search

mjs / imapclient

An easy-to-use, Pythonic and complete IMAP client library
https://imapclient.readthedocs.io/
Other
518 stars 85 forks source link

IMAPClient doesn't create a default SSL context for SSL connections #579

Closed psihonavt closed 10 months ago

psihonavt commented 10 months ago

Hello,

I'm facing a weird issue trying to establish a secure IMAP connection:

In [3]: imapclient.__version__
Out[3]: '3.0.1'

In [5]: cl = imapclient.IMAPClient('mail.democrats.com', 993)
....
File /usr/lib/python3.11/ssl.py:1379, in SSLSocket.do_handshake(self, block)
   1377     if timeout == 0.0 and block:
   1378         self.settimeout(None)
-> 1379     self._sslobj.do_handshake()
   1380 finally:
   1381     self.settimeout(timeout)

SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)

However, if I provide some SSL context: (that's what imaplib is doing under the hood https://github.com/python/cpython/blob/178919cf2132a67bc03ae5994769d93cfb7e2cd3/Lib/imaplib.py#L1303)

In [6]: imapclient.IMAPClient('mail.democrats.com', 993, ssl_context=ssl._create_stdlib_context())
Out[6]: <imapclient.imapclient.IMAPClient at 0x7f0831b34250>

In [8]: imaplib.IMAP4_SSL('mail.democrats.com', 993)
Out[8]: <imaplib.IMAP4_SSL at 0x7f0831ce5f10>

Is this a bug in IMAPClient, or am I doing something wrong? I'm actually surprised to see this error, for we have been using IMAPClient for years to connect to hundreds of IMAP servers over SSL.

psihonavt commented 10 months ago

please disregard this issue; not an issue