[iso-core] Allow self-signed certificates in IMAP connections to non-major providers

Summary: Unfortunately, many IMAP hosts outside the major ones do not have certificates issued by a certificate authority, and it is very confusing to folks to have their account auth not work. This patch relaxes our certificate requirements for IMAP hosts outside the major providers. It's cool that node 6 has secure TLS settings by default! Fixes: T7673 Test Plan: manual Reviewers: mark, juan Reviewed By: juan Differential Revision: https://phab.nylas.com/D3771
2025-09-04 11:44:47 +08:00 · 2017-01-24 12:29:05 -08:00 · 2017-01-24 12:29:05 -08:00 · 6f25c1de34
commit 6f25c1de34
parent d0bbb1663e
2 changed files with 21 additions and 8 deletions
--- a/packages/isomorphic-core/package.json
+++ b/packages/isomorphic-core/package.json
@ -5,6 +5,7 @@
  "main": "index.js",
  "dependencies": {
    "imap": "0.8.18",
+    "imap-provider-settings": "nylas/imap-provider-settings",
    "joi": "8.4.2",
    "nodemailer": "2.5.0",
    "promise-props": "1.0.0",
--- a/packages/isomorphic-core/src/imap-connection.es6
+++ b/packages/isomorphic-core/src/imap-connection.es6
@ -1,16 +1,25 @@
-const Imap = require('imap');
-const _ = require('underscore');
-const xoauth2 = require('xoauth2');
-const EventEmitter = require('events');
+import Imap from 'imap';
+import _ from 'underscore';
+import xoauth2 from 'xoauth2';
+import EventEmitter from 'events';

-const PromiseUtils = require('./promise-utils')
-const IMAPBox = require('./imap-box');
-const {
+import CommonProviderSettings from 'imap-provider-settings';
+
+import PromiseUtils from './promise-utils';
+import IMAPBox from './imap-box';
+
+import {
  convertImapError,
  IMAPConnectionTimeoutError,
  IMAPConnectionNotReadyError,
  IMAPConnectionEndedError,
-} = require('./imap-errors');
+} from './imap-errors';
+
+const MAJOR_IMAP_PROVIDER_HOSTS = Object.keys(CommonProviderSettings).reduce(
+  (hostnameSet, key) => {
+    hostnameSet.add(CommonProviderSettings[key].imap_host);
+    return hostnameSet;
+  }, new Set())

 const Capabilities = {
  Gmail: 'X-GM-EXT-1',
@ -87,6 +96,9 @@ class IMAPConnection extends EventEmitter {
      socketTimeout: this._settings.socketTimeout || SOCKET_TIMEOUT_MS,
      authTimeout: this._settings.authTimeout || AUTH_TIMEOUT_MS,
    }
+    if (!MAJOR_IMAP_PROVIDER_HOSTS.has(result.host)) {
+      result.tlsOptions = { rejectUnauthorized: false };
+    }

    if (process.env.NYLAS_DEBUG) {
      result.debug = console.log;