* Create /starttls as a synonym of /tls. Update the documentation to use

    /starttls instead of /tls. This should cause less confusion in Alpine users
    in the future.

5 files changed, 21 insertions, 17 deletions

diff --git a/imap/docs/naming.txt b/imap/docs/naming.txt
index b0b484a..6c06a9c 100644
--- a/imap/docs/naming.txt
+++ b/imap/docs/naming.txt
@@ -110,13 +110,17 @@ where:
 			 default behavior)
   "/novalidate-cert"	do not validate certificates from TLS/SSL server,
 			 needed if server uses self-signed certificates
-  "/tls"		force use of start-TLS to encrypt the session, and
+  "/starttls"		force use of start-TLS to encrypt the session, and
 			 reject connection to servers that do not support it
+  "/tls1"		force use of TLSv1, fail if not possible.
+  "/tls1_1"		force use of TLSv1.1, fail if not possible.
+  "/tls1_2"		force use of TLSv1.2, fail if not possible.
+  "/tls1_3"		force use of TLSv1.3, fail if not possible.
   "/tls-sslv23"		use the depreciated SSLv23 client when negotiating
 			 TLS to the server.  This is necessary with some
 			 broken servers which (incorrectly) think that TLS
 			 is just another way of doing SSL.
-  "/notls"		do not do start-TLS to encrypt the session, even
+  "/nostarttls"		do not do start-TLS to encrypt the session, even
 			 with servers that support it
   "/readonly"		request read-only mailbox open (IMAP only; ignored
 			 on NNTP, and an error with SMTP and POP3)
diff --git a/imap/src/c-client/imap4r1.c b/imap/src/c-client/imap4r1.c
index 43e5398..a41973b 100644
--- a/imap/src/c-client/imap4r1.c
+++ b/imap/src/c-client/imap4r1.c
@@ -852,7 +852,7 @@ MAILSTREAM *imap_open (MAILSTREAM *stream)
     /* IMAP connection open logic is more complex than net_open() normally
      * deals with, because of the simap and rimap hacks.
      * If the session is anonymous, a specific port is given, or if /ssl or
-     * /tls is set, do net_open() since those conditions override everything
+     * /starttls is set, do net_open() since those conditions override everything
      * else.
      */
     if (stream->anonymous || mb.port || mb.sslflag || mb.tlsflag)
@@ -911,7 +911,7 @@ MAILSTREAM *imap_open (MAILSTREAM *stream)
 				/* get capabilities now that TLS in effect */
 	if (LOCAL->netstream) imap_capability (stream);
       }
-      else if (mb.tlsflag) {	/* user specified /tls but can't do it */
+      else if (mb.tlsflag) {	/* user specified /starttls but can't do it */
 	mm_log ("Unable to negotiate TLS with this server",ERROR);
 	return NIL;
       }
@@ -975,13 +975,13 @@ MAILSTREAM *imap_open (MAILSTREAM *stream)
     if (!((i = net_port (LOCAL->netstream)) & 0xffff0000))
       sprintf (tmp + strlen (tmp),":%lu",i);
     strcat (tmp,"/imap");
-    if (LOCAL->tlsflag) strcat (tmp,"/tls");
+    if (LOCAL->tlsflag) strcat (tmp,"/starttls");
     if (LOCAL->tls1) strcat (tmp,"/tls1");
     if (LOCAL->tls1_1) strcat (tmp,"/tls1_1");
     if (LOCAL->tls1_2) strcat (tmp,"/tls1_2");
     if (LOCAL->tls1_3) strcat (tmp,"/tls1_3");
     if (LOCAL->tlssslv23) strcat (tmp,"/tls-sslv23");
-    if (LOCAL->notlsflag) strcat (tmp,"/notls");
+    if (LOCAL->notlsflag) strcat (tmp,"/nostarttls");
     if (LOCAL->sslflag) strcat (tmp,"/ssl");
     if (LOCAL->novalidate) strcat (tmp,"/novalidate-cert");
     if (LOCAL->loser) strcat (tmp,"/loser");
diff --git a/imap/src/c-client/mail.c b/imap/src/c-client/mail.c
index e591a52..90020d5 100644
--- a/imap/src/c-client/mail.c
+++ b/imap/src/c-client/mail.c
@@ -847,11 +847,11 @@ long mail_valid_net_parse_work (char *name,NETMBX *mb,char *service)
 	else if (!compare_cstring (s,"secure")) mb->secflag = T;
 	else if (!compare_cstring (s,"norsh")) mb->norsh = T;
 	else if (!compare_cstring (s,"loser")) mb->loser = T;
-	else if (!compare_cstring (s,"tls") && !mb->notlsflag)
+	else if ((!compare_cstring (s,"starttls") || !compare_cstring (s,"tls")) && !mb->notlsflag)
 	  mb->tlsflag = T;
 	else if (!compare_cstring (s,"tls-sslv23") && !mb->notlsflag)
 	  mb->tlssslv23 = mb->tlsflag = T;
-	else if (!compare_cstring (s,"notls") && !mb->tlsflag)
+	else if ((!compare_cstring (s,"notls") || !compare_cstring(s,"nostarttls")) && !mb->tlsflag)
 	  mb->notlsflag = T;
 	else if (!compare_cstring (s,"tryssl"))
 	  mb->trysslflag = mailssldriver? T : NIL;
@@ -1274,7 +1274,7 @@ MAILSTREAM *mail_open (MAILSTREAM *stream,char *name,long options)
 	if (mb.user[0]) sprintf (tmp + strlen (tmp),"/user=%.64s",mb.user);
 	if (mb.dbgflag) strcat (tmp,"/debug");
 	if (mb.secflag) strcat (tmp,"/secure");
-	if (mb.tlsflag) strcat (tmp,"/tls");
+	if (mb.tlsflag) strcat (tmp,"/starttls");
 	if (mb.notlsflag) strcat (tmp,"/notls");
 	if (mb.sslflag) strcat (tmp,"/ssl");
 	if (mb.tls1) strcat (tmp,"/tls1");
diff --git a/imap/src/c-client/nntp.c b/imap/src/c-client/nntp.c
index bce7c63..a46a5bd 100644
--- a/imap/src/c-client/nntp.c
+++ b/imap/src/c-client/nntp.c
@@ -688,9 +688,9 @@ MAILSTREAM *nntp_mopen (MAILSTREAM *stream)
     hostlist[0] = strcpy (tmp,mb.host);
     if (mb.port || nntp_port)
       sprintf (tmp + strlen (tmp),":%lu",mb.port ? mb.port : nntp_port);
-    if (mb.tlsflag) strcat (tmp,"/tls");
+    if (mb.tlsflag) strcat (tmp,"/starttls");
     if (mb.tlssslv23) strcat (tmp,"/tls-sslv23");
-    if (mb.notlsflag) strcat (tmp,"/notls");
+    if (mb.notlsflag) strcat (tmp,"/nostarttls");
     if (mb.sslflag) strcat (tmp,"/ssl");
     if (mb.tls1) strcat (tmp,"/tls1");
     if (mb.tls1_1) strcat (tmp,"/tls1_1");
@@ -761,9 +761,9 @@ MAILSTREAM *nntp_mopen (MAILSTREAM *stream)
   sprintf (tmp,"{%s:%lu/nntp",(long) mail_parameters (NIL,GET_TRUSTDNS,NIL) ?
 	   net_host (nstream->netstream) : mb.host,
 	   net_port (nstream->netstream));
-  if (LOCAL->tlsflag) strcat (tmp,"/tls");
+  if (LOCAL->tlsflag) strcat (tmp,"/starttls");
   if (LOCAL->tlssslv23) strcat (tmp,"/tls-sslv23");
-  if (LOCAL->notlsflag) strcat (tmp,"/notls");
+  if (LOCAL->notlsflag) strcat (tmp,"/nostarttls");
   if (LOCAL->sslflag) strcat (tmp,"/ssl");
   if (LOCAL->tls1) strcat (tmp,"/tls1");
   if (LOCAL->tls1_1) strcat (tmp,"/tls1_1");
@@ -1752,7 +1752,7 @@ SENDSTREAM *nntp_open_full (NETDRIVER *dv,char **hostlist,char *service,
       stream = nntp_close (stream);
     }
   }
-  else if (mb.tlsflag) {	/* user specified /tls but can't do it */
+  else if (mb.tlsflag) {	/* user specified /starttls but can't do it */
     mm_log ("Unable to negotiate TLS with this server",ERROR);
     return NIL;
   }
diff --git a/imap/src/c-client/pop3.c b/imap/src/c-client/pop3.c
index 6f69a40..b5b5148 100644
--- a/imap/src/c-client/pop3.c
+++ b/imap/src/c-client/pop3.c
@@ -420,13 +420,13 @@ MAILSTREAM *pop3_open (MAILSTREAM *stream)
 	       (long) mail_parameters (NIL,GET_TRUSTDNS,NIL) ?
 	       net_host (LOCAL->netstream) : mb.host,
 	       net_port (LOCAL->netstream));
-      if (mb.tlsflag) strcat (tmp,"/tls");
+      if (mb.tlsflag) strcat (tmp,"/starttls");
       if (mb.tlssslv23) strcat (tmp,"/tls-sslv23");
       if (mb.tls1) strcat (tmp,"/tls1");
       if (mb.tls1_1) strcat (tmp,"/tls1_1");
       if (mb.tls1_2) strcat (tmp,"/tls1_2");
       if (mb.tls1_3) strcat (tmp,"/tls1_3");
-      if (mb.notlsflag) strcat (tmp,"/notls");
+      if (mb.notlsflag) strcat (tmp,"/nostarttls");
       if (mb.sslflag) strcat (tmp,"/ssl");
       if (mb.novalidate) strcat (tmp,"/novalidate-cert");
       if ((LOCAL->loser = mb.loser) != 0) strcat (tmp,"/loser");
@@ -578,7 +578,7 @@ long pop3_auth (MAILSTREAM *stream,NETMBX *mb,char *pwd,char *usr)
     }
     pop3_capa (stream,flags);	/* get capabilities now that TLS in effect */
   }
-  else if (mb->tlsflag) {	/* user specified /tls but can't do it */
+  else if (mb->tlsflag) {	/* user specified /starttls but can't do it */
     mm_log ("Unable to negotiate TLS with this server",ERROR);
     return NIL;
   }