offlineimap.conf: XOAUTH2: certificate validation is required for Gmail

Github-ref: https://github.com/OfflineIMAP/offlineimap/issues/132
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
This commit is contained in:
Nicolas Sebrecht 2016-11-20 20:34:59 +01:00
parent 54bbe79930
commit 1f635c415f

View File

@ -828,8 +828,15 @@ remoteuser = username
# #
# XOAUTH2 authentication (for instance, to use with Gmail). # XOAUTH2 authentication (for instance, to use with Gmail).
# #
# This option was tested on Gmail only, but should work # This option was tested on Gmail only, but should work with type = IMAP for
# with type = IMAP for compatible servers. # compatible servers.
#
# For Gmail (and maybe others), XOAUTH2 requires ssl. This means that STARTTLS
# won't work and that Offlineimap will perform certificate validation. IOW, the
# following configuration is used:
# - sslcacertfile: MUST BE correclty configured
# - ssl = yes (optional, will be used anyway)
# - starttls = no (optional, will be tried but won't work anyway)
# #
# Mandatory parameters are "oauth2_client_id", "oauth2_client_secret" and # Mandatory parameters are "oauth2_client_id", "oauth2_client_secret" and
# either "oauth2_refresh_token" or "oauth2_access_token". XOAUTH2 mechanism # either "oauth2_refresh_token" or "oauth2_access_token". XOAUTH2 mechanism
@ -855,7 +862,7 @@ remoteuser = username
# The return values must be bytes. # The return values must be bytes.
#oauth2_client_id_eval = get_client_id("accountname") #oauth2_client_id_eval = get_client_id("accountname")
#oauth2_client_secret_eval = get_client_secret("accountname") #oauth2_client_secret_eval = get_client_secret("accountname")
#
# Specify the refresh token to use for the connection to the mail server. # Specify the refresh token to use for the connection to the mail server.
# Here's an example of a way to get a refresh token: # Here's an example of a way to get a refresh token:
# - Clone this project: https://github.com/google/gmail-oauth2-tools # - Clone this project: https://github.com/google/gmail-oauth2-tools
@ -873,6 +880,7 @@ remoteuser = username
# If you want to use a refresh token, make sure you disabled/removed any # If you want to use a refresh token, make sure you disabled/removed any
# oauth2_access_token option. The access token is downloaded from the URL # oauth2_access_token option. The access token is downloaded from the URL
# defined in the oauth2_request_url configuration option. # defined in the oauth2_request_url configuration option.
#
# If the type of the remote is IMAP, oauth2_request_url MUST be defined. # If the type of the remote is IMAP, oauth2_request_url MUST be defined.
# For Gmail, the default URL is https://accounts.google.com/o/oauth2/token. # For Gmail, the default URL is https://accounts.google.com/o/oauth2/token.
# #