Could I just poke you devs to please include STARTTLS support sooner rather than later? I just lost a few hours writing a patch to add this (I don't know PHP) and later discovered that someone had already done the same:
http://trac.roundcube.net/ticket/1485284
The implementation isn't that complex and I've found more than a few messages online involving people trying to get roundcube to use TLS. I believe STARTTLS is considered the standard way to do both encrypted IMAP and SMTP (STARTTLS in SMTP is already supported) and it's quite irritating to have to open up an extra port for IMAP over SSL.
Regards,
Francis
List info: http://lists.roundcube.net/dev/
Also, just wanted to point out that the correct way to to this is to look for STARTTLS in the capability response rather than examining the URL protocol. _______________________________________________ List info: http://lists.roundcube.net/dev/
Sorry, for the email flood.
I've attached my patch against imap.inc to this message because the one in the bug report seemed to have a number of issues. These include:
- sending an untagged starttls command.
- dropping back out of TLS after authentication (this seems less
insecure and unnecessary).
- not resetting the capabilities map (the authentication mechanisms
required may only be available after negotiating an encrypted connection. Also required by RFC2595).
- Using the tls prefix makes the client use port 993 by default which isn't wanted for STARTTLS.
- Not checking the STARTTLS capability.
Also, the TLS negotiation requires the socket to be blocking to work correctly. I think this is the default so I haven't touched it whereas the other patch sets it to blocking then non-blocking afterwards. I don't know whether or not this would cause issues.
Presumably there must be others on this list who want/need this functionality?
regards,
Francis
--- 8< --- detachments --- 8< --- The following attachments have been detached and are available for viewing. http://detached.gigo.com/rc/+D/rLA76dHT/roundcube-0.2-imap.i.patch Only click these links if you trust the sender, as well as this message. --- 8< --- detachments --- 8< ---
List info: http://lists.roundcube.net/dev/
-
Francis Russell