| msg106368 - (view) |
Author: Antoine Pitrou (pitrou) *  |
Date: 2010-05-24 16:13 |
| 3.2 introduces SSL contexts, which allow bundling SSL configuration options, certificates and private keys into a single (potentially long-lived) structure. http://docs.python.org/dev/py3k/library/ssl.html#ssl.SSLContext The IMAP4_SSL constructor should allow passing an SSL context object instead of a key/cert pair. |
|
|
| msg134419 - (view) |
Author: Sijin Joseph (sijinjoseph) |
Date: 2011-04-25 21:46 |
| Is anyone working on this? |
|
|
| msg134420 - (view) |
Author: Antoine Pitrou (pitrou) * |
Date: 2011-04-25 21:48 |
| > Is anyone working on this? I don't think so, you could try if you are interested. |
|
|
| msg134614 - (view) |
Author: Sijin Joseph (sijinjoseph) |
Date: 2011-04-27 20:47 |
| I am attaching a patch for the default branch that adds a ssl_context parameter to IMAP4_SSL. Also added a couple of tests to test_imaplib to test the existing ctor with certfile and file and also the new one that accepts an SSLContext. Currently if the ssl_context param is provided then the keyfile and certfile are ignored, I wasn't sure if the ssl_context should be loaded with the certfile if that is provided along with the ssl_context. If this looks ok, I can add something similar for smtplib as well. |
|
|
| msg134944 - (view) |
Author: Antoine Pitrou (pitrou) * |
Date: 2011-05-01 23:20 |
| Thanks for the patch. Comments: - the keyfile / certfile pair and the context parameter should be mutually exclusive (see e.g. the POP3_SSL constructor in Lib/poplib.py) - I don't think the remote test server used in test_imaplib supports client certificates, it probably just ignores them; that said, it's better than nothing - you have a misindented line in test_logincapa - since we're using a remote, third-party test server, it may be better not to do any spurious connects (in the current patch, a first connection is established in the setUp() and then ignored since another one is established in the test body) - you need to update the documentation in Doc/library/imaplib.rst |
|
|
| msg135009 - (view) |
Author: Sijin Joseph (sijinjoseph) |
Date: 2011-05-02 21:09 |
| Thanks Antoine. I've attached an updated patch. >> - the keyfile / certfile pair and the context parameter should be mutually exclusive (see e.g. the POP3_SSL constructor in Lib/poplib.py) [Sijin] - Yes, Thanks, I don't know why I didn't check POP3 impl before. - I don't think the remote test server used in test_imaplib supports client certificates, it probably just ignores them; that said, it's better than nothing [Sijin] - Agreed, I don't think the server supports client certificates, but at least we are able to test that the connect still works. Maybe we should open a new task to have a remote server that supports client certificate connections? We could use that in test cases for other SSL related modules. - you have a misindented line in test_logincapa [Sijin] - Fixed. - since we're using a remote, third-party test server, it may be better not to do any spurious connects (in the current patch, a first connection is established in the setUp() and then ignored since another one is established in the test body) [Sijin] - Fixed. - you need to update the documentation in Doc/library/imaplib.rst [Sijin] - Done. Also added some corresponding info in the poplib and docs for poplib. |
|
|
| msg135322 - (view) |
Author: Roundup Robot (python-dev)  |
Date: 2011-05-06 16:49 |
| New changeset aba7d1f2d2a9 by Antoine Pitrou in branch 'default': Issue #8808: The IMAP4_SSL constructor now allows passing an SSLContext http://hg.python.org/cpython/rev/aba7d1f2d2a9 |
|
|
| msg135324 - (view) |
Author: Antoine Pitrou (pitrou) * |
Date: 2011-05-06 16:52 |
| Thank you! I've tweaked the patch slightly (mostly cosmetics (*)) and committed it to 3.3. I've left out the poplib doc changes, they could be committed separately. (*) 80-line character limit, calling logout() on the test server |
|
|