From 5d3b765a238f6df35e3233499d6da763ad7c6cd8 Mon Sep 17 00:00:00 2001 From: Samuel Leweke Date: Thu, 12 Mar 2020 11:26:54 +0100 Subject: [PATCH] Use opportunistic TLS in SMTP connections If SSL is disabled, the SMTP ClientSecurity of the lettre crate defaults to None, that is, an insecure connection. This is changed to Opportunistic, which uses TLS if available. If TLS is not available, the insecure connection is used (i.e., this change is backward compatible). --- src/mail.rs | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/src/mail.rs b/src/mail.rs index 77eb2ac1..7a3c6603 100644 --- a/src/mail.rs +++ b/src/mail.rs @@ -18,21 +18,21 @@ use chrono::NaiveDateTime; fn mailer() -> SmtpTransport { let host = CONFIG.smtp_host().unwrap(); + let tls = TlsConnector::builder() + .min_protocol_version(Some(Protocol::Tlsv11)) + .build() + .unwrap(); + + let tls_params = ClientTlsParameters::new(host.clone(), tls); + let client_security = if CONFIG.smtp_ssl() { - let tls = TlsConnector::builder() - .min_protocol_version(Some(Protocol::Tlsv11)) - .build() - .unwrap(); - - let params = ClientTlsParameters::new(host.clone(), tls); - if CONFIG.smtp_explicit_tls() { - ClientSecurity::Wrapper(params) + ClientSecurity::Wrapper(tls_params) } else { - ClientSecurity::Required(params) + ClientSecurity::Required(tls_params) } } else { - ClientSecurity::None + ClientSecurity::Opportunistic(tls_params) }; use std::time::Duration;