-
-
Notifications
You must be signed in to change notification settings - Fork 197
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Lettre panics when there is an invalid certificate or invalid hostname match #678
Comments
Very strange. When compiling with The lettre/src/transport/smtp/client/net.rs Line 132 in af157c5
lettre/src/transport/smtp/client/async_net.rs Line 222 in af157c5
lettre/src/transport/smtp/client/async_net.rs Line 245 in af157c5
taking the connection out and not caring to put the connection back into |
Quick fix people! |
- Fixed a bug in JavaScript which caused no messages to be shown to the user in-case of an error send by the server. - Changed mail error handling for better error messages - Changed user/org actions from a to buttons, this should prevent strange issues in-case of javascript issues and the page does re-load. - Added Alpine and Debian info for the running docker image During the mail error testing i encountered a bug which caused lettre to panic. This panic only happens on debug builds and not release builds, so no need to update anything on that part. This bug is also already fixed. See lettre/lettre#678 and lettre/lettre#679 Resolves dani-garcia#2021 Could also fix the issue reported here dani-garcia#2022, or at least no hash `#` in the url.
- Decreased `recursion_limit` from 512 to 87 Mainly done by optimizing the config macro's. This fixes an issue with the rust-analyzer which doesn't go beyond 128 - Removed Regex for masking sensitive values and replaced it with a map() This is much faster then using a Regex. - Refactored the get_support_json macro's - All items above also lowered the binary size and possibly compile-time - Removed `_conn: DbConn` from several functions, these caused unnecessary database connections for functions who didn't used that at all - Decreased json response for `/plans` - Updated libraries and where needed some code changes This also fixes some rare issues with SMTP lettre/lettre#678 - Using Rust 2021 instead of 2018 - Updated rust nightly
- Decreased `recursion_limit` from 512 to 87 Mainly done by optimizing the config macro's. This fixes an issue with the rust-analyzer which doesn't go beyond 128 - Removed Regex for masking sensitive values and replaced it with a map() This is much faster then using a Regex. - Refactored the get_support_json macro's - All items above also lowered the binary size and possibly compile-time - Removed `_conn: DbConn` from several functions, these caused unnecessary database connections for functions who didn't used that at all - Decreased json response for `/plans` - Updated libraries and where needed some code changes This also fixes some rare issues with SMTP lettre/lettre#678 - Using Rust 2021 instead of 2018 - Updated rust nightly
When using STARTTLS and having a wrong host (or by using an IP) which doesn't match the one in the certificate a panic is generated.
To Reproduce
Make a connection to a STARTTLS enabled mail server, but instead of using the DNS/Hostname use it's IP instead.
Expected behavior
No panic, but a nice error which can be caught.
I know in the past this worked fine.
Environment (please complete the following information):
0.10.0-rc.3
andaf157c5f2663d52aed1f3680ba72dc1c7f9fe6ec
(Also0.10.0-rc.2
and0.10.0-rc.1
)lettre = { version = "0.10.0-rc.3", features = ["smtp-transport", "builder", "serde", "native-tls", "hostname", "tracing"], default-features = false }
Backtrace
The text was updated successfully, but these errors were encountered: