TLS: avoid calling smtp_auth_acl on client cert when no tls authenticator is configured
authorJeremy Harris <jgh146exb@wizmail.org>
Wed, 29 Nov 2017 23:22:34 +0000 (23:22 +0000)
committerJeremy Harris <jgh146exb@wizmail.org>
Thu, 30 Nov 2017 00:27:26 +0000 (00:27 +0000)
src/src/smtp_in.c

index 1f1e7ddd4ac9e9964068f8cb3100c1c3f72b772b..28586f33d290a32a52e2bbea8af17c112a622ee7 100644 (file)
@@ -3849,24 +3849,24 @@ while (done <= 0)
      )
     {
     cmd_list[CMD_LIST_TLS_AUTH].is_mail_cmd = FALSE;
-    if (  acl_smtp_auth
-       && (rc = acl_check(ACL_WHERE_AUTH, NULL, acl_smtp_auth,
-                 &user_msg, &log_msg)) != OK
-       )
-      {
-      done = smtp_handle_acl_fail(ACL_WHERE_AUTH, rc, user_msg, log_msg);
-      continue;
-      }
 
     for (au = auths; au; au = au->next)
       if (strcmpic(US"tls", au->driver_name) == 0)
        {
-       smtp_cmd_data = NULL;
-
-       if (smtp_in_auth(au, &s, &ss) == OK)
-         { DEBUG(D_auth) debug_printf("tls auth succeeded\n"); }
+       if (  acl_smtp_auth
+          && (rc = acl_check(ACL_WHERE_AUTH, NULL, acl_smtp_auth,
+                     &user_msg, &log_msg)) != OK
+          )
+         done = smtp_handle_acl_fail(ACL_WHERE_AUTH, rc, user_msg, log_msg);
        else
-         { DEBUG(D_auth) debug_printf("tls auth not succeeded\n"); }
+         {
+         smtp_cmd_data = NULL;
+
+         if (smtp_in_auth(au, &s, &ss) == OK)
+           { DEBUG(D_auth) debug_printf("tls auth succeeded\n"); }
+         else
+           { DEBUG(D_auth) debug_printf("tls auth not succeeded\n"); }
+         }
        break;
        }
     }