Bug 4251

Summary: SNI support added in v3.17.3 is missing from Windows build of v3.17.4
Product: Claws Mail (Windows) Reporter: ramyar.s
Component: defaultAssignee: users
Status: NEW ---    
Severity: critical CC: djam5, kotlyar.andrey
Priority: P3    
Version: 3.17.4   
Hardware: PC   
OS: Windows 10   

Description ramyar.s 2019-09-14 20:16:52 UTC 
Hi,
My experience with Windows build of Claws Mail and searching the web suggests that TLS SNI support is disabled in the Windows version of v3.17.4. Here is my experience:

v3.17.3 works with imap.gmail.com. v3.17.4 says that the certificate has changed to one signed by invalid2.invalid.

My search results:

ebol4anthr4x, reddit: Google has configured their servers to respond with an invalid certificate if your IMAP client doesn't support SNI.

Viktor Dukhovni, openssl.org: Specifically, the Google SMTP servers serving millions of domains (including gmail.com), now only do TLS 1.3 when SNI is presented, and when SNI is missing, not only negotiate TLS 1.2, but use an unexpected self-signed cert chain ...

Bug 4103 (resolved fixed) maybe useful.

Help please.

Regards
Ramyar