(void *)offsetof(smtp_transport_options_block, connect_timeout) },
{ "connection_max_messages", opt_int | opt_public,
(void *)offsetof(transport_instance, connection_max_messages) },
+# ifdef SUPPORT_DANE
+ { "dane_require_tls_ciphers", opt_stringptr,
+ (void *)offsetof(smtp_transport_options_block, dane_require_tls_ciphers) },
+# endif
{ "data_timeout", opt_time,
(void *)offsetof(smtp_transport_options_block, data_timeout) },
{ "delay_after_cutoff", opt_bool,
#ifdef SUPPORT_DANE
.hosts_try_dane = NULL,
.hosts_require_dane = NULL,
+ .dane_require_tls_ciphers = NULL,
#endif
.hosts_try_fastopen = NULL,
#ifndef DISABLE_PRDR
uschar * s = sx.ob->arc_sign;
if (s)
{
- if (!(sx.ob->dkim.arc_signspec = expand_string(s)))
+ if (!(sx.ob->dkim.arc_signspec = s = expand_string(s)))
{
- message = US"failed to expand arc_sign";
- sx.ok = FALSE;
- goto SEND_FAILED;
+ if (!expand_string_forcedfail)
+ {
+ message = US"failed to expand arc_sign";
+ sx.ok = FALSE;
+ goto SEND_FAILED;
+ }
+ }
+ else if (*s)
+ {
+ /* Ask dkim code to hash the body for ARC */
+ (void) arc_ams_setup_sign_bodyhash();
+ sx.ob->dkim.force_bodyhash = TRUE;
}
- /* Ask dkim code to hash the body for ARC */
- (void) arc_ams_setup_sign_bodyhash();
- sx.ob->dkim.force_bodyhash = TRUE;
}
}
# endif