smtp(1) certificate validation

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

smtp(1) certificate validation

Eric Faurot-3
Hi,

This patch adds the missing bits for verifying the server certificate
in smtp(1).

Eric.

Index: smtpc.c
===================================================================
RCS file: /cvs/src/usr.sbin/smtpd/smtpc.c,v
retrieving revision 1.8
diff -u -p -r1.8 smtpc.c
--- smtpc.c 2 Sep 2019 20:05:21 -0000 1.8
+++ smtpc.c 6 Sep 2019 06:39:15 -0000
@@ -20,6 +20,7 @@
 #include <sys/socket.h>
 
 #include <event.h>
+#include <limits.h>
 #include <netdb.h>
 #include <pwd.h>
 #include <resolv.h>
@@ -30,12 +31,12 @@
 #include <syslog.h>
 #include <unistd.h>
 
+#include <openssl/ssl.h>
+
 #include "smtp.h"
+#include "ssl.h"
 #include "log.h"
 
-void ssl_init(void);
-void *ssl_mta_init(void *, char *, off_t, const char *);
-
 static void parse_server(char *);
 static void parse_message(FILE *);
 static void resume(void);
@@ -47,6 +48,8 @@ static struct addrinfo *res0, *ai;
 static struct smtp_params params;
 static struct smtp_mail mail;
 
+static SSL_CTX *ssl_ctx;
+
 static void
 usage(void)
 {
@@ -132,6 +135,13 @@ main(int argc, char **argv)
  ssl_init();
  event_init();
 
+ ssl_ctx = ssl_ctx_create(NULL, NULL, 0, NULL);
+ if (!SSL_CTX_load_verify_locations(ssl_ctx, "/etc/ssl/cert.pem", NULL))
+ fatal("SSL_CTX_load_verify_locations");
+ if (!SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_client_method()))
+ fatal("SSL_CTX_set_ssl_version");
+ SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE , NULL);
+
  if (pledge("stdio inet dns tmppath", NULL) == -1)
  fatal("pledge");
 
@@ -330,20 +340,34 @@ log_trace(int lvl, const char *emsg, ...
 void
 smtp_verify_server_cert(void *tag, struct smtp_client *proto, void *ctx)
 {
- log_debug("validating server certificate...");
+ SSL *ssl = ctx;
+ X509 *cert;
+ long res;
+
+ if ((cert = SSL_get_peer_certificate(ssl))) {
+ X509_free(cert);
+ res = SSL_get_verify_result(ssl);
+ if (res == X509_V_OK) {
+ log_debug("valid certificate");
+ smtp_cert_verified(proto, CERT_OK);
+ return;
+ }
+ log_debug("certificate validation error %ld", res);
+ }
+ else
+ log_debug("no certificate provided");
 
- /* Not implemented for now. */
- smtp_cert_verified(proto, CERT_UNKNOWN);
+ smtp_cert_verified(proto, CERT_INVALID);
 }
 
 void
 smtp_require_tls(void *tag, struct smtp_client *proto)
 {
- void *ctx;
-
- ctx = ssl_mta_init(NULL, NULL, 0, NULL);
+ SSL *ssl = NULL;
 
- smtp_set_tls(proto, ctx);
+ if ((ssl = SSL_new(ssl_ctx)) == NULL)
+ fatal("SSL_new");
+ smtp_set_tls(proto, ssl);
 }
 
 void
Index: smtp/Makefile
===================================================================
RCS file: /cvs/src/usr.sbin/smtpd/smtp/Makefile,v
retrieving revision 1.2
diff -u -p -r1.2 Makefile
--- smtp/Makefile 12 Jun 2019 17:42:53 -0000 1.2
+++ smtp/Makefile 5 Sep 2019 18:42:07 -0000
@@ -13,7 +13,6 @@ SRCS+= log.c
 SRCS+= smtp_client.c
 SRCS+= smtpc.c
 SRCS+= ssl.c
-SRCS+= ssl_smtpd.c
 
 CPPFLAGS+= -DIO_TLS
 

Reply | Threaded
Open this post in threaded view
|

Re: smtp(1) certificate validation

Ross L Richardson
On Fri, Sep 06, 2019 at 08:41:21AM +0200, Eric Faurot wrote:
> Hi,
>
> This patch adds the missing bits for verifying the server certificate
> in smtp(1).
>[...]

