mirror of
https://github.com/imapsync/imapsync.git
synced 2025-06-11 07:04:36 +02:00
21 lines
749 B
Text
21 lines
749 B
Text
#!/bin/cat
|
|
# $Id: FAQ.Security.txt,v 1.1 2015/10/21 14:18:27 gilles Exp gilles $
|
|
|
|
======================================================================
|
|
Imapsync. Security issues and solutions
|
|
======================================================================
|
|
|
|
|
|
======================================================================
|
|
Q. Imapsync used to use SSL_VERIFY_PEER now it uses SSL_VERIFY_NONE.
|
|
How can I change this back to the more secure SSL_VERIFY_PEER?
|
|
|
|
|
|
R1. In function "sub set_ssl", replace
|
|
IO::Socket::SSL::SSL_VERIFY_NONE()
|
|
by
|
|
IO::Socket::SSL::SSL_VERIFY_PEER()
|
|
|
|
|
|
C1. Don't do this in function "sub set_tls" since it won't work by principle,
|
|
tls is done AFTER the application level connexion is established
|