cert_fingerprint option is ignored: fingerprints aren't verified!

James Cook james.cook at utoronto.ca
Wed Apr 25 03:40:15 BST 2012

Thanks; that commit works for me and rejects bad fingerprints as expected.

On 19 April 2012 09:31, Sebastian Spaeth <Sebastian at sspaeth.de> wrote:

> James Cook <james.cook at utoronto.ca> writes:
> > I've found a bug in the code that checks fingerprints: namely,
> > fingerprints are never actually checked.
> > The cause: imaplibutil.py checks for ssl support by checking if 'ssl'
> > is in locals(),
> > but it should check globals(), since ssl is not a local variable.
> Ooops, thanks for reporting. This is an embarassing one. Rather than
> using globals() (as would be the correct fix), I have removed the
> superfluous ssl check completely. We now rely on python2.6 and import
> ssl unconditionally in any case now.
> I checked in the fix as commit 895e709bf23eea3b8f546f240317580e34251cf3
> into the 'next' branch, so it will be part of the next release.
> Again, thanks for reporting.
> P.S. I tested that cert_fingerprint is actually required and used now.
> Sebastian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/offlineimap-project/attachments/20120424/3b1af84a/attachment-0003.html>

More information about the OfflineIMAP-project mailing list