Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support Server Name Indication (SNI) #3296

Closed
kingqueen3065 opened this issue Apr 2, 2018 · 0 comments

Comments

Projects
None yet
1 participant
@kingqueen3065
Copy link

commented Apr 2, 2018

Expected behavior

K-9 should use Server Name Indication to send the name of the server it is connecting to, so the server knows to send the correct certificate. So when I connect to mail.kingqueen.org.uk, K-9 tells the server it is connecting to mail.kingqueen.org.uk and the server then sends K-9 the SSL certificate for mail.kingqueen.org.uk. (The server serves as the MX for multiple domains, all on the same IP.)

Actual behavior

K-9 appears to not supply the server name. The server therefore reverts to its default certificate and supplies the certificate for server3.pcs-net.com. K-9 then advises that the certificate does not match the server name, unless I change the server set in K-9 from mail.kingqueen.org.uk to server3.pcs-net.com or manually accept the certificate in K-9.

Steps to reproduce

Attempt to send or retrieve mail over TLS using a FQDN hosted on a server that uses SNI to support multiple domain names.

Given depletion of IPv4 addresses, this issue is likely to affect more users over time.

I see references to SNI in the source code in two places, but they don't appear to relate to K-9's use of such for mail transfer and I couldn't find any reference to SNI in Github issues.

Environment

K-9 Mail version 5.403

Android version: 7.1.1

Account type (IMAP, POP3, WebDAV/Exchange):
POP3 and SMTP over TLS to a server using SNI

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.