From 2a4057a7745c4768cb5dddfed313f72e36d07d71 Mon Sep 17 00:00:00 2001 From: dignifiedquire Date: Thu, 9 May 2019 14:21:41 +0100 Subject: [PATCH] fix(tls): disable hostname checks in all cases --- src/dc_imap.rs | 6 +++++- src/dc_smtp.rs | 12 +++++++----- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/src/dc_imap.rs b/src/dc_imap.rs index cb9be2aaa..ab7d7a51e 100644 --- a/src/dc_imap.rs +++ b/src/dc_imap.rs @@ -363,7 +363,11 @@ impl Imap { if (server_flags & (DC_LP_IMAP_SOCKET_STARTTLS | DC_LP_IMAP_SOCKET_PLAIN)) != 0 { imap::connect_insecure((imap_server, imap_port)).and_then(|client| { if (server_flags & DC_LP_IMAP_SOCKET_STARTTLS) != 0 { - let tls = native_tls::TlsConnector::builder().build().unwrap(); + let tls = native_tls::TlsConnector::builder() + // FIXME: unfortunately this is needed to make things work on macos + testrun.org + .danger_accept_invalid_hostnames(true) + .build() + .unwrap(); client.secure(imap_server, &tls).map(Into::into) } else { Ok(client.into()) diff --git a/src/dc_smtp.rs b/src/dc_smtp.rs index eb963c6ab..da69de7e9 100644 --- a/src/dc_smtp.rs +++ b/src/dc_smtp.rs @@ -2,7 +2,6 @@ use std::ffi::{CStr, CString}; use lettre::smtp::client::net::*; use lettre::*; -use native_tls::TlsConnector; use crate::constants::Event; use crate::constants::*; @@ -96,11 +95,14 @@ impl Smtp { }; let port = lp.send_port as u16; - let mut tls_builder = TlsConnector::builder(); - tls_builder.min_protocol_version(Some(DEFAULT_TLS_PROTOCOLS[0])); + let tls = native_tls::TlsConnector::builder() + // FIXME: unfortunately this is needed to make things work on macos + testrun.org + .danger_accept_invalid_hostnames(true) + .min_protocol_version(Some(DEFAULT_TLS_PROTOCOLS[0])) + .build() + .unwrap(); - let tls_parameters = - ClientTlsParameters::new(domain.to_string(), tls_builder.build().unwrap()); + let tls_parameters = ClientTlsParameters::new(domain.to_string(), tls); let creds = if 0 != lp.server_flags & (DC_LP_AUTH_OAUTH2 as i32) { // oauth2