diff options
author | Robbie Harwood <rharwood@redhat.com> | 2020-03-10 12:54:50 -0400 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2020-03-19 13:22:52 -0700 |
commit | 6e26cfb34ae96f2dbef3660afd1857b31bd6ea5c (patch) | |
tree | 78d37ac85718d490b83508b67bcba59a3ece4e76 /DEVELOPER-CERTIFICATE | |
parent | e4e5653d1c79ab0be13479fa8dff6b299624ea8b (diff) | |
download | mailscripts-6e26cfb34ae96f2dbef3660afd1857b31bd6ea5c.tar.gz |
imap-dl: Allow specifying ssl_ciphers
In my case, this allows supporting servers which have unacceptably (for
systemwide OpenSSL) small DH sizes by requesting non-DH ciphers.
Specifically, hardcoding AES256-GCM-SHA384 prevents this traceback:
Traceback (most recent call last):
File "/usr/bin/imap-dl", line 273, in <module>
scan_msgs(confname, args.verbose)
File "/usr/bin/imap-dl", line 133, in scan_msgs
ssl_context=ctx) as imap:
File "/usr/lib/python3.7/imaplib.py", line 1288, in __init__
IMAP4.__init__(self, host, port)
File "/usr/lib/python3.7/imaplib.py", line 198, in __init__
self.open(host, port)
File "/usr/lib/python3.7/imaplib.py", line 1301, in open
IMAP4.open(self, host, port)
File "/usr/lib/python3.7/imaplib.py", line 299, in open
self.sock = self._create_socket()
File "/usr/lib/python3.7/imaplib.py", line 1293, in _create_socket
server_hostname=self.host)
File "/usr/lib/python3.7/ssl.py", line 423, in wrap_socket
session=session
File "/usr/lib/python3.7/ssl.py", line 870, in _create
self.do_handshake()
File "/usr/lib/python3.7/ssl.py", line 1139, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: DH_KEY_TOO_SMALL] dh key too small (_ssl.c:1076)
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
Acked-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Diffstat (limited to 'DEVELOPER-CERTIFICATE')
0 files changed, 0 insertions, 0 deletions