Whilst this is a great improvement, it doesn't seem to be quite right...


For sites with valid certificates, things seem OK:

        $ ./smtp -nv -s smtps://smtp.fastmail.com
        trying host 66.111.4.139 port 465...
        valid certificate
        connection ready...
        connection closed...
        trying host 66.111.4.140 port 465...
        valid certificate
        connection ready...
        connection closed...
        done...

        $ ./smtp -nv -s smtps://mail.aussiebroadband.com.au
        trying host 202.142.142.238 port 465...
        valid certificate
        connection ready...
        connection closed...
        trying host 202.142.142.239 port 465...
        valid certificate
        connection ready...
        connection closed...
        trying host 2403:5800:1:3::25 port 465...
        valid certificate
        connection ready...
        connection closed...
        trying host 2403:5800:1:4::25 port 465...
        valid certificate
        connection ready...
        connection closed...
        done...

        $ ./smtp -nv -s smtps://mail.internode.on.net
        trying host 203.16.214.182 port 465...
        valid certificate
        connection ready...
        connection closed...
        done...


[I don't know of any mail servers with invalid certs against which
I can test, so I've tried some web servers.]

For invalid certificates, the result sometimes does not correspond with
that from nc(1):

        $ ./smtp -nv -s smtps://devio.us:https
        trying host 74.81.181.124 port 443...
        certificate validation error 10
        connection error: Invalid server certificate
        done...
        $ nc -cvz devio.us https
        Connection to devio.us 443 port [tcp/https] succeeded!
        nc: tls handshake failed (certificate verification failed: certificate has expired)

        $ ./smtp -nv -s smtps://www.nokia.com.au:https
        trying host 180.150.2.201 port 443...
        valid certificate
        ^C
        $ nc -cvz www.nokia.com.au https
        Connection to www.nokia.com.au 443 port [tcp/https] succeeded!
        nc: tls handshake failed (name `www.nokia.com.au' not present in server certificate)

        $ ./smtp -nv -s smtps://www.on.net:https
        trying host 150.101.140.197 port 443...
        valid certificate
        ^C
        $ nc -cvz www.on.net https
        Connection to www.on.net 443 port [tcp/https] succeeded!
        nc: tls handshake failed (handshake failed: error:14004410:SSL routines:CONNECT_CR_SRVR_HELLO:sslv3 alert handshake failure)


Thanks,
        Ross

Reply | Threaded
Open this post in threaded view
|

Re: smtp(1) certificate validation

Ross L Richardson

On Fri, Sep 06, 2019 at 10:58:43PM +1000, Ross L Richardson wrote:

>[...]
>
> For invalid certificates, the result sometimes does not correspond with
> that from nc(1):
>
> $ ./smtp -nv -s smtps://devio.us:https
> trying host 74.81.181.124 port 443...
> certificate validation error 10
> connection error: Invalid server certificate
> done...
> $ nc -cvz devio.us https
> Connection to devio.us 443 port [tcp/https] succeeded!
> nc: tls handshake failed (certificate verification failed: certificate has expired)
>
> $ ./smtp -nv -s smtps://www.nokia.com.au:https
> trying host 180.150.2.201 port 443...
> valid certificate
> ^C
> $ nc -cvz www.nokia.com.au https
> Connection to www.nokia.com.au 443 port [tcp/https] succeeded!
> nc: tls handshake failed (name `www.nokia.com.au' not present in server certificate)
>
>[...]

To be clear...

For proper verification, smtp(1) needs to check the name(s) of the
server certificate.


Ross

Reply | Threaded
Open this post in threaded view
|

Re: smtp(1) certificate validation

Eric Faurot-3
In reply to this post by Eric Faurot-3
On Fri, Sep 06, 2019 at 08:41:21AM +0200, Eric Faurot wrote:
> Hi,
>
> This patch adds the missing bits for verifying the server certificate
> in smtp(1).

Take two: now check the name(s) of the server certificate.

