support for starttls

dtk d.t.k at
Mon Apr 11 00:22:49 BST 2011

Excerpts from Daniel Kreischer's message of Sun Apr 10 21:08:55 +0200 2011:
> > If that works and your openssl uses the same
> > as Python's ssl module, then maybe the latter has an issue.
> >
> > You could try to edit to change
> > the ssl.wrap_socket() call in starttls() to add
> > "ssl_version=ssl.PROTOCOL_TLSv1" as last parameter.
> > However, since the TLSv1 Client Hello in you pcap dumps
> > already announces TLSv1 I'm not sure this will help.
> > Worth a try anyway.
> will try as soon as I get my checkout working (cf other mail) -.-
[x] worth a try
[ ] fixes teh problem

    $ cat offlineimap/ | grep -n -B3 ssl_version
    997-        if typ == 'OK':
    998-            import ssl
    999-            print '***DEBUG: forcing TLSv1!***'
    1000:            self.sock = ssl.wrap_socket(self.sock, keyfile, certfile, ssl_version=ssl.PROTOCOL_TLSv1)
    $ time ./ -c ../../configs/starttls.rc -u ttyui
     OfflineIMAP 6.3.2
    Copyright (C) 2002 - 2010 John Goerzen <john at>

    This software comes with ABSOLUTELY NO WARRANTY; see the file
    COPYING for details.  This is free software, and you are welcome
    to distribute it under the conditions laid out in COPYING.
    Account sync Test:
     ***** Processing account Test
     Copying folder structure from IMAP to Maildir
     Establishing connection to
    ***DEBUG: forcing TLSv1!***
    ^CCTRL-C pressed, aborting...

    real	2m36.992s
    user	0m0.216s
    sys	0m0.076s

thx anyway

More information about the OfflineIMAP-project mailing list