Actually, SSL/TLS isn't even enabled in accountd (nor in the accountd
client code in prayer-session) and in fact requires some patching to get
working.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/137
Although ... I forgot that Prayer uses the UW IMAP C client library to
connect to the IMAP server. That library does verify the server name
against the certificate subject name(s). Only the connections to prayer-
accountd are insecure, which I guess is all you said to begin with.
accountd is even l
** Changed in: prayer (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1374731
Title:
X509 certificate verification problem
To manage notifications about this
Thanks Magnus, we are glad to hear that.
2014-10-17 4:04 GMT+08:00 Magnus Holmgren :
> You're right, the client code doesn't seem to verify certificates,
> making TLS mostly pointless. However, traffic between prayer/prayer-
> session, prayer-accountd, and the backend LDAP server typically is ove
You're right, the client code doesn't seem to verify certificates,
making TLS mostly pointless. However, traffic between prayer/prayer-
session, prayer-accountd, and the backend LDAP server typically is over
the loopback interface or at least a trusted LAN, not over the public
Internet, making the
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1374731
Title:
X509 certificate verification problem
To manage notifications about this bug
