fedi/akkoma
1
0
Fork 0
mirror of https://akkoma.dev/AkkomaGang/akkoma.git synced 2025-01-10 09:30:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request 'Set customize_hostname_check for Swoosh.Adapters.SMTP' (#861) from norm/akkoma:smtp-defaults-fix into develop

Browse source 
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/861
This commit is contained in:
floatingghost 2025-01-05 15:43:16 +00:00
parent 3ba743d635 f19d5d1380
commit 39cef8b8d2
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
lib/pleroma/emails/mailer.ex
View file

@ -84,8 +84,14 @@ defmodule Pleroma.Emails.Mailer do
cacerts: os_cacerts, cacerts: os_cacerts,
versions: [:"tlsv1.2", :"tlsv1.3"], versions: [:"tlsv1.2", :"tlsv1.3"],
verify: :verify_peer, verify: :verify_peer,
# some versions have supposedly issues verifying wildcard certs without this
server_name_indication: relay, server_name_indication: relay,
# This allows wildcard ceritifcates to be verified properly.
# The :https parameter simply means to use the HTTPS wildcard format
# (as opposed to say LDAP). SMTP servers tend to use the same type of
# certs as HTTPS ones so this should work for most.
customize_hostname_check: [
match_fun: :public_key.pkix_verify_hostname_match_fun(:https)
],
# the default of 10 is too restrictive # the default of 10 is too restrictive
depth: 32 depth: 32
] ]