[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#603450: Fwd: Due offlineimap absence of certificate validation issue -- Debian BTS#603450

Hi dave!

* dave b <db.pub.mail@gmail.com> [101202 05:58]:

> Here have a patch!
> This obviously will break connecting to hosts which use a self-signed
> certificate.
> Perhaps some one else can fix this when they want it fixed ;) ?
> I tested using the following config:

I verified it, and your patch works:  I accepts valid ssl connections,
and rejects invalid ones.

> +        self.sslobj = ssl_wrap(self.sock, self.keyfile, self.certfile, cert_reqs=ssl.CERT_REQUIRED, ca_certs="/etc/ssl/certs/ca-certificates.crt")

But that looks kind of ugly, having a hardcoded path... Also, I wonder
if not self.certfile should be used for verification?

Best Regards,

Reply to: