Mirrors/imapsync
1
0
Fork 0
mirror of https://github.com/imapsync/imapsync.git synced 2024-11-17 00:02:29 +01:00
Code Issues Releases Activity
629adbb8db
imapsync/FAQ.d/FAQ.Security.txt
Nick Bebout 629adbb8db 1.678
2016-01-22 10:52:28 -06:00

29 lines
1000 B
Plaintext
Raw Blame History

#!/bin/cat
# $Id: FAQ.Security.txt,v 1.3 2016/01/18 18:14:12 gilles Exp gilles $
=======================================================
Imapsync tips about security. Issues and solutions.
=======================================================
======================================================================
Q. Imapsync used to use SSL_VERIFY_PEER now it uses SSL_VERIFY_NONE.
How can I change this back to the more secure SSL_VERIFY_PEER?
R1. In function "sub set_ssl", replace
IO::Socket::SSL::SSL_VERIFY_NONE()
by
IO::Socket::SSL::SSL_VERIFY_PEER()
R2. After imapsync 1.673, for example
to set SSL_verify_mode to SSL_VERIFY_PEER on host1
and SSL_verify_mode to SSL_VERIFY_NONE on host2
imapsync ... --ssl1 --ssl2 \
--sslargs1 SSL_verify_mode=1 \
--sslargs2 SSL_verify_mode=0 \
C1. Don't do this in function "sub set_tls" since it won't work by principle,
tls is done AFTER the application level connexion is established
View Git Blame Copy Permalink