From d2438807530815a57d3d73ce44a037a8556347e4 Mon Sep 17 00:00:00 2001 From: James Houlahan Date: Tue, 13 Apr 2021 17:30:54 +0200 Subject: [PATCH] Other: stop rejecting old TLS versions --- internal/config/tls/tls.go | 2 +- internal/frontend/autoconfig/applemail.go | 2 +- pkg/keychain/helper_darwin.go | 5 +---- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/internal/config/tls/tls.go b/internal/config/tls/tls.go index 6df2e981..7ecf911d 100644 --- a/internal/config/tls/tls.go +++ b/internal/config/tls/tls.go @@ -144,12 +144,12 @@ func (t *TLS) GetConfig() (*tls.Config, error) { caCertPool := x509.NewCertPool() caCertPool.AddCert(c.Leaf) + // nolint[gosec]: We need to support older TLS versions for AppleMail and Outlook. return &tls.Config{ Certificates: []tls.Certificate{c}, ServerName: "127.0.0.1", ClientAuth: tls.VerifyClientCertIfGiven, RootCAs: caCertPool, ClientCAs: caCertPool, - MinVersion: tls.VersionTLS13, // gosec G402 }, nil } diff --git a/internal/frontend/autoconfig/applemail.go b/internal/frontend/autoconfig/applemail.go index 9184843c..022d8734 100644 --- a/internal/frontend/autoconfig/applemail.go +++ b/internal/frontend/autoconfig/applemail.go @@ -93,7 +93,7 @@ func (c *appleMail) Configure(imapPort, smtpPort int, imapSSL, smtpSSL bool, use })() // Make sure the file is only readable for the current user. - f, err := os.OpenFile(filepath.Join(dir, "protonmail.mobileconfig"), os.O_RDWR|os.O_CREATE, 0600) + f, err := os.OpenFile(filepath.Clean(filepath.Join(dir, "protonmail.mobileconfig")), os.O_RDWR|os.O_CREATE, 0600) if err != nil { return err } diff --git a/pkg/keychain/helper_darwin.go b/pkg/keychain/helper_darwin.go index f58468f6..fb39725a 100644 --- a/pkg/keychain/helper_darwin.go +++ b/pkg/keychain/helper_darwin.go @@ -86,11 +86,8 @@ func (h *macOSHelper) Delete(secretURL string) error { } query := newQuery(hostURL, userID) - if err := keychain.DeleteItem(query); err != nil { - return err - } - return nil + return keychain.DeleteItem(query) } func (h *macOSHelper) Get(secretURL string) (string, string, error) {