- removed all warnings to make the software compile with -Wall - bug in general imap handling martin@askja:~$ telnet mail 143 Trying 10.0.0.1... Connected to mail Escape character is '^]'. * OK mail Cyrus IMAP4 v2.0.17 server ready A001 LOGIN user pass A001 OK User logged in A001 STATUS INBOX (MESSAGES) A001 NO System I/O error problem: * imap_checkmbox() exits with BYE(...) -> socket is closed and freed * imap_goodbye() is called, closes and frees the socket a second time -> crash because of duplicate free workaround: * set socket pointer to NULL after each Sclose() * imap_goodbye() does not access a socket whose pointer is NULL (to address similar issues) * imap_checkmbox() does not run if mb->status is not equal STAT_IDLE | STAT_RUNNING generally, the use of mb->status seems confusing to me SSL support for imap - generic approach -> no new mailbox type - two different types of imap ssl servers * separate port for imapssl * standard imap server offers STARTTLS command to continue an existing session via ssl -> this difference should not have to be configured by the user - two new options in asmailrc ssl yes -> new flag in mbox_struct->flags trustedCaDir /my/dir/ new component mbox_struct->trustedCaDir -> added an example to asmailrc.sample - openssl availability is checked by configure define HAVE_OPENSSL_SSL_H in config.h is used to distinguish ssl and non-ssl parts (code could be optimized to use fewer #ifdef statements) - new functions in socklib.c * Sslclient() switch an open connection created with Sclient() to SSL * Sslread() read a single line, should behave exactly like Sread() uses a temporary buffer to store data that was read from ssl and decrypted, data from this buffer is returned to the caller this buffer and its size are parts of the socket structure * Sslwrite() - imap.c * many different cases for imap_login() - no ssl support - ssl supported, non-ssl session configured - ssl supported, ssl configured, imapssl server - ssl supported, ssl configured, plain imap server with STARTTLS support handling of ssl supported, ssl configured * assume server is imapssl * if this fails, close session and re-open it * assume session is plain imap * send a STARTTLS command * if we get a positive answer, switch session to ssl * otherwise terminate session * macro WAIT_OK uses either Sslread() or Sread() no other adjustments in imap_checkmbox(), both Sread() and Sslread() should behave identically * new macro WRITE_OUTPUT to write, using either Swrite() or Sslwrite() - verification of the server certificate is done in Sslclient() print only a warning if verification fails trustedCaDir /my/dir/ option in asmailrc /my/dir contains a .pem file for each certificate authority we trust the directory has to be processed for use with openssl: go to the directory and run c_rehash . (I could provide more infos about how to create the CA's certificate and how to sign a client certificate with it) BUGS: martin@askja:~$ telnet localhost 143 Trying 127.0.0.1... Connected to askja.kaiser.cx. Escape character is '^]'. * OK Dovecot ready. a001 LOGIN a001 BAD Error in IMAP command received by server. (long time of inactivity) * BYE Disconnected for inactivity. Connection closed by foreign host. -> BYE(STAT_CONN) crashes (broken pipe) because the server has already closed the connection