support for starttls
js at sig21.net
Mon Apr 11 14:02:30 BST 2011
On Mon, Apr 11, 2011 at 02:44:39PM +0200, Johannes Stezenbach wrote:
> On Mon, Apr 11, 2011 at 01:37:23PM +0200, dtk wrote:
> > Excerpts from Daniel Kreischer's message of Sun Apr 10 21:08:55 +0200 2011:
> > > > and it seems to me like your Python ssl
> > > > support is buggy. Maybe you can try with a different Python and/or
> > > > openssl version.
> > > hmm, maybe tomorrow at work.
> > hmm, same problem here with python 2.6.5 and openssl 0.9.8k
> > I obviously have to admit though that those versions aren't too different :/
> > building python 2.7
> What puzzles me is that Python documentation says about ssl_version:
> "If not specified, for client-side operation, the default SSL version is SSLv3"
> Yet in your pcap it sends TLSv1 in the Client Hello. Thus I suspected
> your openssl library defaults to TLSv1 while Python's ssl wrapper
> thinks it requested SSLv3. But then your test with
> ssl_version=ssl.PROTOCOL_TLSv1 should have worked.
FWIW, I found I can reproduce the error with a simple
command line test:
>>> import imaplib2
>>> s=imaplib2.IMAP4("my.mailserver.com", debug=True)
46:56.55 MainThread imaplib2 version 2.20
46:56.55 MainThread imaplib2 debug level True
46:56.64 MainThread connected to my.mailserver.com on port 143
46:56.64 my.mailserver.com writer starting
46:56.64 my.mailserver.com reader starting using poll
46:56.75 my.mailserver.com handler starting
46:56.75 MainThread state => NONAUTH
46:56.75 MainThread [async] CAPABILITY ()
46:56.79 MainThread CAPABILITY: ('IMAP4REV1', 'UIDPLUS', 'CHILDREN', 'NAMESPACE', 'THREAD=ORDEREDSUBJECT', 'THREAD=REFERENCES', 'SORT', 'QUOTA', 'IDLE', 'ACL', 'ACL2=UNION', 'STARTTLS', 'LOGINDISABLED')
47:10.78 MainThread [sync] STARTTLS ()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "imaplib2.py", line 999, in starttls
47:10.95 my.mailserver.com handler unexpected response: 'O STARTTLS failed: couriertls: accept: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number'
47:10.95 my.mailserver.com handler NO response: Error in IMAP command received by server.
self.sock = ssl.wrap_socket(self.sock, keyfile, certfile)
File "/usr/lib/python2.6/ssl.py", line 338, in wrap_socket
47:10.98 my.mailserver.com handler NO response: Error in IMAP command received by server.
File "/usr/lib/python2.6/ssl.py", line 120, in __init__
File "/usr/lib/python2.6/ssl.py", line 279, in do_handshake
ssl.SSLError: [Errno 1] _ssl.c:490: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
So the error is not specific to your setup.
More information about the OfflineIMAP-project