Skip to content

Commit

Permalink
🚧 update default_ssl_and_port ... WIP
Browse files Browse the repository at this point in the history
  • Loading branch information
nevans committed Nov 8, 2024
1 parent 25199dd commit 272a3a5
Show file tree
Hide file tree
Showing 2 changed files with 82 additions and 15 deletions.
79 changes: 64 additions & 15 deletions lib/net/imap.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2903,26 +2903,75 @@ def remove_response_handler(handler)
SSL_PORT = 993 # :nodoc:

def default_ssl_and_port(tls, port)
if tls.nil? && port
tls = true if port == SSL_PORT || /\Aimaps\z/i === port
tls = false if port == PORT
elsif port.nil? && !tls.nil?
port = tls ? SSL_PORT : PORT
end
if tls.nil? && port.nil?
tls = config.default_tls.dup.freeze
port = tls ? SSL_PORT : PORT
if tls.nil?
warn "A future version of Net::IMAP::Config#default_tls " \
"will default to 'true', for secure connections by default. " \
"Use 'Net::IMAP.new(host, ssl: false)' or " \
"Net::IMAP.config.default_tls = false' to silence this warning."
end
case [tls && true, classify_port(port)]
in true, nil then return tls, SSL_PORT
in false, nil then return tls, PORT
in nil, :tls then return true, port
in nil, :plain then return false, port
in nil, nil then return use_default_ssl
in true, :tls | :other then return tls, port
in false, :plain | :other then return tls, port
in true, :plain then return warn_mismatched_port tls, port
in false, :tls then return warn_mismatched_port tls, port
in nil, :other then return warn_nonstandard_port port
end
# TODO: move this wherever is appropriate
tls &&= tls.respond_to?(:to_hash) ? tls.to_hash : {}
end

# classify_port(port) -> :tls | :plain | :other | nil
def classify_port(port)
case port
in (SSL_PORT | /\Aimaps\z/i) then :tls
in (PORT | /\Aimap\z/i) then :plain
in (Integer | String) then :other
in nil then nil
end
end

def warn_mismatched_port(tls, port)
if tls
warn "Using TLS on plaintext IMAP port"
else
warn "Using plaintext on TLS IMAP port"
end
[tls, port]
end

def warn_nonstandard_port(port)
tls = !!config.default_ssl
if config.warn_nonstandard_port_without_ssl
warn "Using #{tls ? "TLS" : "plaintext"} on port #{port}. " \
"Set ssl explicitly for non-standard IMAP ports."
end
# TODO: print default_ssl warning
[tls, port]
end

TLS_DEFAULT_WARNING =
"Net::IMAP.config.default_ssl will default to true in the future. " \
"To silence this warning, " \
"set Net::IMAP.config.default_ssl = (true | false)' or " \
"use 'Net::IMAP.new(host, ssl: (true | false))'."
private_constant :TLS_DEFAULT_WARNING

def use_default_ssl
case config.default_ssl
when true then [true, SSL_PORT]
when false then [false, PORT]
when :warn
warn TLS_DEFAULT_WARNING unless port
port ||= SSL_PORT
warn "Using TLS on port #{port}."
[true, port]
when nil
warn TLS_DEFAULT_WARNING unless port
port ||= PORT
warn "Using plain-text on port #{port}."
[false, port]
end
end

def start_imap_connection
@greeting = get_server_greeting
@capabilities = capabilities_from_resp_code @greeting
Expand Down
18 changes: 18 additions & 0 deletions lib/net/imap/config.rb
Original file line number Diff line number Diff line change
Expand Up @@ -236,6 +236,22 @@ def self.[](config)
# with no params.
attr_accessor :default_ssl, type: [false, nil, :warn, true]

# Whether to warn for using default_ssl when the port is non-standard.
#
# Although default_ssl is used for non-standard ports, this warning is
# different replaces the warning when default_ssl is +nil+ or +:warn+.
# When this option is false but default_ssl is +nil+ or +:warn+, that
# warning will be printed instead.
#
# ==== Valid options
#
# [+false+ <em>(original behavior)</em>]
# Don't print a special warning for nonstandard ports without explicit
# +ssl+.
# [+true+ <em>(eventual future default)</em>]
# Print a special warning for nonstandard ports without explicit +ssl+.
attr_accessor :warn_nonstandard_port_without_ssl, type: :boolean

# Whether to use the +SASL-IR+ extension when the server and \SASL
# mechanism both support it. Can be overridden by the +sasl_ir+ keyword
# parameter to Net::IMAP#authenticate.
Expand Down Expand Up @@ -392,6 +408,7 @@ def defaults_hash
open_timeout: 30,
idle_response_timeout: 5,
default_ssl: false,
warn_nonstandard_port_without_ssl: false,
sasl_ir: true,
enforce_logindisabled: true,
responses_without_block: :warn,
Expand Down Expand Up @@ -430,6 +447,7 @@ def defaults_hash

version_defaults[:future] = Config[0.7].dup.update(
default_ssl: true,
warn_nonstandard_port_without_ssl: true,
).freeze

version_defaults.freeze
Expand Down

0 comments on commit 272a3a5

Please sign in to comment.