[Imaplib2-devel] Re: STARTTLS and certificates Re:[ANNOUNCE] OfflineIMAP v6.3.4-rc3 released

Piers Lauder piers at janeelix.com
Mon Jul 11 22:40:55 BST 2011


On Mon, 11 Jul 2011 19:14:26 +0200, Johannes Stezenbach wrote:
  > 
	...
  > 
  > The imaplib2 change I proposed is supposed to allow to use the
  > existing offlineimap/imaplibutil.py WrappedIMAP4_SSL._verifycert()
  > method.  Thus, supposedly the call in offlineimap/imapserver.py
  > imapobj.starttls() would add
  > 
  >    imapobj.starttls(self.sslclientkey, self.sslclientcert,
  >                     ca_certs=self.sslcacertfile,
  >                     cert_reqs=ssl.CERT_REQUIRED,
  >                     cert_verify_cb=)
  > 
  > and now that I write it it's obvious cert_reqs shouldn't be
  > a parameter, but instead imaplib2 should do
  >     if ca_certs is not None:
  >         cert_reqs = ssl.CERT_REQUIRED
  >     else
  >         cert_reqs = ssl.CERT_NONE

Will fix.

  > Anywqy, I have no idea who else uses imaplib2, so I don't know
  > if this API is good enough.  It is just the minimal change
  > to support what offlineimap needs.

It's an incremental improvememnt at least. Up to others to suggest
further improvements if needed.

What does "WrappedIMAP4_SSL._verifycert()" actually do with its two
arguments? I guess also that it returns an error string, or None? (Just
so I can document the usage of the new arguments to starttls().)

Thanks!






More information about the OfflineIMAP-project mailing list