 Aug 2016) Log Message: ----------- msmtp, allow an empty 'SMTP Cert File' (SMTP_CA) which will default to the system ca-bundle.crt Modified Paths: -------------- branches/1.0/package/msmtp/msmtp.init branches/1.0/package/webinterface/altweb/admin/network.php branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf Modified: branches/1.0/package/msmtp/msmtp.init =================================================================== --- branches/1.0/package/msmtp/msmtp.init 2016-08-03 17:35:08 UTC (rev 7788) +++ branches/1.0/package/msmtp/msmtp.init 2016-08-04 00:12:44 UTC (rev 7789) @@ -2,6 +2,8 @@ . /etc/rc.conf +CA_BUNDLE="/usr/lib/ssl/certs/ca-bundle.crt" + ALIASES_FILE="/mnt/kd/msmtp-aliases.conf" gen_msmtp_config() { @@ -33,13 +35,16 @@ echo "tls_starttls $SMTP_STARTTLS" fi - if [ -n "$SMTP_CA" ]; then - echo "tls_trust_file $SMTP_CA" - fi + if [ "$SMTP_CERTCHECK" = "off" ]; then + echo "tls_certcheck off" + else + echo "tls_certcheck on" - # may be 'off' or 'on'... use default if unset. - if [ -n "$SMTP_CERTCHECK" ]; then - echo "tls_certcheck $SMTP_CERTCHECK" + if [ -n "$SMTP_CA" ] && [ -f "$SMTP_CA" ]; then + echo "tls_trust_file $SMTP_CA" + else + echo "tls_trust_file $CA_BUNDLE" + fi fi fi Modified: branches/1.0/package/webinterface/altweb/admin/network.php =================================================================== --- branches/1.0/package/webinterface/altweb/admin/network.php 2016-08-03 17:35:08 UTC (rev 7788) +++ branches/1.0/package/webinterface/altweb/admin/network.php 2016-08-04 00:12:44 UTC (rev 7789) @@ -1765,9 +1765,7 @@ putHtml('<option value="on"'.$sel.'>Check Cert</option>'); putHtml('</select>'); putHtml('</td><td style="text-align: left;" colspan="3">'); - if (($value = getVARdef($db, 'SMTP_CA', $cur_db)) === '') { - $value = '/mnt/kd/ssl/ca-smtp.pem'; - } + $value = getVARdef($db, 'SMTP_CA', $cur_db); putHtml('SMTP Cert File:<input type="text" size="24" maxlength="64" value="'.$value.'" name="smtp_ca_cert" /></td></tr>'); putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="3">'); $value = getVARdef($db, 'SMTP_USER', $cur_db); Modified: branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf =================================================================== --- branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2016-08-03 17:35:08 UTC (rev 7788) +++ branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2016-08-04 00:12:44 UTC (rev 7789) @@ -460,22 +460,21 @@ ## The From: of SMTP messages. #SMTP_FROM="us...@my...d" ## -## If SMTP_TLS is defined, we will use TLS. You should have a trusted cert list and -## define its location with SMTP_CA. Optionally, you can turn off the certificate -## verification. This is a security risk! -#SMTP_TLS=yes +## Enable TLS by setting SMTP_TLS to "yes" +#SMTP_TLS="yes" ## SMTP_STARTTLS 'on' (default) For TLS/STARTTLS, commonly TCP port 587 ## SMTP_STARTTLS 'off' For SMTP over SSL, commonly TCP port 465 -#SMTP_STARTTLS=off -## SMTP_CA file, one or more certificates of trusted CA's in PEM format +#SMTP_STARTTLS="on" +## SMTP_CA file, one or more certificates of trusted CA's in PEM format. +## If SMTP_CA is not defined, the system ca-bundle.crt will be used by default. #SMTP_CA="/mnt/kd/ssl/ca-smtp.pem" -## SMTP_CERTCHECK 'off' or 'on' (default), must be 'off' if SMTP_CA is not defined -#SMTP_CERTCHECK=off +## SMTP_CERTCHECK 'off' or 'on' (default) +#SMTP_CERTCHECK="on" ## The username and password for communicating with the SMTP server. -#SMTP_USER=username -#SMTP_PASS=password +#SMTP_USER="username" +#SMTP_PASS="password" ## The SMTP login method (plain or login are supported) -#SMTP_AUTH=plain +#SMTP_AUTH="plain" ## SMTP port to connect to SMTP_SERVER on. Defaults to 25 #SMTP_PORT="25" This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |