Commit Graph

104 Commits

Author SHA1 Message Date
Nicolas Sebrecht
9aa5afa951 XOAUTH2: fix the *_eval configuration options
They introduce a regression not allowing to discard the XOAUTH2 method when
expected.

The default lambda did not take the "account_name" argument.

Github-fix: https://github.com/OfflineIMAP/offlineimap/issues/362
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-07-29 16:38:58 +02:00
Nicolas Sebrecht
b4e33eeac4 XOAUTH2: use one "public" attribute everywhere for self.oauth2_request_url
Improve documentation.

Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-07-28 18:35:33 +02:00
Nicolas Sebrecht
0b824bdc49 offlineimap.conf: allow non-spaces in the account list
Commit c992f58530 pretends to fix this bug it doesn't.

Regression introduced in v7.0.0.

Github-fix: https://github.com/OfflineIMAP/offlineimap/issues/355
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-07-28 04:06:52 +02:00
Nicolas Sebrecht
88e8a4895e minor code enhancements
- More class inherit from object.
- Initialize all attributes.
- Code style.

Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-07-28 00:42:35 +02:00
Nicolas Sebrecht
b521b98d99 offlineimap.conf: learn to evaluate oauth2 related options
Introduce:
- oauth2_client_id_eval
- oauth2_client_secret_eval
- oauth2_access_token_eval
- oauth2_refresh_token_eval

Github-ref: https://github.com/OfflineIMAP/offlineimap/issues/307
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-07-27 04:25:18 +02:00
Nicolas Sebrecht
1a96d588d5 fix: configparser does not know about python types like u""
Github-fix: https://github.com/OfflineIMAP/offlineimap/issues/347
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-07-13 14:02:25 +02:00
Nicolas Sebrecht
2e81331a3c learn --delete-folder CLI option
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-07-08 21:34:25 +02:00
Nicolas Sebrecht
29e06a60f9 learn to not download UIDs defined by the user
Allow users to workaround offending emails that offlineimap can't download.

Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-07-03 20:02:45 +02:00
Nicolas Sebrecht
7945e10a76 correctly reraise errors with six
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-07-03 19:56:14 +02:00
Nicolas Sebrecht
cf5698b6a6 repository: IMAP: minor improvements
Make it clear what value is the default.

Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-06-26 17:02:28 +02:00
Nicolas Sebrecht
ac2a547ec4 learn to disable STARTTLS
Some servers might have this feature broken.

Github-ref: https://github.com/OfflineIMAP/offlineimap/issues/207
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-06-26 17:01:01 +02:00
Nicolas Sebrecht
08e17de7e2 require usernames and passwords to be UTF-8 encoded
- Learn to support UTF-8 characters where it was not supported for usernames and
  passwords (but for netrc).
- Fix the types in the code for both py2 and py3: we now expect unicode for
  usernames and passwords.

Unicode (UTF-8) is required only for variables with non-ASCII characters.

Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-06-26 16:57:22 +02:00
Nicolas Sebrecht
8c9f63a9b5 repository/IMAP: add minor comment
Some minor cleanups on whitespaces.

Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-06-08 16:01:58 +02:00
Nicolas Sebrecht
a2a8a908ca threading: fix variable names about namespaces
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-05-19 08:36:23 +02:00
Łukasz Żarnowiecki
0addcbabf0 py3: raise exceptions using six module
There is no other way to make Python2 and Python3 happy, because syntax
raise E, V, T is incompatible with the latter.

Signed-off-by: Łukasz Żarnowiecki <dolohow@outlook.com>
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-05-18 01:49:09 +02:00
Łukasz Żarnowiecki
4fbb5640ac Convert basestring to str
Signed-off-by: Łukasz Żarnowiecki <dolohow@outlook.com>
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-05-10 02:53:09 +02:00
Nicolas Sebrecht
2fb2f840dc XOAUTH2: don't force oauth2_request_url to be defined
Not all users want XOAUTH2.

Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-04-25 18:38:31 +02:00
Nicolas Sebrecht
2fc5d2a814 XOAUTH2: raise error when oauth_request_url is missing for IMAP type
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-04-25 17:38:42 +02:00
Nicolas Sebrecht
9486a0dab3 IMAP: don't try to create empty folders
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-04-09 17:35:15 +02:00
Ebben Aries
9bfd610230 change hard coding of AF_UNSPEC to user-defined address-families per repository
Some environments that return AAAA records for their IMAP servers can pose
problems for clients that do not have end-to-end IPv6 connectivity for a number
of reasons (e.g. policy, lack of full routing, security, etc..)

