[Users] [Bug 4103] New: TLS SNI (Server Name Indication) support for IMAP, POP & SMTP

noreply at thewildbeast.co.uk noreply at thewildbeast.co.uk
Sun Oct 21 01:01:27 CEST 2018 

https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4103

            Bug ID: 4103
           Summary: TLS SNI (Server Name Indication) support for IMAP, POP
                    & SMTP
    Classification: Unclassified
           Product: Claws Mail
           Version: GIT
          Hardware: PC
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P3
         Component: Other
          Assignee: users at lists.claws-mail.org
          Reporter: alex.clawsmail at madalex.me.uk

Created attachment 1927
  -->
https://www.thewildbeast.co.uk/claws-mail/bugzilla/attachment.cgi?id=1927&action=edit
Patch for experimentation only. Needs patched libetpan.

It would be rather nice if Claws Mail supported the Server Name Indication TLS
extension, so as to be given the correct certificate when connecting with TLS
to `virtual hosted' IMAP / POP / SMTP servers that service multiple domains
from a single IP address.

This is eminently doable for POP and SMTP connections, for which gnutls is used
directly. IMAP is a little harder since libetpan handles the TLS session and
will need extension to also support SNI.

I have just created a pull request for a candidate extension to libetpan
(https://github.com/dinhviethoa/libetpan/pull/310) and attach an experimental
patch that utilises it, plus adds the necessary internal support for POP &
SMTP, for anybody who likes to live on the bleeding edge to try.

Obviously I'm not asking for a review of the patch yet. I'll update this issue
and the patch if and when libetpan gains SNI support.


Notes for brave explorers:

- It's a git patch; use `git apply' or `patch -p1' (note NOT -p0 as
https://claws-mail.org/devel.php?section=projects asks for)

- You'll need to compile and link against my aforementioned experimentally
extended libetpan from GitHub

- I've only built and tested it on Linux and only connecting to IMAP and SMTP
as that's all I have easy access to. Works for me but your mileage may vary!

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the Users mailing list