Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #39915

IMAP4_SSL and OpenSSL compatibility

Date 2013-02-25 23:43 +0100
From "W. Martin Borgert" <debacle@debian.org>
Subject IMAP4_SSL and OpenSSL compatibility
Newsgroups comp.lang.python
Message-ID <mailman.2524.1361834200.2939.python-list@python.org> (permalink)

Show all headers | View raw

Hi,

after an upgrade from Debian squeeze to Debian wheezy, I could
not connect to a Microsoft Exchange Server 2003 anymore, because
the OpenSSL library, Python is linked with, changed from version
0.9.8o to 1.0.1e, which has different defaults. The code is:

>>> import imaplib
>>> IMAP4_SSL("192.168.1.1")

With the new OpenSSL version, the following exception is raised:

Traceback (most recent call last):
   File "<stdin>", line 1, in <module>
   File "/usr/lib/python2.7/imaplib.py", line 1148, in __init__
     IMAP4.__init__(self, host, port)
   File "/usr/lib/python2.7/imaplib.py", line 192, in __init__
     typ, dat = self.capability()
   File "/usr/lib/python2.7/imaplib.py", line 361, in capability
     typ, dat = self._simple_command(name)
   File "/usr/lib/python2.7/imaplib.py", line 1070, in _simple_command
     return self._command_complete(name, self._command(name, *args))
   File "/usr/lib/python2.7/imaplib.py", line 897, in _command_complete
     typ, data = self._get_tagged_response(tag)
   File "/usr/lib/python2.7/imaplib.py", line 999, in _get_tagged_response
     self._get_response()
   File "/usr/lib/python2.7/imaplib.py", line 916, in _get_response
     resp = self._get_line()
   File "/usr/lib/python2.7/imaplib.py", line 1009, in _get_line
     line = self.readline()
   File "/usr/lib/python2.7/imaplib.py", line 1171, in readline
     return self.file.readline()
   File "/usr/lib/python2.7/socket.py", line 447, in readline
     data = self._sock.recv(self._rbufsize)
   File "/usr/lib/python2.7/ssl.py", line 241, in recv
     return self.read(buflen)
   File "/usr/lib/python2.7/ssl.py", line 160, in read
     return self._sslobj.read(len)
ssl.SSLError: [Errno 1] _ssl.c:1359: error:1408F10B:SSL
routines:SSL3_GET_RECORD:wrong version number

The problem seems to be, that IMAP4_SSL does not specify the SSL
version, so the default is used (ssl.PROTOCOL_SSLv23?). The
Python documentation states, that for clients the best option in
terms of compatilibity is ssl.PROTOCOL_SSLv3.

When I add an ssl_version argument to the call to
ssl.wrap_socket() in imaplib.IMAP4_SSL.open(), I can connect to
the Exchange server without problems:

self.sslobj = ssl.wrap_socket(self.sock, self.keyfile, self.certfile,
                              ssl_version = ssl.PROTOCOL_SSLv3)

Would it make sense, to make this change in the Python standard
library?

Thanks in advance!

Back to comp.lang.python | Previous | Next | Find similar | Unroll thread

Thread

IMAP4_SSL and OpenSSL compatibility "W. Martin Borgert" <debacle@debian.org> - 2013-02-25 23:43 +0100

csiph-web