tls_out.dane_verified = FALSE;
tls_out.tlsa_usage = 0;
- dane_required = verify_check_this_host(&ob->hosts_require_dane, NULL,
- host->name, host->address, NULL) == OK;
+ dane_required =
+ verify_check_given_host(&ob->hosts_require_dane, host) == OK;
if (host->dnssec == DS_YES)
{
if( dane_required
- || verify_check_this_host(&ob->hosts_try_dane, NULL,
- host->name, host->address, NULL) == OK
+ || verify_check_given_host(&ob->hosts_try_dane, host) == OK
)
if ((rc = tlsa_lookup(host, &tlsa_dnsa, dane_required, &dane)) != OK)
return rc;
goto RESPONSE_FAILED;
#ifdef EXPERIMENTAL_EVENT
+ lookup_dnssec_authenticated = host->dnssec==DS_YES ? US"yes"
+ : host->dnssec==DS_NO ? US"no" : NULL;
if (event_raise(addr->transport->event_action,
US"smtp:connect", responsebuffer))
{
+ lookup_dnssec_authenticated = NULL;
/* Logging? Debug? */
goto RESPONSE_FAILED;
}
+ lookup_dnssec_authenticated = NULL;
#endif
}
/* Not worth checking greeting line for ESMTP support */
- if (!(esmtp = verify_check_this_host(&(ob->hosts_avoid_esmtp), NULL,
- host->name, host->address, NULL) != OK))
+ if (!(esmtp = verify_check_given_host(&(ob->hosts_avoid_esmtp), host) != OK))
DEBUG(D_transport)
debug_printf("not sending EHLO (host matches hosts_avoid_esmtp)\n");
for error analysis. */
#ifdef SUPPORT_TLS
- if (tls_offered &&
- verify_check_this_host(&(ob->hosts_avoid_tls), NULL, host->name,
- host->address, NULL) != OK &&
- verify_check_this_host(&(ob->hosts_verify_avoid_tls), NULL, host->name,
- host->address, NULL) != OK
+ if ( tls_offered
+ && verify_check_given_host(&ob->hosts_avoid_tls, host) != OK
+ && verify_check_given_host(&ob->hosts_verify_avoid_tls, host) != OK
)
{
uschar buffer2[4096];
if ( rc == DEFER
&& ob->tls_tempfail_tryclear
&& !smtps
- && verify_check_this_host(&(ob->hosts_require_tls), NULL,
- host->name, host->address, NULL) != OK
+ && verify_check_given_host(&ob->hosts_require_tls, host) != OK
)
{
(void)close(inblock.sock);
#ifdef EXPERIMENTAL_DANE
dane ||
#endif
- verify_check_this_host(&(ob->hosts_require_tls), NULL, host->name,
- host->address, NULL) == OK
+ verify_check_given_host(&ob->hosts_require_tls, host) == OK
)
{
/*save_errno = ERRNO_TLSREQUIRED;*/
+/*************************************************
+* Check the given host item matches a list *
+*************************************************/
+int
+verify_check_given_host(uschar **listptr, host_item *host)
+{
+return verify_check_this_host(listptr, NULL, host->name, host->address, NULL);
+}
+
/*************************************************
* Check the remote host matches a list *
*************************************************/