I borrowed code from libtls for now. This will be cleaned up when the
daemon is ported to libtls.


Eric.

Index: smtpc.c
===================================================================
RCS file: /cvs/src/usr.sbin/smtpd/smtpc.c,v
retrieving revision 1.8
diff -u -p -r1.8 smtpc.c
--- smtpc.c 2 Sep 2019 20:05:21 -0000 1.8
+++ smtpc.c 10 Sep 2019 14:40:25 -0000
@@ -20,6 +20,7 @@
 #include <sys/socket.h>
 
 #include <event.h>
+#include <limits.h>
 #include <netdb.h>
 #include <pwd.h>
 #include <resolv.h>
@@ -30,12 +31,12 @@
 #include <syslog.h>
 #include <unistd.h>
 
+#include <openssl/ssl.h>
+
 #include "smtp.h"
+#include "ssl.h"
 #include "log.h"
 
-void ssl_init(void);
-void *ssl_mta_init(void *, char *, off_t, const char *);
-
 static void parse_server(char *);
 static void parse_message(FILE *);
 static void resume(void);
@@ -46,6 +47,9 @@ static int noaction = 0;
 static struct addrinfo *res0, *ai;
 static struct smtp_params params;
 static struct smtp_mail mail;
+static const char *servname = NULL;
+
+static SSL_CTX *ssl_ctx;
 
 static void
 usage(void)
@@ -53,7 +57,7 @@ usage(void)
  extern char *__progname;
 
  fprintf(stderr,
-    "usage: %s [-Chnv] [-F from] [-H helo] [-s server] rcpt ...\n",
+    "usage: %s [-Chnv] [-F from] [-H helo] [-s server] [-S name] rcpt ...\n",
     __progname);
  exit(1);
 }
@@ -87,7 +91,7 @@ main(int argc, char **argv)
  memset(&mail, 0, sizeof(mail));
  mail.from = pw->pw_name;
 
- while ((ch = getopt(argc, argv, "CF:H:hns:v")) != -1) {
+ while ((ch = getopt(argc, argv, "CF:H:S:hns:v")) != -1) {
  switch (ch) {
  case 'C':
  params.tls_verify = 0;
@@ -98,6 +102,9 @@ main(int argc, char **argv)
  case 'H':
  params.helo = optarg;
  break;
+ case 'S':
+ servname = optarg;
+ break;
  case 'h':
  usage();
  break;
@@ -132,6 +139,13 @@ main(int argc, char **argv)
  ssl_init();
  event_init();
 
+ ssl_ctx = ssl_ctx_create(NULL, NULL, 0, NULL);
+ if (!SSL_CTX_load_verify_locations(ssl_ctx, "/etc/ssl/cert.pem", NULL))
+ fatal("SSL_CTX_load_verify_locations");
+ if (!SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_client_method()))
+ fatal("SSL_CTX_set_ssl_version");
+ SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE , NULL);
+
  if (pledge("stdio inet dns tmppath", NULL) == -1)
  fatal("pledge");
 
@@ -245,6 +259,9 @@ parse_server(char *server)
  if (port == NULL)
  port = "smtp";
 
+ if (servname == NULL)
+ servname = host;
+
  memset(&hints, 0, sizeof(hints));
  hints.ai_family = AF_UNSPEC;
  hints.ai_socktype = SOCK_STREAM;
@@ -330,20 +347,42 @@ log_trace(int lvl, const char *emsg, ...
 void
 smtp_verify_server_cert(void *tag, struct smtp_client *proto, void *ctx)
 {
- log_debug("validating server certificate...");
+ SSL *ssl = ctx;
+ X509 *cert;
+ long res;
+ int r, match;
+
+ if ((cert = SSL_get_peer_certificate(ssl))) {
+ r = ssl_check_name(cert, servname, &match);
+ X509_free(cert);
+ res = SSL_get_verify_result(ssl);
+ if (res == X509_V_OK) {
+ if (match) {
+ log_debug("valid certificate");
+ smtp_cert_verified(proto, CERT_OK);
+ }
+ else {
+ log_debug("certificate does not match hostname");
+ smtp_cert_verified(proto, CERT_INVALID);
+ }
+ return;
+ }
+ log_debug("certificate validation error %ld", res);
+ }
+ else
+ log_debug("no certificate provided");
 
