From: Ken Hornstein Date: Fri, 23 Sep 2016 03:27:36 +0000 (-0400) Subject: Garbage collect the saslmaxssf flag, and update documentation for X-Git-Url: https://diplodocus.org/git/nmh/commitdiff_plain/44c4b1b168d0ac7c860f91495c423f425e8a87d9?ds=inline;hp=-c Garbage collect the saslmaxssf flag, and update documentation for new -initialtls flag and -notls flags for inc. --- 44c4b1b168d0ac7c860f91495c423f425e8a87d9 diff --git a/man/inc.man b/man/inc.man index b8a92454..c6e56184 100644 --- a/man/inc.man +++ b/man/inc.man @@ -39,6 +39,8 @@ inc \- incorporate new mail .IR mechanism ] .RB [ \-authservice .IR service ] +.RB [ \-initialtls ] +.RB [ \-notls ] .RB [ \-snoop ] .RB [ \-version ] .RB [ \-help ] @@ -276,8 +278,10 @@ for its other features. If .B nmh has been compiled with OAuth support, the +.B \-sasl +and .B \-saslmech xoauth2 -switch will enable OAuth authentication. The +switches will enable OAuth authentication. The .B \-user switch must be used, and the .I user-name @@ -291,10 +295,21 @@ and grant authorization to that account. See the .B mhlogin man page for more details. .PP -Gmail only supports POP3 over TLS, but -.B inc -has no TLS support. To work around this, use something like -.B -proxy 'openssl s_client -connect %h:995 -CAfile /etc/ssl/certs/ca-certificates.crt -quiet' +If +.B nmh +has been compiled with TLS support, the +.B \-initialtls +switch will require the negotiation of TLS when connecting +to the remote POP server. The +.B \-initialtls +switch will negotiate TLS immediately after the connection has taken place, +before any POP commands are sent or received. Data encrypted by TLS is +labeled `(tls-encrypted)' and `(tls-decrypted)` with viewing the POP +transaction with the +.B \-snoop +switch. The +.B \-notls +switch will disable all attempts to negotiate TLS. .SH FILES .PD 0 .TP 20 diff --git a/man/post.man b/man/post.man index 1023676a..55d63b89 100644 --- a/man/post.man +++ b/man/post.man @@ -32,8 +32,6 @@ post \- deliver a message .IR portname/number ] .RB [ \-sasl ] .RB [ \-nosasl ] -.RB [ \-saslmaxssf -.IR ssf ] .RB [ \-saslmech .IR mechanism ] .RB [ \-user @@ -236,11 +234,6 @@ switch. Base64-encoded data is wrapped with `b64<>'. (Beware that the SMTP transaction may contain authentication information either in plaintext or easily decoded base64.) -The -.B \-saslmaxssf -switch can be used to select the maximum value of the Security Strength Factor. -This is an integer value and the exact meaning of this value depends on the -underlying SASL mechanism. A value of 0 disables encryption. .PP If .B nmh diff --git a/man/send.man b/man/send.man index 680f1d46..5a2f3139 100644 --- a/man/send.man +++ b/man/send.man @@ -40,8 +40,6 @@ send \- send a message .IR port-name/number ] .RB [ \-sasl ] .RB [ \-nosasl ] -.RB [ \-saslmaxssf -.IR ssf ] .RB [ \-saslmech .IR mechanism ] .RB [ \-authservice @@ -427,17 +425,14 @@ switch; see the man page description of .B \-snoop for its other features. -The -.B \-saslmaxssf -switch can be used to select the maximum value of the Security Strength Factor. -This is an integer value and the exact meaning of this value depends on the -underlying SASL mechanism. A value of 0 disables encryption. .PP If .B nmh has been compiled with OAuth