From fe25a5c7525fe8fa38a1254e14dc5ce75e79a08e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rodolfo=20Garc=C3=ADa=20Pe=C3=B1as=20=28kix=29?= Date: Sun, 25 Oct 2020 17:18:35 +0100 Subject: [PATCH] Distro default certificates must be iterables MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This patch changes the __DEF_OS_LOCATIONS to an iterable value. The reason is because a list is an iterable, but an string is an iterable too, and this is a mistake. The function get_os_sslcertfile() has a loop to iterate the return of get_os_sslcertfile_searchpath(), that returns the value in the __DEF_OS_LOCATIONS dictionary. When the value is an iterable, the "f" variable is set to the iterable value and works fine. If the value of "f" is an string, the for-loop iterates over every character, so the test for os.path.exists is always false (is comparing the path with a character, not with the full path), so this function fails and return None. To check this change, edit your .offlineimaprc file and change the sslcacertfile to OS-DEFAULT: sslcacertfile = OS-DEFAULT And run offlineimap. If you are not using 'darwin0 (the only iterable) it will fails. Now, apply this patch, and run offlineimap again. Problem is solved. Signed-off-by: Rodolfo García Peñas (kix) --- offlineimap/utils/distro_utils.py | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/offlineimap/utils/distro_utils.py b/offlineimap/utils/distro_utils.py index af0091d..b720f07 100644 --- a/offlineimap/utils/distro_utils.py +++ b/offlineimap/utils/distro_utils.py @@ -11,29 +11,27 @@ try: except ImportError: from distro import linux_distribution -# Each dictionary value is either string or some iterable. -# # For the former we will just return the value, for an iterable # we will walk through the values and will return the first # one that corresponds to the existing file. __DEF_OS_LOCATIONS = { - 'freebsd': '/usr/local/share/certs/ca-root-nss.crt', - 'openbsd': '/etc/ssl/cert.pem', - 'dragonfly': '/etc/ssl/cert.pem', + 'freebsd': ['/usr/local/share/certs/ca-root-nss.crt'], + 'openbsd': ['/etc/ssl/cert.pem'], + 'dragonfly': ['/etc/ssl/cert.pem'], 'darwin': [ # MacPorts, port curl-ca-bundle '/opt/local/share/curl/curl-ca-bundle.crt', # homebrew, package openssl '/usr/local/etc/openssl/cert.pem', ], - 'linux-ubuntu': '/etc/ssl/certs/ca-certificates.crt', - 'linux-debian': '/etc/ssl/certs/ca-certificates.crt', - 'linux-gentoo': '/etc/ssl/certs/ca-certificates.crt', - 'linux-fedora': '/etc/pki/tls/certs/ca-bundle.crt', - 'linux-redhat': '/etc/pki/tls/certs/ca-bundle.crt', - 'linux-suse': '/etc/ssl/ca-bundle.pem', - 'linux-opensuse': '/etc/ssl/ca-bundle.pem', - 'linux-arch': '/etc/ssl/certs/ca-certificates.crt', + 'linux-ubuntu': ['/etc/ssl/certs/ca-certificates.crt'], + 'linux-debian': ['/etc/ssl/certs/ca-certificates.crt'], + 'linux-gentoo': ['/etc/ssl/certs/ca-certificates.crt'], + 'linux-fedora': ['/etc/pki/tls/certs/ca-bundle.crt'], + 'linux-redhat': ['/etc/pki/tls/certs/ca-bundle.crt'], + 'linux-suse': ['/etc/ssl/ca-bundle.pem'], + 'linux-opensuse': ['/etc/ssl/ca-bundle.pem'], + 'linux-arch': ['/etc/ssl/certs/ca-certificates.crt'], }