- /* Not implemented for now. */
- smtp_cert_verified(proto, CERT_UNKNOWN);
+ smtp_cert_verified(proto, CERT_INVALID);
 }
 
 void
 smtp_require_tls(void *tag, struct smtp_client *proto)
 {
- void *ctx;
-
- ctx = ssl_mta_init(NULL, NULL, 0, NULL);
+ SSL *ssl = NULL;
 
- smtp_set_tls(proto, ctx);
+ if ((ssl = SSL_new(ssl_ctx)) == NULL)
+ fatal("SSL_new");
+ smtp_set_tls(proto, ssl);
 }
 
 void
Index: ssl.h
===================================================================
RCS file: /cvs/src/usr.sbin/smtpd/ssl.h,v
retrieving revision 1.20
diff -u -p -r1.20 ssl.h
--- ssl.h 21 Apr 2016 14:27:41 -0000 1.20
+++ ssl.h 10 Sep 2019 14:37:36 -0000
@@ -65,3 +65,6 @@ int ssl_ctx_fake_private_key(SSL_CTX *,
 
 /* ssl_privsep.c */
 int ssl_by_mem_ctrl(X509_LOOKUP *, int, const char *, long, char **);
+
+/* ssl_verify.c */
+int ssl_check_name(X509 *, const char *, int *);
Index: ssl_verify.c
===================================================================
RCS file: ssl_verify.c
diff -N ssl_verify.c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ ssl_verify.c 10 Sep 2019 14:43:39 -0000
@@ -0,0 +1,296 @@
+/* $OpenBSD: tls_verify.c,v 1.20 2018/02/05 00:52:24 jsing Exp $ */
+/*
+ * Copyright (c) 2014 Jeremie Courreges-Anglas <[hidden email]>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* Adapted from lib/libtls/tls_verify.c */
+
+
+#include <sys/socket.h>
+
+#include <arpa/inet.h>
+#include <netinet/in.h>
+
+#include <limits.h>
+#include <string.h>
+
+#include <openssl/x509v3.h>
+
+#if 0
+#include <tls.h>
+#include "tls_internal.h"
+#endif
+
+#include "ssl.h"
+#include "log.h"
+
+struct tls;
+#define tls_set_errorx(ctx, ...) log_warnx(__VA_ARGS__)
+union tls_addr {
+ struct in_addr in;
+ struct in6_addr in6;
+};
+
+static int
+tls_match_name(const char *cert_name, const char *name)
+{
+ const char *cert_domain, *domain, *next_dot;
+
+ if (strcasecmp(cert_name, name) == 0)
+ return 0;
+
+ /* Wildcard match? */
+ if (cert_name[0] == '*') {
+ /*
+ * Valid wildcards:
+ * - "*.domain.tld"
+ * - "*.sub.domain.tld"
+ * - etc.
+ * Reject "*.tld".
+ * No attempt to prevent the use of eg. "*.co.uk".
+ */
+ cert_domain = &cert_name[1];
+ /* Disallow "*"  */
+ if (cert_domain[0] == '\0')
+ return -1;
+ /* Disallow "*foo" */
+ if (cert_domain[0] != '.')
+ return -1;
+ /* Disallow "*.." */
+ if (cert_domain[1] == '.')
+ return -1;
+ next_dot = strchr(&cert_domain[1], '.');
+ /* Disallow "*.bar" */
+ if (next_dot == NULL)
+ return -1;
+ /* Disallow "*.bar.." */
+ if (next_dot[1] == '.')
+ return -1;
+
+ domain = strchr(name, '.');
+
+ /* No wildcard match against a name with no host part. */
+ if (name[0] == '.')
+ return -1;
+ /* No wildcard match against a name with no domain part. */
+ if (domain == NULL || strlen(domain) == 1)
+ return -1;
+
+ if (strcasecmp(cert_domain, domain) == 0)
+ return 0;
+ }
+
+ return -1;
+}
+
+/*
+ * See RFC 5280 section 4.2.1.6 for SubjectAltName details.
+ * alt_match is set to 1 if a matching alternate name is found.
+ * alt_exists is set to 1 if any known alternate name exists in the certificate.
+ */
+static int
+tls_check_subject_altname(struct tls *ctx, X509 *cert, const char *name,
+    int *alt_match, int *alt_exists)
+{
+ STACK_OF(GENERAL_NAME) *altname_stack = NULL;
+ union tls_addr addrbuf;
+ int addrlen, type;
+ int count, i;
+ int rv = 0;
+
+ *alt_match = 0;
+ *alt_exists = 0;
+
+ altname_stack = X509_get_ext_d2i(cert, NID_subject_alt_name,
+    NULL, NULL);
+ if (altname_stack == NULL)
+ return 0;
+
+ if (inet_pton(AF_INET, name, &addrbuf) == 1) {
+ type = GEN_IPADD;
+ addrlen = 4;
+ } else if (inet_pton(AF_INET6, name, &addrbuf) == 1) {
+ type = GEN_IPADD;
+ addrlen = 16;
+ } else {
+ type = GEN_DNS;
+ addrlen = 0;
+ }
+
+ count = sk_GENERAL_NAME_num(altname_stack);
+ for (i = 0; i < count; i++) {
+ GENERAL_NAME *altname;
+
+ altname = sk_GENERAL_NAME_value(altname_stack, i);
+
