On Sun, Sep 29, 2024 at 12:18:14PM +0000, Behnam Lal Moghaddam wrote:
I just didn't bother to change the name ever, so that pseudonym has been used more often than my real name.
heh, ok. i made a few fixups. unless you see something wrong with it, i'll push this version at some point.
From 33bb58b3b3c27dbc0d09c4ce8008ca9c6ea6ee99 Mon Sep 17 00:00:00 2001 From: Behnam Lal <d...@behnamlal.xyz> Date: Sun, 29 Sep 2024 14:35:11 +0200 Subject: [PATCH] mbsync-get-cert: add support for STARTTLS nowadays, many servers offer STARTTLS on the default IMAP port 143 instead of (or in addition to) the traditional IMAP over SSL/TLS (IMAPS) on port 993. this patch has been fixed up somewhat by the maintainer. --- mbsync-get-cert | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/mbsync-get-cert b/mbsync-get-cert index 19e1485..d8f194a 100755 --- a/mbsync-get-cert +++ b/mbsync-get-cert @@ -9,9 +9,25 @@ # from a trusted source. # -if [ $# != 1 ]; then - echo "Usage: $0 <host>" >&2 +usage() { + echo "Usage: $0 [-s] <host>" >&2 + echo " -s Use IMAP+STARTTLS (port 143) instead of IMAPS (port 993)" >&2 exit 1 +} + +STARTTLS=false + +while getopts "s" opt; do + case $opt in + s) STARTTLS=true ;; + *) usage ;; + esac +done + +shift `expr $OPTIND - 1` + +if [ $# -ne 1 ]; then + usage fi HOST=$1 @@ -33,7 +49,15 @@ TMPFILE=$TMPDIR/get-cert ERRFILE=$TMPDIR/get-cert-err CERTFILE=$TMPDIR/cert -echo QUIT | openssl s_client -connect $HOST:993 -showcerts \ +if $STARTTLS; then + FLAGS="-starttls imap" + PORT=143 +else + FLAGS= + PORT=993 +fi + +echo QUIT | openssl s_client $FLAGS -connect $HOST:$PORT -showcerts \ > $TMPFILE 2> $ERRFILE sed -e '1,/^-----BEGIN CERTIFICATE-----/d' \ -e '/^-----END CERTIFICATE-----/,$d' < $TMPFILE > $CERTFILE -- 2.46.0.180.gb23db42a00
_______________________________________________ isync-devel mailing list isync-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/isync-devel