tobias/docker-offlineimap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

imapserver: minor code cleaning: reorder methods

Browse Source 
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
This commit is contained in:
Nicolas Sebrecht 2016-09-23 16:27:22 +02:00
parent 7da576e2be
commit c0f4fa44eb
1 changed files with 53 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
offlineimap/imapserver.py
View File

@ -172,26 +172,6 @@ class IMAPServer(object):
self.passworderror = None self.passworderror = None
return self.password return self.password
def releaseconnection(self, connection, drop_conn=False):
"""Releases a connection, returning it to the pool.
:param drop_conn: If True, the connection will be released and
not be reused. This can be used to indicate broken connections."""
if connection is None:
return # Noop on bad connection.
self.connectionlock.acquire()
self.assignedconnections.remove(connection)
# Don't reuse broken connections
if connection.Terminate or drop_conn:
connection.logout()
else:
self.availableconnections.append(connection)
self.connectionlock.release()
self.semaphore.release()
def __md5handler(self, response): def __md5handler(self, response):
challenge = response.strip() challenge = response.strip()
self.ui.debug('imap', '__md5handler: got challenge %s'% challenge) self.ui.debug('imap', '__md5handler: got challenge %s'% challenge)
@ -207,7 +187,6 @@ class IMAPServer(object):
self.ui.debug('imap', 'Attempting IMAP LOGIN authentication') self.ui.debug('imap', 'Attempting IMAP LOGIN authentication')
imapobj.login(self.username, self.__getpassword()) imapobj.login(self.username, self.__getpassword())
def __plainhandler(self, response): def __plainhandler(self, response):
"""Implements SASL PLAIN authentication, RFC 4616, """Implements SASL PLAIN authentication, RFC 4616,
http://tools.ietf.org/html/rfc4616""" http://tools.ietf.org/html/rfc4616"""
@ -225,7 +204,6 @@ class IMAPServer(object):
self.ui.debug('imap', '__plainhandler: returning %s'% logsafe_retval) self.ui.debug('imap', '__plainhandler: returning %s'% logsafe_retval)
return retval return retval
def __xoauth2handler(self, response): def __xoauth2handler(self, response):
if self.oauth2_refresh_token is None \ if self.oauth2_refresh_token is None \
and self.oauth2_access_token is None: and self.oauth2_access_token is None:
@ -304,7 +282,6 @@ class IMAPServer(object):
response = '' response = ''
return base64.b64decode(response) return base64.b64decode(response)
def __start_tls(self, imapobj): def __start_tls(self, imapobj):
if 'STARTTLS' in imapobj.capabilities and not self.usessl: if 'STARTTLS' in imapobj.capabilities and not self.usessl:
self.ui.debug('imap', 'Using STARTTLS connection') self.ui.debug('imap', 'Using STARTTLS connection')
@ -315,7 +292,6 @@ class IMAPServer(object):
"TLS connection: %s"% str(e), "TLS connection: %s"% str(e),
OfflineImapError.ERROR.REPO, None, exc_info()[2]) OfflineImapError.ERROR.REPO, None, exc_info()[2])
## All __authn_* procedures are helpers that do authentication. ## All __authn_* procedures are helpers that do authentication.
## They are class methods that take one parameter, IMAP object. ## They are class methods that take one parameter, IMAP object.
## ##
@ -375,7 +351,6 @@ class IMAPServer(object):
self.__loginauth(imapobj) self.__loginauth(imapobj)
return True return True
def __authn_helper(self, imapobj): def __authn_helper(self, imapobj):
"""Authentication machinery for self.acquireconnection(). """Authentication machinery for self.acquireconnection().
@ -447,8 +422,45 @@ class IMAPServer(object):
", ".join(self.authmechs), methods), ", ".join(self.authmechs), methods),
OfflineImapError.ERROR.REPO) OfflineImapError.ERROR.REPO)
def __verifycert(self, cert, hostname):
"""Verify that cert (in socket.getpeercert() format) matches hostname.
CRLs are not handled.
Returns error message if any problems are found and None on success."""
errstr = "CA Cert verifying failed: "
if not cert:
return ('%s no certificate received'% errstr)
dnsname = hostname.lower()
certnames = []
# cert expired?
notafter = cert.get('notAfter')
if notafter:
if time.time() >= cert_time_to_seconds(notafter):
return '%s certificate expired %s'% (errstr, notafter)
# First read commonName
for s in cert.get('subject', []):
key, value = s[0]
if key == 'commonName':
certnames.append(value.lower())
if len(certnames) == 0:
return ('%s no commonName found in certificate'% errstr)
# Then read subjectAltName
for key, value in cert.get('subjectAltName', []):
if key == 'DNS':
certnames.append(value.lower())
# And finally try to match hostname with one of these names
for certname in certnames:
if (certname == dnsname or
'.' in dnsname and certname == '*.' + dnsname.split('.', 1)[1]):
return None
return ('%s no matching domain name found in certificate'% errstr)
# XXX: move above, closer to releaseconnection()
def acquireconnection(self): def acquireconnection(self):
"""Fetches a connection from the pool, making sure to create a new one """Fetches a connection from the pool, making sure to create a new one
if needed, to obey the maximum connection limits, etc. if needed, to obey the maximum connection limits, etc.
@ -694,44 +706,25 @@ class IMAPServer(object):
self.ui.debug('imap', 'keepalive: event is set; exiting') self.ui.debug('imap', 'keepalive: event is set; exiting')
return return
def __verifycert(self, cert, hostname):
"""Verify that cert (in socket.getpeercert() format) matches hostname.
CRLs are not handled. def releaseconnection(self, connection, drop_conn=False):
Returns error message if any problems are found and None on success.""" """Releases a connection, returning it to the pool.
errstr = "CA Cert verifying failed: " :param drop_conn: If True, the connection will be released and
if not cert: not be reused. This can be used to indicate broken connections."""
return ('%s no certificate received'% errstr)
dnsname = hostname.lower()
certnames = []
# cert expired? if connection is None:
notafter = cert.get('notAfter') return # Noop on bad connection.
if notafter:
if time.time() >= cert_time_to_seconds(notafter):
return '%s certificate expired %s'% (errstr, notafter)
# First read commonName self.connectionlock.acquire()
for s in cert.get('subject', []): self.assignedconnections.remove(connection)
key, value = s[0] # Don't reuse broken connections
if key == 'commonName': if connection.Terminate or drop_conn:
certnames.append(value.lower()) connection.logout()
if len(certnames) == 0: else:
return ('%s no commonName found in certificate'% errstr) self.availableconnections.append(connection)
self.connectionlock.release()
# Then read subjectAltName self.semaphore.release()
for key, value in cert.get('subjectAltName', []):
if key == 'DNS':
certnames.append(value.lower())
# And finally try to match hostname with one of these names
for certname in certnames:
if (certname == dnsname or
'.' in dnsname and certname == '*.' + dnsname.split('.', 1)[1]):
return None
return ('%s no matching domain name found in certificate'% errstr)
class IdleThread(object): class IdleThread(object):