+ if (altname->type == GEN_DNS || altname->type == GEN_IPADD)
+ *alt_exists = 1;
+
+ if (altname->type != type)
+ continue;
+
+ if (type == GEN_DNS) {
+ unsigned char *data;
+ int format, len;
+
+ format = ASN1_STRING_type(altname->d.dNSName);
+ if (format == V_ASN1_IA5STRING) {
+ data = ASN1_STRING_data(altname->d.dNSName);
+ len = ASN1_STRING_length(altname->d.dNSName);
+
+ if (len < 0 || (size_t)len != strlen(data)) {
+ tls_set_errorx(ctx,
+    "error verifying name '%s': "
+    "NUL byte in subjectAltName, "
+    "probably a malicious certificate",
+    name);
+ rv = -1;
+ break;
+ }
+
+ /*
+ * Per RFC 5280 section 4.2.1.6:
+ * " " is a legal domain name, but that
+ * dNSName must be rejected.
+ */
+ if (strcmp(data, " ") == 0) {
+ tls_set_errorx(ctx,
+    "error verifying name '%s': "
+    "a dNSName of \" \" must not be "
+    "used", name);
+ rv = -1;
+ break;
+ }
+
+ if (tls_match_name(data, name) == 0) {
+ *alt_match = 1;
+ break;
+ }
+ } else {
+#ifdef DEBUG
+ fprintf(stdout, "%s: unhandled subjectAltName "
+    "dNSName encoding (%d)\n", getprogname(),
+    format);
+#endif
+ }
+
+ } else if (type == GEN_IPADD) {
+ unsigned char *data;
+ int datalen;
+
+ datalen = ASN1_STRING_length(altname->d.iPAddress);
+ data = ASN1_STRING_data(altname->d.iPAddress);
+
+ if (datalen < 0) {
+ tls_set_errorx(ctx,
+    "Unexpected negative length for an "
+    "IP address: %d", datalen);
+ rv = -1;
+ break;
+ }
+
+ /*
+ * Per RFC 5280 section 4.2.1.6:
+ * IPv4 must use 4 octets and IPv6 must use 16 octets.
+ */
+ if (datalen == addrlen &&
+    memcmp(data, &addrbuf, addrlen) == 0) {
+ *alt_match = 1;
+ break;
+ }
+ }
+ }
+
+ sk_GENERAL_NAME_pop_free(altname_stack, GENERAL_NAME_free);
+ return rv;
+}
+
+static int
+tls_check_common_name(struct tls *ctx, X509 *cert, const char *name,
+    int *cn_match)
+{
+ X509_NAME *subject_name;
+ char *common_name = NULL;
+ union tls_addr addrbuf;
+ int common_name_len;
+ int rv = 0;
+
+ *cn_match = 0;
+
+ subject_name = X509_get_subject_name(cert);
+ if (subject_name == NULL)
+ goto done;
+
+ common_name_len = X509_NAME_get_text_by_NID(subject_name,
+    NID_commonName, NULL, 0);
+ if (common_name_len < 0)
+ goto done;
+
+ common_name = calloc(common_name_len + 1, 1);
+ if (common_name == NULL)
+ goto done;
+
+ X509_NAME_get_text_by_NID(subject_name, NID_commonName, common_name,
+    common_name_len + 1);
+
+ /* NUL bytes in CN? */
+ if (common_name_len < 0 ||
+    (size_t)common_name_len != strlen(common_name)) {
+ tls_set_errorx(ctx, "error verifying name '%s': "
+    "NUL byte in Common Name field, "
+    "probably a malicious certificate", name);
+ rv = -1;
+ goto done;
+ }
+
+ /*
+ * We don't want to attempt wildcard matching against IP addresses,
+ * so perform a simple comparison here.
+ */
+ if (inet_pton(AF_INET,  name, &addrbuf) == 1 ||
+    inet_pton(AF_INET6, name, &addrbuf) == 1) {
+ if (strcmp(common_name, name) == 0)
+ *cn_match = 1;
+ goto done;
+ }
+
+ if (tls_match_name(common_name, name) == 0)
+ *cn_match = 1;
+
+ done:
+ free(common_name);
+ return rv;
+}
+
+int
+ssl_check_name(X509 *cert, const char *name, int *match)
+{
+ int alt_exists;
+
+ *match = 0;
+
+ if (tls_check_subject_altname(NULL, cert, name, match,
+    &alt_exists) == -1)
+ return -1;
+
+ /*
+ * As per RFC 6125 section 6.4.4, if any known alternate name existed
+ * in the certificate, we do not attempt to match on the CN.
+ */
+ if (*match || alt_exists)
+ return 0;
+
+ return tls_check_common_name(NULL, cert, name, match);
+}
Index: smtp/Makefile
===================================================================
RCS file: /cvs/src/usr.sbin/smtpd/smtp/Makefile,v
retrieving revision 1.2
diff -u -p -r1.2 Makefile
--- smtp/Makefile 12 Jun 2019 17:42:53 -0000 1.2
+++ smtp/Makefile 10 Sep 2019 14:39:32 -0000
@@ -13,7 +13,7 @@ SRCS+= log.c
 SRCS+= smtp_client.c
 SRCS+= smtpc.c
 SRCS+= ssl.c
-SRCS+= ssl_smtpd.c
+SRCS+= ssl_verify.c
 
