Menu
▾
▴
isync Merge Request #2: use SNI when connecting with SSL (merged)
Merging...
Merged
Something went wrong. Please, merge manually
Checking if merge is possible...
Something went wrong. Please, merge manually
Vincent Bernat wants to merge 1 commit from /u/vbernat/isync/ to master, 2018-09-08
imap.gmail.com doesn't accept connections without SNI anymore. Without
this extension, it returns a self-signed certificate and mbsync is
unable to complete:
$ openssl s_client -connect imap.gmail.com:993 -noservername
CONNECTED(00000005)
depth=0 OU = "No SNI provided; please fix your client.", CN = invalid2.invalid
verify error:num=18:self signed certificate
verify return:1
depth=0 OU = "No SNI provided; please fix your client.", CN = invalid2.invalid
verify return:1
---
Certificate chain
0 s:OU = "No SNI provided; please fix your client.", CN = invalid2.invalid
i:OU = "No SNI provided; please fix your client.", CN = invalid2.invalid
This commit configure the SSL connection to transmit the hostname
through SNI. This has been tested with both GMail (which requires SNI)
and Fastmail (which doesn't require SNI).
| Commit | Date | |
|---|---|---|
|
[1086cd]
(fix/sni)
by
Vincent Bernat
use SNI when connecting with SSL imap.gmail.com doesn't accept connections without SNI anymore. Without $ openssl s_client -connect imap.gmail.com:993 -noservername This commit configure the SSL connection to transmit the hostname |
2018-08-22 17:20:35 | Tree |
For some reason, this only happens with OpenSSL 1.1.1.
i merged a derived patch.