Closed pitrou closed 13 years ago
pitrou
commented
14 years ago 3.2 introduces SSL contexts, which allow bundling SSL configuration options, certificates and private keys into a single (potentially long-lived) structure. http://docs.python.org/dev/py3k/library/ssl.html#ssl.SSLContext
The IMAP4_SSL constructor should allow passing an SSL context object instead of a key/cert pair.
f9f380c2-fef4-40af-aee5-0da8517867ce
commented
13 years ago Is anyone working on this?
pitrou
commented
13 years ago Is anyone working on this?
I don't think so, you could try if you are interested.
f9f380c2-fef4-40af-aee5-0da8517867ce
commented
13 years ago I am attaching a patch for the default branch that adds a ssl_context parameter to IMAP4_SSL. Also added a couple of tests to test_imaplib to test the existing ctor with certfile and file and also the new one that accepts an SSLContext.
Currently if the ssl_context param is provided then the keyfile and certfile are ignored, I wasn't sure if the ssl_context should be loaded with the certfile if that is provided along with the ssl_context.
If this looks ok, I can add something similar for smtplib as well.
pitrou
commented
13 years ago Thanks for the patch. Comments:
f9f380c2-fef4-40af-aee5-0da8517867ce
commented
13 years ago Thanks Antoine. I've attached an updated patch.
>
- the keyfile / certfile pair and the context parameter should be mutually exclusive (see e.g. the POP3_SSL constructor in Lib/poplib.py) [Sijin] - Yes, Thanks, I don't know why I didn't check POP3 impl before.
I don't think the remote test server used in test_imaplib supports client certificates, it probably just ignores them; that said, it's better than nothing [Sijin] - Agreed, I don't think the server supports client certificates, but at least we are able to test that the connect still works. Maybe we should open a new task to have a remote server that supports client certificate connections? We could use that in test cases for other SSL related modules.
you have a misindented line in test_logincapa [Sijin] - Fixed.
since we're using a remote, third-party test server, it may be better not to do any spurious connects (in the current patch, a first connection is established in the setUp() and then ignored since another one is established in the test body) [Sijin] - Fixed.
you need to update the documentation in Doc/library/imaplib.rst [Sijin] - Done. Also added some corresponding info in the poplib and docs for poplib.
1762cc99-3127-4a62-9baf-30c3d0f51ef7
commented
13 years ago New changeset aba7d1f2d2a9 by Antoine Pitrou in branch 'default': Issue bpo-8808: The IMAP4_SSL constructor now allows passing an SSLContext http://hg.python.org/cpython/rev/aba7d1f2d2a9
pitrou
commented
13 years ago Thank you! I've tweaked the patch slightly (mostly cosmetics (*)) and committed it to 3.3. I've left out the poplib doc changes, they could be committed separately.
(*) 80-line character limit, calling logout() on the test server
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields: ```python assignee = None closed_at =
created_at =
labels = ['type-feature', 'library']
title = 'imaplib should support SSL contexts'
updated_at =
user = 'https://github.com/pitrou'
```
bugs.python.org fields:
```python
activity =
actor = 'pitrou'
assignee = 'none'
closed = True
closed_date =
closer = 'pitrou'
components = ['Library (Lib)']
creation =
creator = 'pitrou'
dependencies = []
files = ['21810', '21863']
hgrepos = []
issue_num = 8808
keywords = ['patch']
message_count = 8.0
messages = ['106368', '134419', '134420', '134614', '134944', '135009', '135322', '135324']
nosy_count = 6.0
nosy_names = ['jcea', 'janssen', 'pitrou', 'giampaolo.rodola', 'sijinjoseph', 'python-dev']
pr_nums = []
priority = 'normal'
resolution = 'fixed'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'enhancement'
url = 'https://bugs.python.org/issue8808'
versions = ['Python 3.3']
```