From 2d0f6bd5d71af2c56b94852912c0b7cd56af3fbd Mon Sep 17 00:00:00 2001
From: eric <eric@openbsd.org>
Date: Tue, 10 Sep 2019 12:08:26 +0000
Subject: [PATCH] immediatly close the connection if the cert is not valid,
 rather than ending the smtp session.

ok gilles@
---
 usr.sbin/smtpd/smtp_client.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/usr.sbin/smtpd/smtp_client.c b/usr.sbin/smtpd/smtp_client.c
index 7a26e954113..22e798900cf 100644
--- a/usr.sbin/smtpd/smtp_client.c
+++ b/usr.sbin/smtpd/smtp_client.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: smtp_client.c,v 1.11 2019/09/02 20:05:21 eric Exp $	*/
+/*	$OpenBSD: smtp_client.c,v 1.12 2019/09/10 12:08:26 eric Exp $	*/
 
 /*
  * Copyright (c) 2018 Eric Faurot <eric@openbsd.org>
@@ -168,7 +168,7 @@ smtp_cert_verified(struct smtp_client *proto, int verified)
 
 	else if (proto->params.tls_verify) {
 		errno = EAUTH;
-		smtp_client_cancel(proto, FAIL_CONN,
+		smtp_client_abort(proto, FAIL_CONN,
 		    "Invalid server certificate");
 		return;
 	}
-- 
2.20.1