Even with a fallback mechanism in place, you can still arrive at IMAP
implementations that could prevent authentication from unknown IPv6 space. This
in itself is not enough to fallback to IPv4 since there is an actual connection
on that socket.

This change is for introducing a user-defined value:

  [Repository imap-remote]
  ipv6 = no

to create a preference per repository on which AF to connect to the remote
server on

ipv6 = yes (AF_INET6)
ipv6 = no (AF_INET)
unspecified = default

Signed-off-by: Ebben Aries <e@dscp.org>
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2016-02-23 06:57:21 +01:00
ojab
cfa704bbf2 Allow authorization via XOAUTH2 using access token
Signed-off-by: Slava Kardakov <ojab@ojab.ru>
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-12-30 00:25:57 +01:00
Max Vilimpoc
1becbff786 enable SSL by default
Fix-github-issue: #263
Signed-off-by: Max Vilimpoc <github@vilimpoc.org>
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-10-29 16:13:44 +01:00
Ben Boeckel
f03afcd224 imapserver: add a tls_level option
Allow the user to block usage of known-bad versions of SSL and TLS.

Signed-off-by: Ben Boeckel <mathstuf@gmail.com>
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-10-12 15:54:15 +02:00
Nicolas Sebrecht
af640208e1 make XOAUTH2 configuration option optional
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-10-12 07:42:30 +02:00
Nicolas Sebrecht
ebb2124dbb Merge branch 'Frizlab-gmail-oauth-2' into next 2015-10-06 14:25:15 +02:00
Christopher Corley
f7efaa2093 learn XOAUTH2 authentication
Signed-off-by: François Lamboley <francois.lamboley@happn.com>
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-10-06 14:24:42 +02:00
Nicolas Sebrecht
55ca922dd1 Merge branch 'krafczyk-new-mail-hook-2' into next 2015-09-11 21:04:52 +02:00
Matthew Krafczyk
48bb2f4113 Added the newmail_hook
When new mail arrives, this hook is triggered, allowing the user to
play a sound, or launch a popup.

Signed-off-by: Matthew Krafczyk <krafczyk.matthew@gmail.com>
2015-09-11 20:34:38 +02:00
Tommie Gannert
a6e7b6627b Add decodefoldernames option to decode IMAP folder names using UTF-7.
Signed-off-by: Tommie Gannert <tommie@gannert.se>
2015-08-29 16:43:33 +01:00
Nicolas Sebrecht
6d72fd74af Merge branch 'holomorph-remoteuser' into next 2015-03-10 23:06:17 +01:00
Mark Oteiza
a629b4e0e7 do not error if remoteuser is not configured
Signed-off-by: Mark Oteiza <mvoteiza@udel.edu>
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-03-10 23:06:09 +01:00
Nicolas Sebrecht
461554b7b1 more style consistency
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-02-10 17:25:00 +01:00
Eygene Ryabinkin
f69613965f Make OS-default CA certificate file to be requested explicitely
This simplifies logics for the user, especially if he uses both
fingerprint and certificate validation: it is hard to maintain
the compatibility with the prior behaviour and to avoid getting
default CA bundle to be disabled when fingerprint verification
is requested.

See
  http://thread.gmane.org/gmane.mail.imap.offlineimap.general/6695
for discussion about this change.

Default CA bundle is requested via 'sslcertfile = OS-DEFAULT'.

I had also enforced all cases where explicitely-requested CA bundles
are non-existent to be hard errors: when users asks us to use CA
bundle (and, thus, certificate validation), but we can't find one,
we must error out rather than happily continue and downgrade to
no validation.

Reported-By: Edd Barrett <edd@theunixzoo.co.uk>
Reviewed-By: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
2015-01-18 22:05:49 +03:00
Nicolas Sebrecht
41fa3ae4fc more style consistency
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-01-13 18:16:25 +01:00
Nicolas Sebrecht
a44718130d minor: add comments
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-01-12 17:17:42 +01:00
Nicolas Sebrecht
c2b8a99fa2 repository: IMAP.py: do not redefine string
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-01-12 17:17:42 +01:00
Eygene Ryabinkin
e7fabf9e57 Properly re-raise exception to save original tracebacks
We usually mutate some exceptions to OfflineImapError() and it is
a whole lot better if such exception will show up with the original
traceback, so all valid occurrences of such mutations were transformed
to the 3-tuple form of "raise".  Had also added coding guidelines
document where this re-raise strategy is documented.

Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
2015-01-12 17:51:21 +03:00
Nicolas Sebrecht
61021260cb more consistent style
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
2015-01-07 21:31:43 +01:00
Eygene Ryabinkin
e51ed80ecc Enable tilde and environment variable expansion on some items
Expand environment variables in the following configuration items:
- general.pythonfile;
- general.metadata;
- mbnames.filename;
- Repository.localfolders.
- Repository.sslcacertfile.

Make tilde and environment variable expansion in the following
configuration items:
- Repository.sslclientcert;
- Repository.sslclientkey.

GitHub pull request: https://github.com/OfflineIMAP/offlineimap/pull/113
Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
2014-11-12 09:40:12 +03:00
Eygene Ryabinkin
8f3c22e227 Introduce CustomConfig method that applies set of transforms
It is a bit cleaner than making chains of calls like
{{{
value = os.path.expanduser(value)
value = os.path.abspath(value)
}}}
since we do see all transformations to be applied in a single
iterable and have no repeated code like in the above example.

Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
2014-11-02 11:53:05 +03:00
Eygene Ryabinkin
818486283e Add support for OS-specific CA bundle locations
GitHub pull: #19
Suggested-by: Michael Vogt <mvo@ubuntu.com>
Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
2014-09-22 09:52:57 +04:00
Eygene Ryabinkin
d2ec2a4e9e Extend handling of cert_fingerprint
Add ability to specify multiple fingerprints.

Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
2014-05-11 22:45:34 +04:00
Eygene Ryabinkin
8b6f10e2e7 Pass folder names for the foldersort function
Bring the description in the template offlineimap.conf in sync to the
actual implementation: pass folder names to the sorting function, not
the offlineimap.folder.IMAP.IMAPFolder objects themselves.

GitHub issue: https://github.com/OfflineIMAP/offlineimap/issues/27
Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
2013-08-27 16:27:36 +04:00
Andreas Mack
e26827c1cb Make authentication mechanisms configurable
Added configuration option "auth_mechanisms" to the config file:
it is a list of mechanisms that will be tried in the specified order.

Author: Andreas Mack <andreas.mack@konsec.com>
Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
2013-08-08 22:34:30 +04:00
Steve Purcell
968d5520da Allow transport-type tunnels to the IMAP servers
It's nice to set up an ssh tunnel command which forwards an IMAP tcp
port inside an encrypted session, e.g. with ssh's "-W" flag.  In this
case the tunnelled connection still requires authentication inside
IMAP session, because this is transport-only tunnel that substitutes
normal TCP/SSL connection.

New directive, 'transporttunnel' was added: it specifies the command
that will create the tunnel.  Only one type of tunnel must be
specified for a single repository: we can't have both preauthenticated
and transport-type tunnels, they won't chain together.

From: Steve Purcell <steve@sanityinc.com>
Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
2013-08-06 12:18:21 +04:00
Andreas Mack
acaa96291d Add SASL PLAIN authentication method
- this method isn't as deprecated as IMAP LOGIN;

 - it allows to keep hashed passwords on the server side;

 - it has the ability to specify that the remote identity
   is different from authenticating username, so it even
   can be useful in some cases (e.g., migrated mailboxes);
   configuration variable "remote_identity" was introduced
   to leverage this functionality.

From: Andreas Mack <andreas.mack@konsec.com>
Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
2013-08-06 01:51:41 +04:00
Eygene Ryabinkin
41cb0f577f Prune trailing whitespaces from code and documentation
They are redundant in all pruned cases and sometimes even create some
problems, e.g., when one tries to jump through paragraphs in vi.

Signed-off-by: Eygene Ryabinkin <rea@codelabs.ru>
2013-07-21 23:00:23 +04:00
Dmitrijs Ledkovs
e8c40a9285 Merge branch 'master' into next 2013-07-10 02:49:52 +01:00
Dmitrijs Ledkovs
7a21cab6c5 Correct whitespace & add docs about remoteporteval. 2013-07-10 02:17:01 +01:00
Ryan Kavanagh
2bacdb7fa3 Allow setting IMAP servers' SSL version
We now allow setting the SSL version used when connecting to IMAPS servers, and
do so via the `ssl_version` configuration option. We default to the current
practice (letting python's "ssl" library automatically detect the correct
version). There are however rare cases where one must specify the version to
use.

Signed-off-by: Ryan Kavanagh <rak@debian.org>
2013-07-08 10:57:58 -04:00