From: eric <eric@openbsd.org>
Date: Tue, 10 Sep 2019 12:08:26 +0000 (+0000)
Subject: immediatly close the connection if the cert is not valid, rather than
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2d0f6bd5d71af2c56b94852912c0b7cd56af3fbd;p=openbsd

immediatly close the connection if the cert is not valid, rather than
ending the smtp session.

ok gilles@
---

diff --git a/usr.sbin/smtpd/smtp_client.c b/usr.sbin/smtpd/smtp_client.c
index 7a26e954113..22e798900cf 100644
--- a/usr.sbin/smtpd/smtp_client.c
+++ b/usr.sbin/smtpd/smtp_client.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: smtp_client.c,v 1.11 2019/09/02 20:05:21 eric Exp $	*/
+/*	$OpenBSD: smtp_client.c,v 1.12 2019/09/10 12:08:26 eric Exp $	*/
 
 /*
  * Copyright (c) 2018 Eric Faurot <eric@openbsd.org>
@@ -168,7 +168,7 @@ smtp_cert_verified(struct smtp_client *proto, int verified)
 
 	else if (proto->params.tls_verify) {
 		errno = EAUTH;
-		smtp_client_cancel(proto, FAIL_CONN,
+		smtp_client_abort(proto, FAIL_CONN,
 		    "Invalid server certificate");
 		return;
 	}