support, the +.B \-sasl +and .B \-saslmech xoauth2 -switch will enable OAuth authentication. The +switches will enable OAuth authentication. The .B \-user switch must be used, and the .I user-name @@ -448,7 +443,7 @@ be specified with the switch. Before using this, the user must authorize nmh by running .B mhlogin and grant authorization to that account. See the -.B mhlogin +.IR mhlogin (1) man page for more details. .PP If diff --git a/man/whom.man b/man/whom.man index cbad25f5..2e992e77 100644 --- a/man/whom.man +++ b/man/whom.man @@ -29,6 +29,7 @@ whom \- report to whom a message would go .RB [ \-user .IR username ] .RB [ \-tls ] +.RB [ \-initialtls ] .RB [ \-notls ] .RI [ file ] .RB [ \-draft ] @@ -106,16 +107,13 @@ switch; see the .B post man page description of .B \-snoop -for its other features. The -.B \-saslmaxssf -switch can be used to select the maximum value of the Security Strength Factor. -This is an integer value and the exact meaning of this value depends on the -underlying SASL mechanism. A value of 0 disables encryption. +for its other features. .PP If .B nmh has been compiled with TLS support, the -.B \-tls +.BR \-tls , +.BR \-initialtls , and .B \-notls switches will require and disable the negotiation of TLS support when connecting to the @@ -126,7 +124,7 @@ switch; see the .B post man page description of .B \-snoop -for its other features. +and the TLS flags for more details. .PP The files specified by the profile entry \*(lqAliasfile:\*(rq and any additional alias files given by the diff --git a/uip/inc.c b/uip/inc.c index 61d7ea9b..565163cb 100644 --- a/uip/inc.c +++ b/uip/inc.c @@ -80,7 +80,7 @@ X("nosasl", SASLminc(3), NOSASLSW) \ X("saslmech", SASLminc(5), SASLMECHSW) \ X("initialtls", TLSminc(-10), INITTLSSW) \ - X("noinitialtls", TLSminc(-12), NOINITTLSSW) \ + X("notls", TLSminc(-12), NOTLSSW) \ X("authservice", SASLminc(0), AUTHSERVICESW) \ X("proxy command", 0, PROXYSW) \ @@ -366,7 +366,7 @@ main (int argc, char **argv) tls++; continue; - case NOINITTLSSW: + case NOTTLSSW: tls = 0; continue; diff --git a/uip/send.c b/uip/send.c index 5dcdce0e..4a6e0399 100644 --- a/uip/send.c +++ b/uip/send.c @@ -63,7 +63,6 @@ X("snoop", 5, SNOOPSW) \ X("sasl", SASLminc(4), SASLSW) \ X("nosasl", SASLminc(6), NOSASLSW) \ - X("saslmaxssf", SASLminc(6), SASLMXSSFSW) \ X("saslmech mechanism", SASLminc(6), SASLMECHSW) \ X("authservice", SASLminc(0), AUTHSERVICESW) \ X("user username", SASLminc(-4), USERSW) \ @@ -287,7 +286,6 @@ main (int argc, char **argv) case WIDTHSW: case CLIESW: case SERVSW: - case SASLMXSSFSW: case PORTSW: case MTSSM: case MTSSW: diff --git a/uip/whatnowsbr.c b/uip/whatnowsbr.c index 03c0bbba..8498f92c 100644 --- a/uip/whatnowsbr.c +++ b/uip/whatnowsbr.c @@ -947,7 +947,6 @@ buildfile (char **argp, char *file) X("nodraftfolder", -3, SNDRFSW) \ X("sasl", SASLminc(4), SASLSW) \ X("nosasl", SASLminc(6), NOSASLSW) \ - X("saslmaxssf", SASLminc(10), SASLMXSSFSW) \ X("saslmech", SASLminc(5), SASLMECHSW) \ X("authservice", SASLminc(0), AUTHSERVICESW) \ X("user username", SASLminc(4), USERSW) \ @@ -1165,7 +1164,6 @@ sendit (char *sp, char **arg, char *file, int pushed) case WIDTHSW: case CLIESW: case SERVSW: - case SASLMXSSFSW: case USERSW: case PORTSW: case MTSSM: