[mew-int 01896] Re: TLS

Kazu Yamamoto ( 山本和彦 ) kazu at example.com
Fri Oct 29 00:08:19 JST 2004 

Hello,

> TLS(Transport Layer Security) has been supported as well as SSL. To
> support TLS, Mew makes use of the TLS functionality of "stunnel".
> 
> At this moment, you can protect SMTP, POP and NNTP with TLS. IMAP/TLS
> cannot be used since "stunnel" does not support it yet.

I believe that one guy on this list wants to use IMAP/TLS. So, I
created a patch for stunnel 4.05. I have already sent this patch to
the author.

--Kazu

*** protocol.c-dist	Thu Oct 28 12:08:18 2004
--- protocol.c	Thu Oct 28 12:26:57 2004
***************
*** 40,45 ****
--- 40,47 ----
  static int pop3_server(CLI *);
  static int nntp_client(CLI *);
  static int nntp_server(CLI *);
+ static int imap_client(CLI *);
+ static int imap_server(CLI *);
  static int RFC2487(int);
  
  int negotiate(CLI *c) {
***************
*** 58,63 ****
--- 60,67 ----
          retval = options.option.client ? pop3_client(c) : pop3_server(c);
      else if(!strcmp(c->opt->protocol, "nntp"))
          retval = options.option.client ? nntp_client(c) : nntp_server(c);
+     else if(!strcmp(c->opt->protocol, "imap"))
+         retval = options.option.client ? imap_client(c) : imap_server(c);
      else {
          log(LOG_ERR, "Protocol %s not supported in %s mode",
              c->opt->protocol, options.option.client ? "client" : "server");
***************
*** 280,283 ****
--- 284,315 ----
      }
  }
  
+ static int imap_client(CLI *c) {
+     char line[STRLEN];
+ 
+     if(fdscanf(c, c->remote_fd.fd, "%[^\n]", line)<0)
+         return -1;
+     if(strncasecmp(line,"* OK",4)) {
+         log(LOG_ERR, "Unknown server welcome");
+         return -1;
+     }
+     if(fdprintf(c, c->local_wfd.fd, "%s", line)<0)
+         return -1;
+     if(fdprintf(c, c->remote_fd.fd, "tag STARTTLS")<0)
+         return -1;
+     if(fdscanf(c, c->remote_fd.fd, "%[^\n]", line)<0)
+         return -1;
+     /* should remove untagged line?  */
+     if(strncasecmp(line,"tag OK",6)) {
+         log(LOG_ERR, "Server does not support TLS");
+         return -1;
+     }
+     return 0;
+ }
+ 
+ static int imap_server(CLI *c) {
+     log(LOG_ERR, "Protocol not supported in server mode");
+     return -1;
+ }
+ 
  /* End of protocol.c */

More information about the Mew-int mailing list