tobias/docker-offlineimap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #91 from thekix/master

Browse Source 
Revert patches about ssl certificates
This commit is contained in:
Rodolfo García Peñas (kix) 2021-10-12 11:21:12 +02:00 committed by GitHub
commit 88e318fab1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
offlineimap/imapserver.py
View File

@ -95,9 +95,6 @@ class IMAPServer:
self.__verifycert = None # Disable cert verification. self.__verifycert = None # Disable cert verification.
# This way of working sucks hard... # This way of working sucks hard...
self.fingerprint = repos.get_ssl_fingerprint() self.fingerprint = repos.get_ssl_fingerprint()
if self.fingerprint is not None:
self.__verifycert = None # if we have a cert fingerprint
# we do not require verfication via CA
self.tlslevel = repos.gettlslevel() self.tlslevel = repos.gettlslevel()
self.sslversion = repos.getsslversion() self.sslversion = repos.getsslversion()
self.starttls = repos.getstarttls() self.starttls = repos.getstarttls()

19
offlineimap/repository/IMAP.py
View File

@ -321,15 +321,13 @@ class IMAPRepository(BaseRepository):
def getsslcacertfile(self): def getsslcacertfile(self):
"""Determines CA bundle. """Determines CA bundle.
Returns path to the CA bundle. It is explicitely specified or Returns path to the CA bundle. It is either explicitely specified
requested via "OS-DEFAULT" value (and we will search known or requested via "OS-DEFAULT" value (and we will search known
locations for the current OS and distribution). If it is not locations for the current OS and distribution).
specified, we will search it in the known locations.
If search route, via "OS-DEFAULT" or because is not specified, If search via "OS-DEFAULT" route yields nothing, we will throw an
yields nothing, we will throw an exception to make our callers exception to make our callers distinguish between not specified
distinguish between not specified value and non-existent value and non-existent default CA bundle.
default CA bundle.
It is also an error to specify non-existent file via configuration: It is also an error to specify non-existent file via configuration:
it will error out later, but, perhaps, with less verbose explanation, it will error out later, but, perhaps, with less verbose explanation,
@ -340,10 +338,7 @@ class IMAPRepository(BaseRepository):
xforms = [os.path.expanduser, os.path.expandvars, os.path.abspath] xforms = [os.path.expanduser, os.path.expandvars, os.path.abspath]
cacertfile = self.getconf_xform('sslcacertfile', xforms, None) cacertfile = self.getconf_xform('sslcacertfile', xforms, None)
# Can't use above cacertfile because of abspath. # Can't use above cacertfile because of abspath.
conf_sslacertfile = self.getconf('sslcacertfile', None) if self.getconf('sslcacertfile', None) == "OS-DEFAULT":
if conf_sslacertfile == "OS-DEFAULT" or \
conf_sslacertfile is None or \
conf_sslacertfile == '':
cacertfile = get_os_sslcertfile() cacertfile = get_os_sslcertfile()
if cacertfile is None: if cacertfile is None:
searchpath = get_os_sslcertfile_searchpath() searchpath = get_os_sslcertfile_searchpath()