 CPPFLAGS+= -DIO_TLS
 

Reply | Threaded
Open this post in threaded view
|

Re: smtp(1) certificate validation

Stuart Henderson
> + if (!SSL_CTX_load_verify_locations(ssl_ctx, "/etc/ssl/cert.pem", NULL))

shouldn't that use X509_get_default_cert_file()?

Reply | Threaded
Open this post in threaded view
|

Re: smtp(1) certificate validation

Eric Faurot-3
On Tue, Sep 10, 2019 at 06:12:12PM +0100, Stuart Henderson wrote:
> > + if (!SSL_CTX_load_verify_locations(ssl_ctx, "/etc/ssl/cert.pem", NULL))
>
> shouldn't that use X509_get_default_cert_file()?

Yes, that looks better.
Updated locally.

Eric.

Reply | Threaded
Open this post in threaded view
|

Re: smtp(1) certificate validation

Ross L Richardson
In reply to this post by Eric Faurot-3
Eric,

On Tue, Sep 10, 2019 at 05:38:30PM +0200, Eric Faurot wrote:
> On Fri, Sep 06, 2019 at 08:41:21AM +0200, Eric Faurot wrote:
> > Hi,
> >
> > This patch adds the missing bits for verifying the server certificate
> > in smtp(1).
>
> Take two: now check the name(s) of the server certificate.
>[...]

With that patch [plus sthen@'s], smtp now behaves correctly for
my test cases.

Thanks very much,
        Ross