On Fri, 15 Sep 2017, Dan Lukes wrote:
Andrew Daviel wrote:
I have panda-imap running on CentOS 7 with xinetd.
We wanted to implement it using a systemd service instead
The server appears to work on port 143 with STARTTLS (or notls)
But on port 993 it responds with plaintext.
Well, I have no experience with Panda, but I assume the behavior is the same
as in UW. Also, no experience with xinetd, but i assume the "standard"
behavior of inetd.
The critical part of SSL setup is program name (e.g. value of argv[0] passed
into main() function of imapd/pop3d).
inetd pass apropriate /etc/service name here (e.g. imap for port 143, imaps
for 993).
It must not be null or ssl will not be started.
It should be imaps to mimic inetd behavior (which will put imapsd here).
If systemd will supply something else here, the file with SSL's
key&certificate needs to be renamed accordingly.
Dan
That is part of the picture (UW/panda imapd does use the arv[0] name to
determine the correct SSL certificate to use once it has decided to initiate a
SSL session.
However it needs to decide to initiate a SSL session to beging with and that is
done thru the logic in server_init based upon the connection addr info.
That's the first hurdle.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
_______________________________________________
Imap-uw mailing list
Imap-uw@u.washington.edu
http://mailman13.u.washington.edu/mailman/listinfo/imap-uw
