starttls.c 845 Bytes
Newer Older
1
/** \file starttls.c - collect common TLS functionality
2
 * \author Matthias Andree
3
 * \date 2006
4 5 6 7
 */

#include "fetchmail.h"

8 9
#include <string.h>

10 11 12 13
#ifdef HAVE_STRINGS_H
#include <strings.h>
#endif

14 15
/** return true if user allowed opportunistic STARTTLS/STLS */
int maybe_starttls(struct query *ctl) {
16 17
#ifdef SSL_ENABLE
         /* opportunistic  or forced TLS */
18
    return (!ctl->sslproto || strlen(ctl->sslproto))
19 20
	&& !ctl->use_ssl;
#else
21
    (void)ctl;
22 23 24 25
    return 0;
#endif
}

26 27 28
/** return true if user requires STARTTLS/STLS, note though that this
 * code must always use a logical AND with maybe_tls(). */
int must_starttls(struct query *ctl) {
29
#ifdef SSL_ENABLE
30
    return maybe_starttls(ctl)
31 32 33
	&& (ctl->sslfingerprint || ctl->sslcertck
		|| (ctl->sslproto && !strcasecmp(ctl->sslproto, "tls1")));
#else
34
    (void)ctl;
35 36 37
    return 0;
#endif
}