[kmail2] [Bug 423424] Kmail "forces" the user to accept invalid TLS certificates.
https://bugs.kde.org/show_bug.cgi?id=423424 --- Comment #11 from Volker Krause --- Git commit cbd3a03bc1d2cec48bb97570633940bbf94c34fa by Volker Krause. Committed on 15/11/2021 at 17:18. Pushed by knauss into branch 'release/21.12'. Treat SSL handshake errors as fatal also when using STARTTLS This fixes the infinite SSL error dialog loop also when using STARTTLS, the previous fix was only effective for direct TLS connections. M +9-13 src/loginjob.cpp https://invent.kde.org/pim/kimap/commit/cbd3a03bc1d2cec48bb97570633940bbf94c34fa -- You are receiving this mail because: You are the assignee for the bug.
[kmail2] [Bug 423424] Kmail "forces" the user to accept invalid TLS certificates.
https://bugs.kde.org/show_bug.cgi?id=423424 --- Comment #10 from Bug Janitor Service --- A possibly relevant merge request was started @ https://invent.kde.org/pim/kimap/-/merge_requests/10 -- You are receiving this mail because: You are the assignee for the bug.
[kmail2] [Bug 423424] Kmail "forces" the user to accept invalid TLS certificates.
https://bugs.kde.org/show_bug.cgi?id=423424 Sandro Knauß changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|FIXED |--- --- Comment #9 from Sandro Knauß --- This was rechecked from the NO STARTTLS team with the current version 5.18.40 and this bug is not completly fixed: "The certificate loop for IMAP in the account wizard is also still present, kmail keeps reconnecting for me. I cannot even accept the invalid certificate, because kmail continues reconnecting and showing dialogs. I can provide a screen recording if needed. For SMTP it seems to be fixed (the dialog only appears once)." -- You are receiving this mail because: You are the assignee for the bug.
[kmail2] [Bug 423424] Kmail "forces" the user to accept invalid TLS certificates.
https://bugs.kde.org/show_bug.cgi?id=423424 Volker Krause changed: What|Removed |Added Latest Commit||https://invent.kde.org/pim/ ||ksmtp/commit/fca378d55e2239 ||44ce512c9a8f8b789d1d3abcde Resolution|--- |FIXED Status|ASSIGNED|RESOLVED --- Comment #8 from Volker Krause --- Git commit fca378d55e223944ce512c9a8f8b789d1d3abcde by Volker Krause. Committed on 29/09/2021 at 15:41. Pushed by knauss into branch 'release/21.08'. Emit an error rather than reconnect when SSL errors are not ignored Not ignoring SSL certificate errors now results in a delivery error rather than a loop on the SSL error dialog. M +5-4src/sessionthread.cpp https://invent.kde.org/pim/ksmtp/commit/fca378d55e223944ce512c9a8f8b789d1d3abcde -- You are receiving this mail because: You are the assignee for the bug.
[kmail2] [Bug 423424] Kmail "forces" the user to accept invalid TLS certificates.
https://bugs.kde.org/show_bug.cgi?id=423424 Bug Janitor Service changed: What|Removed |Added Ever confirmed|0 |1 Status|REPORTED|ASSIGNED --- Comment #7 from Bug Janitor Service --- A possibly relevant merge request was started @ https://invent.kde.org/pim/ksmtp/-/merge_requests/10 -- You are receiving this mail because: You are the assignee for the bug.
[kmail2] [Bug 423424] Kmail "forces" the user to accept invalid TLS certificates.
https://bugs.kde.org/show_bug.cgi?id=423424 --- Comment #6 from Volker Krause --- Git commit edb7f6fdea2c9f44085a042531f56223f3fd8a2f by Volker Krause. Committed on 28/09/2021 at 16:05. Pushed by knauss into branch 'release/21.08'. Consider the online state when attempting to reconnect There's actually a comprehensive error condition handling in the method above which properly distinguishing between transient and persistent problems, but we just ignore that decision here and continuously reconnect. Together with https://invent.kde.org/pim/kimap/-/merge_requests/9 this fixes the infinite SSL error dialog loop when rejecting to ignore an SSL error to a large extend. You still get the dialog twice now, and then after a few minutes again as this is considered to be a transient error (e.g. caused by capture portals). This at least gives you the opportunity now to actually fix the configuration or remove the resource. (Bug 423424 remains open for SMTP) M +1-1resources/imap/imapresourcebase.cpp https://invent.kde.org/pim/kdepim-runtime/commit/edb7f6fdea2c9f44085a042531f56223f3fd8a2f -- You are receiving this mail because: You are the assignee for the bug.
[kmail2] [Bug 423424] Kmail "forces" the user to accept invalid TLS certificates.
https://bugs.kde.org/show_bug.cgi?id=423424 --- Comment #5 from Volker Krause --- Git commit 7ee241898bc225237b3475f6c109ffc55a4a74c0 by Volker Krause. Committed on 28/09/2021 at 15:58. Pushed by knauss into branch 'release/21.08'. Disconnect rather than reconnect when not ignoring SSL errors Reconnecting makes no sense, we'll just end up with the SSL error dialog again and again in that case. Not enough to fix 423424 by itself, but a necessary prerequisite. M +1-4src/sessionthread.cpp https://invent.kde.org/pim/kimap/commit/7ee241898bc225237b3475f6c109ffc55a4a74c0 -- You are receiving this mail because: You are the assignee for the bug.
[kmail2] [Bug 423424] Kmail "forces" the user to accept invalid TLS certificates.
https://bugs.kde.org/show_bug.cgi?id=423424 --- Comment #4 from Bug Janitor Service --- A possibly relevant merge request was started @ https://invent.kde.org/pim/kdepim-runtime/-/merge_requests/48 -- You are receiving this mail because: You are the assignee for the bug.
[kmail2] [Bug 423424] Kmail "forces" the user to accept invalid TLS certificates.
https://bugs.kde.org/show_bug.cgi?id=423424 --- Comment #3 from Bug Janitor Service --- A possibly relevant merge request was started @ https://invent.kde.org/pim/kimap/-/merge_requests/9 -- You are receiving this mail because: You are the assignee for the bug.
[kmail2] [Bug 423424] Kmail "forces" the user to accept invalid TLS certificates.
https://bugs.kde.org/show_bug.cgi?id=423424 Sandro Knauß changed: What|Removed |Added CC||skna...@kde.org --- Comment #2 from Sandro Knauß --- The vulnerable is now published under https://nostarttls.secvuln.info/ -- You are receiving this mail because: You are the assignee for the bug.
[kmail2] [Bug 423424] Kmail "forces" the user to accept invalid TLS certificates.
https://bugs.kde.org/show_bug.cgi?id=423424 --- Comment #1 from Damian Poddebniak <93s4m32gd2ab8...@mailbox.org> --- This also applies in a limited form (dialogs show up slower) for SMTP. -- You are receiving this mail because: You are the assignee for the bug.
