Issue #8578: EPN: SMTP client downgrade smtp_security from `starttls` to `none` - freeipa

freeipa

#8578 EPN: SMTP client downgrade smtp_security from `starttls` to `none`

Closed: fixed 3 years ago by rcritten. Opened 3 years ago by slev.

If an administrator requests smtp_security=starttls via epn.conf, but SMTP server disables STARTTLS, then EPN downgrade security to none, which means plain text. The administrator doesn't expect such behavior.

abbra commented 3 years ago

master:

be006ad ipatests: Respect platform's openssl dir
94adee3 EPN: Don't downgrade security
977063a test_epn: Standardize EPN configs for deduplication
32aa154 EPN: Enable certificate validation and hostname checking
17f430e EPN: Allow authentication by SMTP client's certificate
82e6900 ipatests: Collect EPN log for debugging

rcritten commented 3 years ago

ipa-4-8:

1f0c5cc ipatests: Respect platform's openssl dir
9b756a7 EPN: Don't downgrade security
3c83c98 test_epn: Standardize EPN configs for deduplication
119ebed EPN: Enable certificate validation and hostname checking
058d51f EPN: Allow authentication by SMTP client's certificate
461b463 ipatests: Collect EPN log for debugging

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

3 years ago

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

None

affects_doc

None

source

None

knownissue

None

type

None

blockedby

None

test_case

None

component

None

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

None

tester

None

changelog

None

design

None

freeipa

Source Code

#8578 EPN: SMTP client downgrade smtp_security from `starttls` to `none` Closed: fixed 3 years ago by rcritten. Opened 3 years ago by slev.

Metadata

#8578 EPN: SMTP client downgrade smtp_security from `starttls` to `none`

Closed: fixed 3 years ago by rcritten. Opened 3 years ago by slev.