mirror of
https://github.com/cypht-org/cypht.git
synced 2026-04-25 04:56:03 +03:00
[GH-ISSUE #485] imap tls context #382
Labels
No labels
2fa
I18N
PGP
Security
Security
account
advanced_search
advanced_search
announcement
api_login
authentication
awaiting feedback
blocker
bug
bug
bug
calendar
config
contacts
core
core
devops
docker
docs
duplicate
dynamic_login
enhancement
epic
feature
feeds
framework
github
github
gmail_contacts
good first issue
help wanted
history
history
imap
imap_folders
inline_message
installation
keyboard_shortcuts
keyboard_shortcuts
ldap_contacts
mobile
need-ssh-access
new module set
nux
pop3
profiles
pull-request
question
refactor
release
research
saved_searches
smtp
strategic
tags
tests
themes
website
wordpress
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/cypht#382
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @basaran on GitHub (Jun 1, 2021).
Original GitHub issue: https://github.com/cypht-org/cypht/issues/485
Originally assigned to: @IrAlfred on GitHub.
🚀 Feature
Various packaged MTA distributions (such as mailcow) are set to use the latest and the greatest TLS.
Such an entry would be set through dovecot as:
Design, Layout, Architecture
In the long run, IMAP handler module should try establishing different versions, from the latest to least before returning an error.
Also, the returned error should be more descriptive.
modules/imap/handler_modules.php:
In the shortrun, a setting can be added to the
add serverdialog, and let the user to choose the TLS version.P.S Thank you for cypth, it's great.
@jasonmunro commented on GitHub (Jun 8, 2021):
This has come up before and I agree we should get it done. I think maybe we should skip right to auto-determination as most folks will have no idea what to choose. Authentication errors are intentionally vague for obvious reasons, but I admit this is a PITA to troubleshoot.
@basaran commented on GitHub (Jun 8, 2021):
if you would like and you don't think you can do it sooner, I will be happy to be assigned this task. I'm hoping to have an opening next month.
@jasonmunro commented on GitHub (Jun 8, 2021):
I would love your help with this, thanks for the offer! I have a ton of other stuff to work on so I will absolutely accept your offer to help. Let me know if you have questions or run into problems.
@jgrossophoff commented on GitHub (Sep 3, 2021):
Is there a quick workaround for this using the sailfrog Docker image? My email provider turned off TLS support for anything below v1.2 altogether so I'm sadly forced to change my email client if there is none.
@Joshndroid commented on GitHub (Apr 24, 2022):
I have a feeling this is what is causing me issues on a fresh install with my email hoster..... i keep getting the generic message about username/password, yet it is correct.... Any updates on this?... kinda a show stopper otherwise
@marclaporte commented on GitHub (Jul 31, 2022):
@basaran We need you :-)
@marclaporte commented on GitHub (May 7, 2024):
@basaran
Please retest, as a lot has changed since you reported this issue. Notably, we now have 3 active branches and recently released Cypht 2.0.0
@marclaporte commented on GitHub (Sep 28, 2024):
@basaran
Last call :-)
Please test latest stable:
https://github.com/cypht-org/cypht/releases/
@IrAlfred commented on GitHub (Feb 10, 2026):
Already implemented here https://github.com/cypht-org/cypht/pull/1732
The current implementation in get_tls_stream_type() already handles TLS version negotiation automatically by enabling all available TLS versions (1.1 through 1.3) that the PHP/OpenSSL installation supports. This allows the client and server to negotiate the highest mutually supported version during the TLS handshake. I think this is fine.