Some TLS toolkits export a result that can be checked afterwards even if
the TLS negotation returned successfully. This can be used for example
if you disabled certificate checks by default, but then want to check
the outcome.
Currently this is only supported on boring TLS.
Previously, the connection pool thread did not drop its upgraded `Arc` pool reference while sleeping until the next idle duration check. This causes a drop of the `SmtpTransport` to not shut down any connections until said thread wakes up again (since it still holds a reference to the pool), which can take up to 60s with default settings. In practice, this means that connections will most likely not be properly closed before the program exists, (since the `SmtpTransport` is most likely dropped when the program shuts down) which violates the SMTP specification which states that:
> The sender MUST NOT intentionally close the channel until it sends a QUIT command, and it SHOULD wait until it receives the reply (even if there was an error response to a command).
With #977 dangerous_accept_invalid_hostnames is implemented for rustls. This add the config flag so that the feature can actually be used when rustls-tls is enabled.
Add a method that, when using a TLS toolkit that supports it, returns
the entire certificate chain. This is useful, for example, when
implementing DANE support which has directives that apply to the issuer
and not just to the leaf certificate.
Not all TLS toolkits support this, so the code will panic if the method
is called when using a TLS toolkit that has no way to return these
certificates.
This adds support for mutual authentication to transport layer secured
connections used to deliver mails.
Client authentication requires the client certificate and the
corresponding private key in pem format to be passed to
Identity::from_pem. The resulting Identity needs then to be provided to
TlsParametersBuilder::identify_with.
