View Issue Details

IDProjectCategoryView StatusLast Update
0000460SOGoBackend Mailpublic2010-08-25 14:05
Reporterayearout Assigned Toludovic  
PrioritynormalSeverityfeatureReproducibilityN/A
Status resolvedResolutionfixed 
Product Version1.2.1 
Fixed in Version1.3.2 
Summary0000460: Patch for IMAP SSL support
Description

The attached patch enables a Boolean domain preference (SOGoIMAPUseSSL) to easily toggle SSL support for IMAP servers.

TagsNo tags attached.

Relationships

has duplicate 0000484 closed No way to specify IMAP port 
has duplicate 0000332 closed IMAPs support 

Activities

2010-02-26 02:43

 

sogo-imap-ssl.diff (1,381 bytes)   
--- SoObjects/Mailer/SOGoMailAccount.m.orig 2010-02-25 16:48:54.000000000 -0800  
+++ SoObjects/Mailer/SOGoMailAccount.m  2010-02-25 17:48:13.000000000 -0800  
@@ -452,6 +452,13 @@  
   
 - (BOOL) useSSL  
 {  
+  SOGoDomainDefaults *dd;  
+ 
+  dd = [[context activeUser] domainDefaults];  
+  
+  if ([dd imapUseSSL])  
+    return YES;  
+ 
   return NO;  
 }  
   
--- SoObjects/SOGo/SOGoDomainDefaults.h.orig    2010-02-25 16:48:54.000000000 -0800  
+++ SoObjects/SOGo/SOGoDomainDefaults.h 2010-02-25 16:54:15.000000000 -0800  
@@ -39,6 +39,7 @@  
   
 - (NSString *) mailDomain;  
 - (NSString *) imapServer;  
+- (BOOL) imapUseSSL;  
 - (NSString *) imapAclStyle;  
 - (BOOL) imapAclConformsToIMAPExt;  
 - (BOOL) forceIMAPLoginWithEmail;  
--- SoObjects/SOGo/SOGoDomainDefaults.m.orig    2010-02-25 16:48:54.000000000 -0800  
+++ SoObjects/SOGo/SOGoDomainDefaults.m 2010-02-25 16:53:05.000000000 -0800  
@@ -107,6 +107,11 @@  
   return [self stringForKey: @"SOGoIMAPServer"];  
 }  
   
+- (BOOL) imapUseSSL  
+{  
+  return [self boolForKey: @"SOGoIMAPUseSSL"];  
+}  
+ 
 #warning should be removed when we make use of imap namespace  
 - (NSString *) imapAclStyle  
 {  
sogo-imap-ssl.diff (1,381 bytes)   
ludovic

ludovic

2010-02-26 03:08

administrator   ~0000639

Instead of introducing an other preference, we should know what do use based on the actual value. Right now we have:

server = foobar;

But could as well support

server = imap://foobar
server = imaps://foobar

and correctly set up SSL.

ayearout

ayearout

2010-02-26 03:24

reporter   ~0000640

Agreed. I'd like to sit down and look at implementing proper IMAP URI support.

I personally still would need a domain preference, however. I'm pulling the IMAP hostname from LDAP, and postfix would not take kindly to the inserting of imaps:// while it's trying to figure out mail relaying.

ayearout

ayearout

2010-02-26 22:15

reporter   ~0000642

I brainstormed about this last night, and considered possibly changing this to an "encryption type" setting to allow for things like TLS connections (similar to how LDAP connections are done). After digging around, however, I've realized that the SOPE NGStreams library doesn't support TLS connections. They get around this with LDAP by using the OpenLDAP libraries to initiate TLS.

Patching SOPE for TLS is a little beyond the time commitment I'm willing to make. Though I suppose if that were to happen, TLS support could be added for SMTP as well.

This weekend I'm hoping to poke around with IMAPS URI support.

I still personally would want this Boolean preference, but I can certainly understand if it doesn't make it into the releases.

tokul

tokul

2010-02-27 07:44

reporter   ~0000644

Don't confuse TLS with StartTLS. Most of current SSL clients and servers are TLS clients and servers.

ayearout

ayearout

2010-02-27 22:59

reporter   ~0000645

Sorry about that. Was referring to StartTLS here.

wcronen

wcronen

2010-03-05 19:23

reporter   ~0000665

I agree, there should be SSL-Support (not only StartTLS)!

stunnel doesn't do the job. It works if you don't use Sieve.
stunnel isn't able to support Sieve because Sieve doesn't support SSL (only StartTLS).

One alternative solution would be a new variable for the Sieve-Server in the GNUStep-Config. Then you could use stunnel for IMAPS with "localhost" in GNUStep-Config and the new variable with "yourserver:20000" for sieve.

ludovic

ludovic

2010-08-25 14:05

administrator   ~0001337

Fixed in http://mtn.inverse.ca/revision/diff/398d5b0c3ce7ef971f2aa9111d0c4c5da3cba021/with/45563a5428bd14a897f31d8c32c9bec7cafb0e73

Issue History

Date Modified Username Field Change
2010-02-26 02:43 ayearout New Issue
2010-02-26 02:43 ayearout File Added: sogo-imap-ssl.diff
2010-02-26 03:08 ludovic Note Added: 0000639
2010-02-26 03:24 ayearout Note Added: 0000640
2010-02-26 22:15 ayearout Note Added: 0000642
2010-02-27 07:44 tokul Note Added: 0000644
2010-02-27 22:59 ayearout Note Added: 0000645
2010-03-05 19:23 wcronen Note Added: 0000665
2010-03-12 13:37 ludovic Relationship added has duplicate 0000484
2010-03-16 20:56 ludovic Relationship added has duplicate 0000332
2010-07-21 21:33 ludovic Status new => assigned
2010-07-21 21:33 ludovic Assigned To => ludovic
2010-07-21 21:33 ludovic Target Version => 1.3.1
2010-08-11 16:20 ludovic Target Version 1.3.1 =>
2010-08-25 14:05 ludovic Note Added: 0001337
2010-08-25 14:05 ludovic Status assigned => resolved
2010-08-25 14:05 ludovic Fixed in Version => 1.3.2
2010-08-25 14:05 ludovic Resolution open => fixed