TL;DR: if so, please help me test against branch `kevin/336-smtp-client-cert`.
Gitlab #336 <https://gitlab.com/muttmua/mutt/-/issues/336> reported a problem using this for authentication to a Postfix SMTP server.
The problem seemed to be the OpenSSL / GnuTLS client cert code was calling mutt_account_getuser(). First this makes no sense (to me) because they are authenticated via cert. But second, if the user is set, the SMTP code would then force authentication. The server didn't advertise AUTH (again, because they are already authenticated), so Mutt would abort.
I've posted a still work-in-progress commit to branch `kevin/336-smtp-client-cert` which fixes the issue for the reporter.
However, I'm concerned this *might* impact other use cases. It's not clear to me how/why SASL "external" would be involved in this. But the comment in the SSL/GnuTLS code indicated it could be, and might expect the user field.
It would seem to me more obvious to just add the call to the beginning of imap_auth_sasl() if that's the case though. :-/
Anyway, if you are using this, I'd appreciate help testing. Thank you! -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
signature.asc
Description: PGP signature
