Commit Graph

96 Commits

Author SHA1 Message Date
Lefteris Chatzimparmpas
594339056b Fix SSL CTX bug and add support for TLS1.1/1.2
SSL CTXs should be created after the SSL library initialization, and be
kept until program termination.

Also, TLS version 1.1 and 1.2 are now supported for secure connections.
2013-05-20 23:55:16 +02:00
Lefteris Chatzimparmpas
7e8560f57a Compare serial number of certificates
The serial number of the certificates is checked together with the
issuer, since some certificates have the same subject and issuer but a
different serial number.

Also, the certificate subject, issuer and serial number are also written
to the certificates file just before the certificate itself, in order to
make it easier to distinguish each certificate in the file.
2013-05-13 00:48:42 +02:00
Lefteris Chatzimparmpas
734811c568 Watch out for unexpected APPEND response
At least one server, returns a continuation response to the APPEND
request, even if the APPEND request then finally fails (because the
mailbox doesn't exist).  Anticipate such an occurrence, and try to
create the mailbox and retry the APPEND, as is done normally.
2013-04-30 21:40:58 +02:00
Lefteris Chatzimparmpas
7593368952 Prepare release v2.5.4. 2013-04-09 21:45:51 +02:00
Lefteris Chatzimparmpas
ee19620558 Update copyright year to include 2013. 2013-04-09 21:43:06 +02:00
Lefteris Chatzimparmpas
4c310f9df5 Correct various bugs in the recovery mechanism
The namespace of the selected mailbox was not properly applied after
recovery, CRAM-MD5 authentication during the recovery would fail, and
searching after recovery could fail in some cases.
2013-04-09 20:49:46 +02:00
Lefteris Chatzimparmpas
568e414754 Print stack traceback support for Lua 5.1
Lua 5.1 lacks the C API luaL_traceback() function, so Lua
debug.traceback() has to be used instead.
2012-12-05 21:27:31 +01:00
Lefteris Chatzimparmpas
d7966dbe2d Print stack traceback in case of error. 2012-11-18 23:09:29 +01:00
Lefteris Chatzimparmpas
1f79e2d345 Correct the error reporting positions. 2012-11-18 23:07:56 +01:00
Lefteris Chatzimparmpas
c082ae4ddc Parse server responses less strictly
Some servers send responses that are not standards compliant, but
contain extra SPACE, CR or LF characters, and by ignoring those
characters it might be possible to parse their responses.
2012-08-24 23:01:07 +02:00
Lefteris Chatzimparmpas
7dec2a8ec7 Enable extra compiler checks and correct warnings. 2012-08-20 20:22:54 +02:00
Lefteris Chatzimparmpas
69b650137a Prepare release v2.5.3. 2012-07-22 16:25:41 +03:00
Lefteris Chatzimparmpas
066ca99e36 Use new international mailbox names implementation
A new custom implementation of international mailbox names has replaced
the previous iconv-based solution.
2012-07-22 15:41:28 +03:00
Lefteris Chatzimparmpas
362a123cd4 Correct variable error in one of the examples. 2012-05-23 20:44:31 +02:00
Lefteris Chatzimparmpas
0d77e9d9a8 Set variable's type based on OpenSSL version. 2012-04-25 00:09:12 +03:00
Lefteris Chatzimparmpas
4e03494df6 Correct wording and typo error. 2012-04-25 00:03:12 +03:00
Lefteris Chatzimparmpas
a9ac2cf100 Prepare release v2.5.2. 2012-02-29 21:16:07 +01:00
Lefteris Chatzimparmpas
3690506986 Ignore errors and retry later when in daemon mode
A persistent failure that could lead to a session not being able to be
recovered, or a failure during the login process (which is not covered
by the recovery function), would normally cause the process to
terminate.  This is expected when the configuration is run once, but not
desirable when running in daemon mode.

And thus just after the process has become a daemon, a session that
could not be restored, either because the connection to the server could
not be established or the login and its related negotiations failed, is
now disabled temporarily, and a recoqnection is attempted at the
beginning of the next daemon loop iteration.

There is one exception to that, and that is when there is an
authentication error, for example when a wrong username or password has
been supplied, and in this case the process terminates and a relevant
error is printed.
2012-02-29 21:01:11 +01:00
Lefteris Chatzimparmpas
dba6d38403 Improve the failure handling during login/logout
Some of the requests/responses need to close connection, while some
don't.

Also, now a login error returns a different status value.
2012-02-28 19:54:20 +01:00
Lefteris Chatzimparmpas
a4616e5ca5 Prepare release v2.5.1. 2012-02-27 22:53:47 +01:00
Lefteris Chatzimparmpas
7496761c25 Check function return values during login/logout
The login and logout requests are not candidates for recovery, but the return
values of all the network functions that are called from inside them, should be
checked thorougly.
2012-02-27 22:51:06 +01:00
Lefteris Chatzimparmpas
e519bb1a71 Describe the recover option in a better way. 2012-02-27 22:40:57 +01:00
Lefteris Chatzimparmpas
7435dc6d1d Add support to recover when BYE is received
Previously only network errors could cause a restoration of a session,
but now a BYE response sent by the server can also trigger it.

