case-insensitive check of SSL fingerprints (Daniel Richard G.) - fetchmail - [fork] set imap idle timeout to 600s, some servers don't follow rfc recommendations

diff options

author	Matthias Andree <matthias.andree@gmx.de>	2009-01-22 12:11:16 +0000
committer	Matthias Andree <matthias.andree@gmx.de>	2009-01-22 12:11:16 +0000
commit	4691082c9b0659476e919bd7a8a30ec1b5537a7c (patch)
tree	7af723caa9b77b25c8819f42f8432d777e5824dc /contrib/gotmail.conf
parent	af7d73c7ab76ad81fed78b7f5c024daf1af87d9d (diff)
download	fetchmail-4691082c9b0659476e919bd7a8a30ec1b5537a7c.tar.gz fetchmail-4691082c9b0659476e919bd7a8a30ec1b5537a7c.tar.bz2 fetchmail-4691082c9b0659476e919bd7a8a30ec1b5537a7c.zip

case-insensitive check of SSL fingerprints (Daniel Richard G.)

Daniel Richard G. writes: | I was clearing out an old Fetchmail SVN checkout I had lying around | here, and came across one small change that I forgot to send in. | | In socket.c, there's a bit of code that compares SSL certificate | fingerprints: [...] | | That strcmp() call should be an strcasecmp(). At one point, I | encountered a certificate where the fingerprint's hex digits were in a | different case than what was expected, and the connection attempt failed | because of that. Not exactly what you'd call a potential MitM attack | :-) He's right, we can compare case-insensitively without sacrificing fetchmail's security, so let's just do that for the sake of ease of use. svn path=/branches/BRANCH_6-3/; revision=5262

Diffstat (limited to 'contrib/gotmail.conf')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: