[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#603450: Fwd: Due offlineimap absence of certificate validation issue -- Debian BTS#603450


Am 08.12.2010 09:33, schrieb dave b:

>> I verified it, and your patch works:  I accepts valid ssl connections,
>> and rejects invalid ones.

At this point I should have also said "many thanks for your work!"
Sorry, didn't had a coffee when I wrote my first mail ;)

>>> +        self.sslobj = ssl_wrap(self.sock, self.keyfile, self.certfile, cert_reqs=ssl.CERT_REQUIRED, ca_certs="/etc/ssl/certs/ca-certificates.crt")
>> But that looks kind of ugly, having a hardcoded path... Also, I wonder
>> if not self.certfile should be used for verification?
> Sorry?
> Um. Well sure a hard coded path path not be the best thing ... if you
> know how to determine the path to the ca store on a system modify the
> patch to use that I guess.

Sorry, that was complete nonsense.  For a moment I thought one could use
the certfile parameter to specify a file holding certs for verification.

I take my question back.  Sorry for the noise.

Best regards,

Reply to: