Merge branch 'main' into wgautomeshwgautomesh

2 files changed, 36 insertions, 0 deletions

diff --git a/cluster/prod/app/email/integration/README.md b/cluster/prod/app/email/integration/README.md
new file mode 100644
index 0000000..d396277
--- /dev/null
+++ b/cluster/prod/app/email/integration/README.md
@@ -0,0 +1,23 @@
+# Email
+
+## TLS TLS Proxy
+
+Required for Android 7.0 that does not support elliptic curves.
+
+Generate a key:
+
+```bash
+openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout rsa.key -out rsa.crt -subj "/CN=imap.deuxfleurs.fr" -addext "subjectAltName=DNS:smtp.deuxfleurs.fr"
+```
+
+Run the command:
+
+```bash
+./integration/proxy.sh imap.deuxfleurs.fr:993 1993
+```
+
+Test it:
+
+```bash
+openssl s_client localhost:1993
+```
diff --git a/cluster/prod/app/email/integration/tls-tls-proxy.sh b/cluster/prod/app/email/integration/tls-tls-proxy.sh
new file mode 100644
index 0000000..afb7317
--- /dev/null
+++ b/cluster/prod/app/email/integration/tls-tls-proxy.sh
@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+UPSTREAM=$1
+PROXY_PORT=$2
+socat -dd \
+"openssl-listen:${PROXY_PORT},\
+reuseaddr,\
+fork,\
+cert=/tmp/tls-tls-proxy/rsa.crt,\
+key=/tmp/tls-tls-proxy/rsa.key,\
+verify=0,\
+bind=0.0.0.0" \
+"openssl:${UPSTREAM},\
+verify=0"