support for starttls

dtk d.t.k at gmx.de
Mon Apr 11 00:22:49 BST 2011


Excerpts from Daniel Kreischer's message of Sun Apr 10 21:08:55 +0200 2011:
> > If that works and your openssl uses the same libcrypto.so/libssl.so
> > as Python's ssl module, then maybe the latter has an issue.
> >
> > You could try to edit imaplib2.py to change
> > the ssl.wrap_socket() call in starttls() to add
> > "ssl_version=ssl.PROTOCOL_TLSv1" as last parameter.
> > However, since the TLSv1 Client Hello in you pcap dumps
> > already announces TLSv1 I'm not sure this will help.
> > Worth a try anyway.
> will try as soon as I get my checkout working (cf other mail) -.-
[x] worth a try
[ ] fixes teh problem

[bash]
    $ cat offlineimap/imaplib2.py | grep -n -B3 ssl_version
    997-        if typ == 'OK':
    998-            import ssl
    999-            print '***DEBUG: forcing TLSv1!***'
    1000:            self.sock = ssl.wrap_socket(self.sock, keyfile, certfile, ssl_version=ssl.PROTOCOL_TLSv1)
    $ time ./offlineimap.py -c ../../configs/starttls.rc -u ttyui
     OfflineIMAP 6.3.2
    Copyright (C) 2002 - 2010 John Goerzen <john at complete.org>

    This software comes with ABSOLUTELY NO WARRANTY; see the file
    COPYING for details.  This is free software, and you are welcome
    to distribute it under the conditions laid out in COPYING.
    Account sync Test:
     ***** Processing account Test
     Copying folder structure from IMAP to Maildir
     Establishing connection to mail.jade-hamburg.de:143.
    ***DEBUG: forcing TLSv1!***
    ^CCTRL-C pressed, aborting...

    real	2m36.992s
    user	0m0.216s
    sys	0m0.076s
    $
[/bash]

thx anyway
dtk




More information about the OfflineIMAP-project mailing list