priorize CertificateChecks setting from user over the one from provider-db (#2749)

* priorize CertificateChecks setting from user over the one from provider-db * avoid some duplicate code * remove questionable comment
2026-04-27 02:16:29 +03:00 · 2021-10-13 21:45:51 +02:00
parent 6061d71492
commit 0caea85d16
1 changed files with 17 additions and 12 deletions
--- a/src/configure.rs
+++ b/src/configure.rs
@@ -290,12 +290,7 @@ async fn configure(ctx: &Context, param: &mut LoginParam) -> Result<()> {
            port: param.imap.port,
            socket: param.imap.security,
            username: param.imap.user.clone(),
-            strict_tls: match param.imap.certificate_checks {
-                CertificateChecks::Automatic => None,
-                CertificateChecks::Strict => Some(true),
-                CertificateChecks::AcceptInvalidCertificates2
-                | CertificateChecks::AcceptInvalidCertificates => Some(false),
-            },
+            strict_tls: None,
        })
    }
    if !servers
@@ -308,14 +303,24 @@ async fn configure(ctx: &Context, param: &mut LoginParam) -> Result<()> {
            port: param.smtp.port,
            socket: param.smtp.security,
            username: param.smtp.user.clone(),
-            strict_tls: match param.smtp.certificate_checks {
-                CertificateChecks::Automatic => None,
-                CertificateChecks::Strict => Some(true),
-                CertificateChecks::AcceptInvalidCertificates2
-                | CertificateChecks::AcceptInvalidCertificates => Some(false),
-            },
+            strict_tls: None,
        })
    }
+
+    // respect certificate setting from function parameters
+    for mut server in &mut servers {
+        let certificate_checks = match server.protocol {
+            Protocol::Imap => param.imap.certificate_checks,
+            Protocol::Smtp => param.smtp.certificate_checks,
+        };
+        server.strict_tls = match certificate_checks {
+            CertificateChecks::AcceptInvalidCertificates
+            | CertificateChecks::AcceptInvalidCertificates2 => Some(false),
+            CertificateChecks::Strict => Some(true),
+            CertificateChecks::Automatic => server.strict_tls,
+        };
+    }
+
    let servers = expand_param_vector(servers, &param.addr, &param_domain);

    progress!(ctx, 550);