tobias/docker-offlineimap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use system sslcacertfile by default

Browse Source 
This patch includes a new functionality to get the sslcacertfile.

With this patch is possible to remove the sslcacertfile variable form the
.offlineimaprc and use the system's default. This could be easy for new users.

With this patch, the user can use ssl without the sslcacertfile option
in .offlineimaprc, use sslcacertfile = <empty> (no include anything
after the equal sign, os specify the sslcacertfile as previosly.

Currently, these are the options:

    User specifies sslacertfile -> OK
    User specifies sslacertfile=OS-DEFAULT
        If the system's default is provided -> OK
        If the system's default is not provided -> Fail
    User do not specifies sslacertfile -> Fail
    User specifies empty sslacertfile -> Fail

With the new option (this patch).

    User specifies sslacertfile -> OK
    User specifies sslacertfile=OS-DEFAULT or
    User do not specifies sslacertfile or
    User specifies empty sslacertfile
        If the system's default is provided -> OK
        If the system's default is not provided -> Fail

Closes #14
This commit is contained in:
Rodolfo García Peñas (kix) 2020-10-26 12:10:49 +01:00
parent 442c88d838
commit a4863b2f04
1 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
offlineimap/repository/IMAP.py
View File

@ -233,13 +233,15 @@ class IMAPRepository(BaseRepository):
def getsslcacertfile(self): def getsslcacertfile(self):
"""Determines CA bundle. """Determines CA bundle.
Returns path to the CA bundle. It is either explicitely specified Returns path to the CA bundle. It is explicitely specified or
or requested via "OS-DEFAULT" value (and we will search known requested via "OS-DEFAULT" value (and we will search known
locations for the current OS and distribution). locations for the current OS and distribution). If it is not
specified, we will search it in the known locations.
If search via "OS-DEFAULT" route yields nothing, we will throw an If search route, via "OS-DEFAULT" or because is not specified,
exception to make our callers distinguish between not specified yields nothing, we will throw an exception to make our callers
value and non-existent default CA bundle. distinguish between not specified value and non-existent
default CA bundle.
It is also an error to specify non-existent file via configuration: It is also an error to specify non-existent file via configuration:
it will error out later, but, perhaps, with less verbose explanation, it will error out later, but, perhaps, with less verbose explanation,
@ -250,7 +252,10 @@ class IMAPRepository(BaseRepository):
xforms = [os.path.expanduser, os.path.expandvars, os.path.abspath] xforms = [os.path.expanduser, os.path.expandvars, os.path.abspath]
cacertfile = self.getconf_xform('sslcacertfile', xforms, None) cacertfile = self.getconf_xform('sslcacertfile', xforms, None)
# Can't use above cacertfile because of abspath. # Can't use above cacertfile because of abspath.
if self.getconf('sslcacertfile', None) == "OS-DEFAULT": conf_sslacertfile = self.getconf('sslcacertfile', None)
if conf_sslacertfile == "OS-DEFAULT" or \
conf_sslacertfile == None or \
conf_sslacertfile == '':
cacertfile = get_os_sslcertfile() cacertfile = get_os_sslcertfile()
if cacertfile is None: if cacertfile is None:
searchpath = get_os_sslcertfile_searchpath() searchpath = get_os_sslcertfile_searchpath()