[PATCH v3] Re: Implement Server SSL fingerprint check

Nicolas Sebrecht nicolas.s-dev at laposte.net
Tue Sep 6 18:06:01 BST 2011 

On Mon, Sep 05, 2011 at 11:43:34AM +0200, Sebastian Spaeth wrote:
> If we connect to a SSL server (not STARTTLS) and no CA cert has been
> specified for verification, we check the configured SSL fingerprint and
> bail out in case it has not been set yet, or it does not match.
> 
> This means one more mandatory option for SSL configuration, but it
> improves security a lot.
> 
> Signed-off-by: Sebastian Spaeth <Sebastian at SSpaeth.de>
> ---
> Now with documentation in offlineimap.conf.

I had this error:

ERROR: Exceptions occurred during the run!
 ERROR: While attempting to sync account dev.gmx:
  Traceback (most recent call last):
  File "/usr/lib64/python2.7/site-packages/offlineimap/accounts.py", line 178, in syncrunner
    self.sync()
  File "/usr/lib64/python2.7/site-packages/offlineimap/accounts.py", line 236, in sync
    remoterepos.syncfoldersto(localrepos, statusrepos)
  File "/usr/lib64/python2.7/site-packages/offlineimap/repository/Base.py", line 122, in syncfoldersto
    src_folders = src_repo.getfolders()
  File "/usr/lib64/python2.7/site-packages/offlineimap/repository/IMAP.py", line 280, in getfolders
    imapobj = self.imapserver.acquireconnection()
  File "/usr/lib64/python2.7/site-packages/offlineimap/imapserver.py", line 217, in acquireconnection
    fingerprint=fingerprint
  File "/usr/lib64/python2.7/site-packages/offlineimap/imaplibutil.py", line 146, in __init__
    super(WrappedIMAP4_SSL, self).__init__(*args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/offlineimap/imaplib2.py", line 1995, in __init__
    IMAP4.__init__(self, host, port, debug, debug_file, identifier, timeout, debug_buf_lvl)
  File "/usr/lib64/python2.7/site-packages/offlineimap/imaplib2.py", line 329, in __init__
    self.open(host, port)
  File "/usr/lib64/python2.7/site-packages/offlineimap/imaplibutil.py", line 152, in open
    fingerprint = sha1(self.sslobj.getpeercert(True)).hexdigest()
  File "/usr/lib64/python2.7/site-packages/offlineimap/imaplib2.py", line 400, in __getattr__
    raise AttributeError("Unknown IMAP4 command: '%s'" % attr)
AttributeError: Unknown IMAP4 command: 'sslobj'

  Unknown IMAP4 command: 'sslobj'
-- 
Nicolas Sebrecht

More information about the OfflineIMAP-project mailing list