From faec30abf47b583af841b37c9dede1ae826cc582 Mon Sep 17 00:00:00 2001 From: Oswald Buddenhagen Date: Mon, 16 May 2022 15:58:41 +0200 Subject: [PATCH] rename SSLType => TLSType for consistency with TLSVersions. the variable names are unchanged to avoid churn. --- NEWS | 2 +- src/drv_imap.c | 10 +++++++++- src/mbsync.1 | 8 ++++---- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/NEWS b/NEWS index 58383b8..0575d7c 100644 --- a/NEWS +++ b/NEWS @@ -13,7 +13,7 @@ Renamed the ReNew/--renew/-N options to Upgrade/--upgrade/-u and Delete/--delete/-d to Gone/--gone/-g. Superseded SSLVersions option with TLSVersions, and disabled TLS v1.0 -and v1.1 by default. +and v1.1 by default. Renamed SSLType option to TLSType. Made the Channel side to expire with MaxMessages configurable. diff --git a/src/drv_imap.c b/src/drv_imap.c index 4a9c669..0b3a070 100644 --- a/src/drv_imap.c +++ b/src/drv_imap.c @@ -3786,7 +3786,15 @@ imap_parse_store( conffile_t *cfg, store_conf_t **storep ) } } else if (!strcasecmp( "CipherString", cfg->cmd )) { server->sconf.cipher_string = nfstrdup( cfg->val ); + } else if (!strcasecmp( "TLSType", cfg->cmd )) { + goto tlstype; } else if (!strcasecmp( "SSLType", cfg->cmd )) { + static int sslt_warned; + if (!sslt_warned) { + sslt_warned = 1; + warn( "Notice: SSLType is deprecated. Use TLSType instead.\n" ); + } + tlstype: if (!strcasecmp( "None", cfg->val )) { server->ssl_type = SSL_None; } else if (!strcasecmp( "STARTTLS", cfg->val )) { @@ -3794,7 +3802,7 @@ imap_parse_store( conffile_t *cfg, store_conf_t **storep ) } else if (!strcasecmp( "IMAPS", cfg->val )) { server->ssl_type = SSL_IMAPS; } else { - error( "%s:%d: Invalid SSL type\n", cfg->file, cfg->line ); + error( "%s:%d: Invalid TLS type\n", cfg->file, cfg->line ); cfg->err = 1; } } else if (!strcasecmp( "TLSVersions", cfg->cmd )) { diff --git a/src/mbsync.1 b/src/mbsync.1 index 518f110..8a8b01f 100644 --- a/src/mbsync.1 +++ b/src/mbsync.1 @@ -313,7 +313,7 @@ Define the IMAP4 Account \fIname\fR, opening a section for its parameters. \fBHost\fR \fIhost\fR Specify the DNS name or IP address of the IMAP server. .br -If \fBTunnel\fR is used, this setting is needed only if \fBSSLType\fR is +If \fBTunnel\fR is used, this setting is needed only if \fBTLSType\fR is not \fBNone\fR and \fBCertificateFile\fR is not used, in which case the host name is used for certificate subject verification. . @@ -394,13 +394,13 @@ The list of acceptable authentication mechanisms. In addition to the mechanisms listed in the SASL registry (link below), the legacy IMAP \fBLOGIN\fR mechanism is known. The wildcard \fB*\fR represents all mechanisms that are deemed secure -enough for the current \fBSSLType\fR setting. +enough for the current \fBTLSType\fR setting. The actually used mechanism is the most secure choice from the intersection of this list, the list supplied by the server, and the installed SASL modules. (Default: \fB*\fR) . .TP -\fBSSLType\fR {\fBNone\fR|\fBSTARTTLS\fR|\fBIMAPS\fR} +\fBTLSType\fR {\fBNone\fR|\fBSTARTTLS\fR|\fBIMAPS\fR} Select the connection security/encryption method: .br \fBNone\fR - no security. @@ -410,7 +410,7 @@ This is the default when \fBTunnel\fR is set, as tunnels are usually secure. after connecting the regular IMAP port 143. Most servers support this, so it is the default (unless a tunnel is used). .br -\fBIMAPS\fR - security is established by starting SSL/TLS negotiation +\fBIMAPS\fR - security is established by starting TLS negotiation right after connecting the secure IMAP port 993. . .TP