An option has been also added to control if and when the recover
function will be called.
2012-02-27 01:22:37 +01:00
Lefteris Chatzimparmpas
2dd1b5ebc6 Forward the BYE response properly all the way up
Some methods didn't return the correct value when a BYE response was
received from the server.
2012-02-27 01:10:56 +01:00
Lefteris Chatzimparmpas
e66c58926f Prepare release v2.5. 2012-02-24 01:19:04 +01:00
Lefteris Chatzimparmpas
47521ace3f Change SSL variables' names in session structure. 2012-02-24 01:19:04 +01:00
Lefteris Chatzimparmpas
716ee036dc Skip normal SSL shutdown only after an error
This disables the sending of the "close notify" shutdown alert, only
after a network failure took place, and not during normal closing of a
connection.
2012-02-24 01:18:08 +01:00
Lefteris Chatzimparmpas
5011966115 Ignore network errors during logout
In case of a network failure during a logout request, there's no point
in restoring the connection, but it is better to just close it.
2012-02-23 00:04:10 +01:00
Lefteris Chatzimparmpas
861aa6fd45 Keep trying when a connection has been restored. 2012-02-23 00:03:23 +01:00
Lefteris Chatzimparmpas
8c468f585f Fix the fatal failure caused by an SSL error
When a "Connection reset by peer" error was caused while reading through SSL, a
restoration of the session should have taken place after all the connection
related structures were resetted.  But instead a silent, unexpected and
unaccountable exit was the end result.  This was caused by the underlying
socket being closed while trying to shutdown the SSL session.
2012-02-22 18:59:28 +01:00
Lefteris Chatzimparmpas
83e406b70e Distinguish SSL read/write error messages printed. 2012-02-22 18:58:35 +01:00
Lefteris Chatzimparmpas
239435ba9e Use the same quotation for all the strings. 2012-02-22 18:57:54 +01:00
Lefteris Chatzimparmpas
befefb55a1 Name better the public shortcut function. 2012-02-22 18:56:45 +01:00
Lefteris Chatzimparmpas
dda48edbab Replace simple function with a static string. 2012-02-22 18:55:38 +01:00
Lefteris Chatzimparmpas
3f1059b355 Use newly added helper functions for common checks
Some of the functionality that was repeated in many places, regarding checks
and printing of informational messages, was replaced with common functions.
2012-02-22 08:18:38 +01:00
Lefteris Chatzimparmpas
95ce717bcf Add shortcuts to some possibly useful functions. 2012-02-21 20:13:55 +01:00
Lefteris Chatzimparmpas
51da675056 Don't do a protected call for the daemon commands
The errors produced by the ifcore module methods are important and thus
should not be ignored.
2012-02-21 17:49:38 +01:00
Lefteris Chatzimparmpas
8b0e8943e3 Don't allow a login if a session already exists. 2012-02-21 17:48:22 +01:00
Lefteris Chatzimparmpas
18940cc9f2 Make all the calls that pass the session safe
The session and selected variables should be reset if there has been a
connection problem or other failure.

The ifcore module methods that rely on the session should only be called
if there is a valid session variable defined.
2012-02-21 01:04:24 +01:00
Lefteris Chatzimparmpas
6a1771da04 Avoid closing the connection twice
If there's a network problem the connection has been already closed in
the relevant socket read/write functions.
2012-02-21 00:23:32 +01:00
Lefteris Chatzimparmpas
f78ed3c3d7 Add forgotten mailbox close command. 2012-02-21 00:12:23 +01:00
Lefteris Chatzimparmpas
4160f7c708 Set default network timeout value to 60. 2012-02-20 00:09:14 +01:00
Lefteris Chatzimparmpas
81b09d1f01 Print some details on append and fetch actions. 2012-02-19 23:56:54 +01:00
Lefteris Chatzimparmpas
644d6988ed Correct the TRYCREATE functionality
It's better not to continuesly try to create a mailbox, when the server
continues to report TRYCREATE.

When appending messages it failed to create a mailbox when the mailbox
didn't exist and the server responded with TRYCREATE.
2012-02-19 14:58:36 +01:00
Lefteris Chatzimparmpas
cf33e1bb61 Correct the option order in the usage details. 2012-02-19 13:40:31 +01:00
Lefteris Chatzimparmpas
7199aa249f Update the -d option and its description
Some of the descriptions of the other options have been also updated.
2012-02-19 13:25:47 +01:00
Lefteris Chatzimparmpas
6d39df8b70 Remove the BUGS section. 2012-02-19 13:25:05 +01:00
Lefteris Chatzimparmpas
e907fe5fdf Make OpenSSL a mandatory requirement
There is no point in having SSL/TLS IMAP support as optional, it's as
useful if not more than the the non-encrypted connections.

The Makefile was better organized to make it easier to change some
options during compile.

The SHAREDIR variable passed as configuration option has changed name.
2012-02-19 12:36:44 +01:00
Lefteris Chatzimparmpas
820e9db522 Correct some small details here and there. 2012-02-16 18:49:57 +01:00
Lefteris Chatzimparmpas
b67ae8209b Print a debug message on connection recovery. 2012-02-16 18:49:20 +01:00