diff options
author | Andrew Fontaine <andrew@afontaine.ca> | 2020-07-20 08:54:18 -0400 |
---|---|---|
committer | Robert Helgesson <robert@rycee.net> | 2020-08-13 21:36:31 +0200 |
commit | baea46c5acbb4a5be9b109d8ce06d2aec197353f (patch) | |
tree | 1b210b26606902e764e09d920282d986c7e38414 | |
parent | fceef469c2ec99232d847f1d9d6b32665d915bbb (diff) |
git: set SSL if useStartTls is false
The git-send-email [0] script uses StartTLS if `smtpEncryption` is set
to `tls`, which can break services that don't support StartTLS.
[0]: https://github.com/git/git/blob/bd42bbe1a46c0fe486fc33e82969275e27e4dc19/git-send-email.perl#L1533
PR #1395
-rw-r--r-- | doc/release-notes/rl-2009.adoc | 2 | ||||
-rw-r--r-- | modules/programs/git.nix | 9 | ||||
-rw-r--r-- | tests/modules/accounts/email-test-accounts.nix | 1 | ||||
-rw-r--r-- | tests/modules/programs/git/git-with-email-expected.conf | 2 | ||||
-rw-r--r-- | tests/modules/programs/git/git-with-email.nix | 2 |
5 files changed, 14 insertions, 2 deletions
diff --git a/doc/release-notes/rl-2009.adoc b/doc/release-notes/rl-2009.adoc index 0562e046d8d..7657033f105 100644 --- a/doc/release-notes/rl-2009.adoc +++ b/doc/release-notes/rl-2009.adoc @@ -43,3 +43,5 @@ $ nix-shell '<home-manager>' -A install will automatically include these options, when necessary. -- + +* Git's `smtpEncryption` option is now set to `tls` only if both <<opt-accounts.email.accounts.\_name_.smtp.tls.enable>> and <<opt-accounts.email.accounts.\_name_.smtp.tls.useStartTls>> are `true`. If only <<opt-accounts.email.accounts.\_name_.smtp.tls.enable>> is `true`, `ssl` is used instead. diff --git a/modules/programs/git.nix b/modules/programs/git.nix index a174fa0c4ee..312269de316 100644 --- a/modules/programs/git.nix +++ b/modules/programs/git.nix @@ -277,7 +277,14 @@ in { genIdentity = name: account: with account; nameValuePair "sendemail.${name}" ({ - smtpEncryption = if smtp.tls.enable then "tls" else ""; + smtpEncryption = if smtp.tls.enable then + (if smtp.tls.useStartTls + || versionOlder config.home.stateVersion "20.09" then + "tls" + else + "ssl") + else + ""; smtpServer = smtp.host; smtpUser = userName; from = address; diff --git a/tests/modules/accounts/email-test-accounts.nix b/tests/modules/accounts/email-test-accounts.nix index 9c9c90cf8fe..9a4e0b8e72f 100644 --- a/tests/modules/accounts/email-test-accounts.nix +++ b/tests/modules/accounts/email-test-accounts.nix @@ -21,6 +21,7 @@ passwordCommand = "password-command 2"; imap.host = "imap.example.org"; smtp.host = "smtp.example.org"; + smtp.tls.useStartTls = true; }; }; }; diff --git a/tests/modules/programs/git/git-with-email-expected.conf b/tests/modules/programs/git/git-with-email-expected.conf index 44035a23c47..f48b7c33334 100644 --- a/tests/modules/programs/git/git-with-email-expected.conf +++ b/tests/modules/programs/git/git-with-email-expected.conf @@ -6,7 +6,7 @@ [sendemail "hm@example.com"] from = "hm@example.com" - smtpEncryption = "tls" + smtpEncryption = "ssl" smtpServer = "smtp.example.com" smtpUser = "home.manager" diff --git a/tests/modules/programs/git/git-with-email.nix b/tests/modules/programs/git/git-with-email.nix index ca577eef4d3..d7ed7e185de 100644 --- a/tests/modules/programs/git/git-with-email.nix +++ b/tests/modules/programs/git/git-with-email.nix @@ -13,6 +13,8 @@ with lib; userName = "H. M. Test"; }; + home.stateVersion = "20.09"; + nmt.script = '' function assertGitConfig() { local value |