commit 3759f0c80220a908714fcddc4ffe07fe231eb813
Author: Oswald Buddenhagen <[email protected]>
Date: Wed Nov 1 07:19:26 2006 +0000
backport:
- un-document "Host imaps:[...]" syntax and introduce new option UseIMAPS
instead
- apply ted's patch to support UseIMAPS in conjunction with Tunnel
- document that SSLv2 is No Good (TM)
src/drv_imap.c | 15 +++++++++------
src/mbsync.1 | 27 +++++++++++++++++----------
2 files changed, 26 insertions(+), 16 deletions(-)
diff --git a/src/drv_imap.c b/src/drv_imap.c
index 8b5cea7..6501a2f 100644
--- a/src/drv_imap.c
+++ b/src/drv_imap.c
@@ -1270,15 +1270,15 @@ imap_open_store( store_conf_t *conf, store_t *oldctx )
info( "ok\n" );
imap->buf.sock.fd = s;
+ }
#if HAVE_LIBSSL
- if (srvc->use_imaps) {
- if (start_tls( ctx ))
- goto bail;
- use_ssl = 1;
- }
-#endif
+ if (srvc->use_imaps) {
+ if (start_tls( ctx ))
+ goto bail;
+ use_ssl = 1;
}
+#endif
/* read the greeting string */
if (buffer_gets( &imap->buf, &rsp )) {
@@ -1726,6 +1726,7 @@ imap_parse_store( conffile_t *cfg, store_conf_t **storep,
int *err )
while (getcline( cfg ) && cfg->cmd) {
if (!strcasecmp( "Host", cfg->cmd )) {
+ /* The imap[s]: syntax is just a backwards compat hack.
*/
#if HAVE_LIBSSL
if (!memcmp( "imaps:", cfg->val, 6 )) {
cfg->val += 6;
@@ -1758,6 +1759,8 @@ imap_parse_store( conffile_t *cfg, store_conf_t **storep,
int *err )
}
} else if (!strcasecmp( "RequireSSL", cfg->cmd ))
server->require_ssl = parse_bool( cfg );
+ else if (!strcasecmp( "UseIMAPS", cfg->cmd ))
+ server->use_imaps = parse_bool( cfg );
else if (!strcasecmp( "UseSSLv2", cfg->cmd ))
server->use_sslv2 = parse_bool( cfg );
else if (!strcasecmp( "UseSSLv3", cfg->cmd ))
diff --git a/src/mbsync.1 b/src/mbsync.1
index 2b44bc2..14b5c99 100644
--- a/src/mbsync.1
+++ b/src/mbsync.1
@@ -210,17 +210,13 @@ The location of the \fBINBOX\fR. This is \fInot\fR
relative to \fBPath\fR.
Define the IMAP4 Account \fIname\fR, opening a section for its parameters.
..
.TP
-\fBHost\fR [\fBimaps:\fR]\fIhost\fR
-Specify the DNS name or IP address of the IMAP server. If \fIhost\fR is
-prefixed with \fBimaps:\fR the connection is assumed to be an SSL connection
-to port 993.
-Note that modern servers support SSL on the default port 143 via the
-STARTTLS extension, which will be used automatically by default.
+\fBHost\fR \fIhost\fR
+Specify the DNS name or IP address of the IMAP server.
..
.TP
\fBPort\fR \fIport\fR
-Specify the TCP port number of the IMAP server. (Default: 143 for imap,
-993 for imaps)
+Specify the TCP port number of the IMAP server. (Default: 143 for IMAP,
+993 for IMAPS)
..
.TP
\fBUser\fR \fIusername\fR
@@ -245,6 +241,15 @@ If set to \fIyes\fR, \fBmbsync\fR will abort the
connection if no CRAM-MD5
authentication is possible. (Default: \fIno\fR)
..
.TP
+\fBUseIMAPS\fR \fIyes\fR|\fIno\fR
+If set to \fIyes\fR, the default for \fBPort\fR is changed to 993 and
+\fBmbsync\fR will start SSL negotiation immediately after establishing
+the connection to the server.
+.br
+Note that modern servers support SSL on the regular IMAP port 143 via the
+STARTTLS extension, which will be used automatically by default.
+..
+.TP
\fBRequireSSL\fR \fIyes\fR|\fIno\fR
\fBmbsync\fR will abort the connection if a TLS/SSL session cannot be
established with the IMAP server. (Default: \fIyes\fR)
@@ -257,12 +262,14 @@ This option is \fImandatory\fR if SSL is used. See \fBSSL
CERTIFICATES\fR below.
.TP
\fBUseSSLv2\fR \fIyes\fR|\fIno\fR
Use SSLv2 for communication with the IMAP server over SSL?
-(Default: \fIyes\fR if an imaps \fBHost\fR is used, otherwise \fIno\fR)
+.br
+Note that this option is deprecated for security reasons.
+(Default: \fIno\fR)
..
.TP
\fBUseSSLv3\fR \fIyes\fR|\fIno\fR
Use SSLv3 for communication with the IMAP server over SSL?
-(Default: \fIyes\fR if an imaps \fBHost\fR is used, otherwise \fIno\fR)
+(Default: \fIno\fR)
..
.TP
\fBUseTLSv1\fR \fIyes\fR|\fIno\fR
------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
isync-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/isync-devel
