Bug 625657

Summary: SuSEconfig.postfix and smtp_use_tls
Product: [openSUSE] openSUSE 11.3 Reporter: p e <peter.ertel>
Component: YaST2Assignee: Peter Varkoly <varkoly>
Status: VERIFIED FIXED QA Contact: Jiri Srain <jsrain>
Severity: Critical    
Priority: P5 - None    
Version: Final   
Target Milestone: ---   
Hardware: 64bit   
OS: openSUSE 11.3   
Whiteboard: .
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Deadline: 2010-09-20   

Description p e 2010-07-26 18:17:24 UTC 
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.2; de-DE; rv:1.9.2.7) Gecko/20100713 Firefox/3.6.7 (.NET CLR 3.5.30729)

SuSEconfig assigns smtp_use_tls=no if TLS certificates are configured. See 11.2 for reference.

# diff /sbin/conf.d/SuSEconfig.postfix.modified /sbin/conf.d/SuSEconfig.postfix
563c563
<     if test "$POSTFIX_SMTP_TLS_CLIENT" == "yes"; then
---
>     if test "$POSTFIX_SMTP_TLS_CLIENT" != "yes"; then

Reproducible: Always

Steps to Reproduce:
1. POSTFIX_SMTP_TLS_CLIENT="yes"
2. run SuSEconfig
Actual Results:  
First the value is set correctly 

if test "$POSTFIX_SMTP_TLS_CLIENT" == "yes"; then
            $PCONF -e "smtp_use_tls = yes"
            $PCONF -e "smtp_enforce_tls = no"
fi

but then it fails on

    if test "$POSTFIX_SMTP_TLS_CLIENT" != "yes"; then
        test -s "$POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE" && \
...
    else
        $PCONF -e "smtp_use_tls = no"
    fi
Comment 1 Peter Varkoly 2010-07-30 12:07:39 UTC 
Thank you for your report. Problem is fixed:
--- SuSEconfig.postfix	2010-07-06 17:01:13.000000000 +0200
+++ SuSEconfig.postfix-new	2010-07-30 14:11:36.000000000 +0200
@@ -578,7 +578,7 @@
 	    $PCONF -e "smtp_use_tls = yes"
 	    $PCONF -e "smtp_enforce_tls = yes"
     fi
-    if test "$POSTFIX_SMTP_TLS_CLIENT" != "yes"; then
+    if test "$POSTFIX_SMTP_TLS_CLIENT" = "yes" -o "$POSTFIX_SMTP_TLS_CLIENT" = "must" ; then
 	test -s "$POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE" && \
 	    $PCONF -e "smtp_tls_CAfile = $POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE"
 	test -s "$POSTFIX_SSL_PATH/$POSTFIX_TLS_CERTFILE" && \
b
Comment 8 Swamp Workflow Management 2010-08-23 13:13:53 UTC 
The SWAMPID for this issue is 35356.
This issue was rated as low.
Please submit fixed packages until 2010-09-20.
Also create a patchinfo file using this link:
https://swamp.suse.de/webswamp/wf/35356
Comment 9 Christian Dengler 2010-08-23 13:20:09 UTC 
Be so kind and submit the sources for openSUSE
Comment 11 Swamp Workflow Management 2010-09-21 12:28:22 UTC 
Update released for: postfix, postfix-debuginfo, postfix-debugsource, postfix-devel, postfix-doc, postfix-mysql, postfix-mysql-debuginfo, postfix-postgresql, postfix-postgresql-debuginfo, yast2-mail, yast2-mail-plugins
Products:
openSUSE 11.3 (debug, i586, x86_64)
Comment 12 Peter Varkoly 2010-09-27 11:24:45 UTC 
update released
Comment 13 Peter Varkoly 2011-03-17 11:31:49 UTC 
this bug do not concern SLE11 and SLE11-SP1
Comment 14 Bernhard Wiedemann 2016-04-15 12:52:10 UTC 
This is an autogenerated message for OBS integration:
This bug (625657) was mentioned in
https://build.opensuse.org/request/show/45513 Factory / postfix
https://build.opensuse.org/request/show/45514 11.3:Test / postfix