Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-08 09:26:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: separate entered and configured certificate checks

Browse Source
This commit is contained in:
link2xt
2024-08-16 22:14:00 +00:00
parent 62fde21d9a
commit 95b2a8e6a6
5 changed files with 54 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
deltachat-ffi/deltachat.h
View File

@@ -5712,7 +5712,7 @@ int64_t dc_lot_get_timestamp (const dc_lot_t* lot);
* Accept invalid certificates, including self-signed ones * Accept invalid certificates, including self-signed ones
* or having incorrect hostname. * or having incorrect hostname.
*/ */
#define DC_CERTCK_ACCEPT_INVALID_CERTIFICATES 3 #define DC_CERTCK_ACCEPT_INVALID_CERTIFICATES 2
/** /**
* @} * @}

2
deltachat-rpc-client/src/deltachat_rpc_client/const.py
View File

@@ -165,7 +165,7 @@ class CertificateChecks(IntEnum):
AUTOMATIC = 0 AUTOMATIC = 0
STRICT = 1 STRICT = 1
ACCEPT_INVALID_CERTIFICATES = 3 ACCEPT_INVALID_CERTIFICATES = 2
class Connectivity(IntEnum): class Connectivity(IntEnum):

2
node/constants.js
View File

@@ -1,7 +1,7 @@
// Generated! // Generated!
module.exports = { module.exports = {
DC_CERTCK_ACCEPT_INVALID_CERTIFICATES: 3, DC_CERTCK_ACCEPT_INVALID_CERTIFICATES: 2,
DC_CERTCK_AUTO: 0, DC_CERTCK_AUTO: 0,
DC_CERTCK_STRICT: 1, DC_CERTCK_STRICT: 1,
DC_CHAT_ID_ALLDONE_HINT: 7, DC_CHAT_ID_ALLDONE_HINT: 7,

2
node/lib/constants.ts
View File

@@ -1,7 +1,7 @@
// Generated! // Generated!
export enum C { export enum C {
DC_CERTCK_ACCEPT_INVALID_CERTIFICATES = 3, DC_CERTCK_ACCEPT_INVALID_CERTIFICATES = 2,
DC_CERTCK_AUTO = 0, DC_CERTCK_AUTO = 0,
DC_CERTCK_STRICT = 1, DC_CERTCK_STRICT = 1,
DC_CHAT_ID_ALLDONE_HINT = 7, DC_CHAT_ID_ALLDONE_HINT = 7,

70
src/login_param.rs
View File

@@ -10,36 +10,66 @@ use crate::provider::Socket;
use crate::provider::{get_provider_by_id, Provider}; use crate::provider::{get_provider_by_id, Provider};
use crate::socks::Socks5Config; use crate::socks::Socks5Config;
/// User entered setting for certificate checks.
///
/// Should be saved into `imap_certificate_checks` before running configuration.
#[derive(Copy, Clone, Debug, Default, Display, FromPrimitive, ToPrimitive, PartialEq, Eq)] #[derive(Copy, Clone, Debug, Default, Display, FromPrimitive, ToPrimitive, PartialEq, Eq)]
#[repr(u32)] #[repr(u32)]
#[strum(serialize_all = "snake_case")] #[strum(serialize_all = "snake_case")]
pub enum CertificateChecks { pub enum EnteredCertificateChecks {
/// Same as AcceptInvalidCertificates if stored in the database /// `Automatic` means that provider database setting should be taken.
/// as `configured_{imap,smtp}_certificate_checks`.
///
/// Previous Delta Chat versions stored this in `configured_*`
/// if Automatic configuration
/// was selected, configuration with strict TLS checks failed
/// and configuration without strict TLS checks succeeded.
///
/// Currently Delta Chat stores only
/// `Strict` or `AcceptInvalidCertificates` variants
/// in `configured_*` settings.
///
/// `Automatic` in `{imap,smtp}_certificate_checks`
/// means that provider database setting should be taken.
/// If there is no provider database setting for certificate checks, /// If there is no provider database setting for certificate checks,
/// `Automatic` is the same as `Strict`. /// check certificates strictly.
#[default] #[default]
Automatic = 0, Automatic = 0,
/// Ensure that TLS certificate is valid for the server hostname.
Strict = 1, Strict = 1,
/// Same as AcceptInvalidCertificates /// Accept certificates that are expired, self-signed
/// Previously known as AcceptInvalidHostnames, now deprecated. /// or otherwise not valid for the server hostname.
AcceptInvalidCertificates2 = 2, AcceptInvalidCertificates = 2,
AcceptInvalidCertificates = 3, /// Alias for `AcceptInvalidCertificates`
/// for API compatibility.
AcceptInvalidCertificates2 = 3,
}
/// Values saved into `imap_certificate_checks`.
#[derive(Copy, Clone, Debug, Default, Display, FromPrimitive, ToPrimitive, PartialEq, Eq)]
#[repr(u32)]
#[strum(serialize_all = "snake_case")]
pub enum ConfiguredCertificateChecks {
/// Use configuration from the provider database.
/// If there is no provider database setting for certificate checks,
/// accept invalid certificates.
///
/// Must not be saved by new versions.
///
/// Previous Delta Chat versions before core 1.133.0
/// stored this in `configured_imap_certificate_checks`
/// if Automatic configuration
/// was selected, configuration with strict TLS checks failed
/// and configuration without strict TLS checks succeeded.
OldAutomatic = 0,
/// Ensure that TLS certificate is valid for the server hostname.
Strict = 1,
/// Accept certificates that are expired, self-signed
/// or otherwise not valid for the server hostname.
AcceptInvalidCertificates = 2,
/// Accept certificates that are expired, self-signed
/// or otherwise not valid for the server hostname.
///
/// Alias to `AcceptInvalidCertificates` for compatibility.
AcceptInvalidCertificates2 = 3,
/// Use configuration from the provider database.
/// If there is no provider database setting for certificate checks,
/// apply strict checks to TLS certificates.
Automatic = 4,
} }
/// Login parameters for a single server, either IMAP or SMTP /// Login parameters for a single server, either IMAP or SMTP