libetpan needs to be built with gnutls (to allow claws-mail to connect to servers over TLS)

[AlexanderAA]

• ran brew update and can still reproduce the problem?
• ran brew doctor, fixed all issues and can still reproduce the problem?
• ran brew gist-logs (where is the name of the formula that failed) and included the output link?
• if brew gist-logs didn't work: ran brew config and brew doctor and included their output with your issue?

libetpan needs to be built with gnutls - for example, to allow claws-mail to use TLS connections.

What you were trying to do (and why)

brew install claws-mail

What happened (include command output)

The command above completed successfully.

Claws mail started successfully but is unable to fetch mail and reports SSL handhake errors in the network log.

What you expected to happen

Claws mail to fetch mail over TLS.

Step-by-step reproduction instructions (by running brew install commands)

brew install claws-mail

Proposed fix

Rebuilding libetpan with gnutls (./autogen.sh --with-gnutls --with-openssl --with-sasl --prefix=/usr/local && make) and then rebuilding claws-mail from source (brew -v reinstall -d --build-from-source claws-mail) resolved the issue.

[alebcay]

Do you have a way to easily test whether or not TLS is working within claws-mail? Just so that we can test/verify that the issue is indeed resolved.

[AlexanderAA]

1. Create a new account in Claws-mail:

   • Protocol: IMAP
   • Server for receiving: 127.0.0.1
   • Mail address and user id: any
   • SSL/TLS: "Use SSL/TLS"
   • Advanced -> Imap port: 993.

2. brew install nmap

3. ncat -lvnp 993 --ssl

4. Fetch mail

If claws-mail supports TLS connections (SUCCESS), it will display a dialog with certificate details titled "SSL/TLS certificate is invalid" (invalid because ncat --ssl generates a self-signed certificate, not trusted by claws-mail)

If claws-mail does not support TLS (FAIL), it will only produce "SSL handshake error" messages in the log.

An alternative to the above will be to fetch mail from any public email service over SSL/TLS.

[alebcay]

Thanks, I was able to confirm the issue that you're describing here. We currently build libetpan with the instructions for macOS/iOS provided on their README (with xcodebuild instead of autotools/make), presumably because we also want to ship the macOS/iOS framework.

Is there any way to enable SSL/TLS support when building for macOS/iOS specifically? Or rather (to other maintainers, I guess) - are we set on shipping the framework and sticking with macOS/iOS build steps or is switching to the more traditional Unix build steps an option?

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

[AlexanderAA]

Stale bot closed this issue too early.

[AlexanderAA]

@alebcay would you able to reopen this please?

[alebcay]

We usually only keep issues open if they're in progress - this keeps the active issues relatively clean and provides a clear view of what issues are actually being worked on.