From 23eca208112cf9e611ee0d46a6cd815ffa35b3e8 Mon Sep 17 00:00:00 2001 From: Keith Bowes Date: Tue, 6 Aug 2024 16:18:45 -0400 Subject: [PATCH] removed socket.sslerror, which doesn't exist in Python3. Fixes #36. --- imaplib2/imaplib2.py | 88 +++++++++++++++++++++----------------------- 1 file changed, 42 insertions(+), 46 deletions(-) diff --git a/imaplib2/imaplib2.py b/imaplib2/imaplib2.py index 5c0f4c2..c6ccaa2 100644 --- a/imaplib2/imaplib2.py +++ b/imaplib2/imaplib2.py @@ -473,60 +473,56 @@ def open_socket(self): def ssl_wrap_socket(self): - try: - import ssl - - TLS_MAP = {} - if hasattr(ssl, "PROTOCOL_TLSv1_2"): - TLS_MAP[TLS_SECURE] = { - "tls1_2": ssl.PROTOCOL_TLSv1_2, - "tls1_1": ssl.PROTOCOL_TLSv1_1, - } - else: - TLS_MAP[TLS_SECURE] = {} - TLS_MAP[TLS_NO_SSL] = TLS_MAP[TLS_SECURE].copy() - TLS_MAP[TLS_NO_SSL].update({ - "tls1": ssl.PROTOCOL_TLSv1, - }) - TLS_MAP[TLS_COMPAT] = TLS_MAP[TLS_NO_SSL].copy() + import ssl + + TLS_MAP = {} + if hasattr(ssl, "PROTOCOL_TLSv1_2"): + TLS_MAP[TLS_SECURE] = { + "tls1_2": ssl.PROTOCOL_TLSv1_2, + "tls1_1": ssl.PROTOCOL_TLSv1_1, + } + else: + TLS_MAP[TLS_SECURE] = {} + TLS_MAP[TLS_NO_SSL] = TLS_MAP[TLS_SECURE].copy() + TLS_MAP[TLS_NO_SSL].update({ + "tls1": ssl.PROTOCOL_TLSv1, + }) + TLS_MAP[TLS_COMPAT] = TLS_MAP[TLS_NO_SSL].copy() + TLS_MAP[TLS_COMPAT].update({ + "ssl23": ssl.PROTOCOL_SSLv23, + None: ssl.PROTOCOL_SSLv23, + }) + if hasattr(ssl, "PROTOCOL_SSLv3"): # Might not be available. TLS_MAP[TLS_COMPAT].update({ - "ssl23": ssl.PROTOCOL_SSLv23, - None: ssl.PROTOCOL_SSLv23, + "ssl3": ssl.PROTOCOL_SSLv3 }) - if hasattr(ssl, "PROTOCOL_SSLv3"): # Might not be available. - TLS_MAP[TLS_COMPAT].update({ - "ssl3": ssl.PROTOCOL_SSLv3 - }) - if self.ca_certs is not None: - cert_reqs = ssl.CERT_REQUIRED - else: - cert_reqs = ssl.CERT_NONE + if self.ca_certs is not None: + cert_reqs = ssl.CERT_REQUIRED + else: + cert_reqs = ssl.CERT_NONE - if self.tls_level not in TLS_MAP: - raise RuntimeError("unknown tls_level: %s" % self.tls_level) + if self.tls_level not in TLS_MAP: + raise RuntimeError("unknown tls_level: %s" % self.tls_level) - if self.ssl_version not in TLS_MAP[self.tls_level]: - raise socket.sslerror("Invalid SSL version '%s' requested for tls_version '%s'" % (self.ssl_version, self.tls_level)) + if self.ssl_version not in TLS_MAP[self.tls_level]: + raise ssl.SSLError("Invalid ssl_version '%s' requested for tls_level '%s'" % (self.ssl_version, self.tls_level)) - ssl_version = TLS_MAP[self.tls_level][self.ssl_version] + ssl_version = TLS_MAP[self.tls_level][self.ssl_version] - if getattr(ssl, 'HAS_SNI', False): - ctx = ssl.SSLContext(ssl_version) - ctx.verify_mode = cert_reqs - if self.ca_certs is not None: - ctx.load_verify_locations(self.ca_certs) - if self.certfile or self.keyfile: - ctx.load_cert_chain(self.certfile, self.keyfile) - self.sock = ctx.wrap_socket(self.sock, server_hostname=self.host) - else: - self.sock = ssl.wrap_socket(self.sock, self.keyfile, self.certfile, ca_certs=self.ca_certs, cert_reqs=cert_reqs, ssl_version=ssl_version) + if getattr(ssl, 'HAS_SNI', False): + ctx = ssl.SSLContext(ssl_version) + ctx.verify_mode = cert_reqs + if self.ca_certs is not None: + ctx.load_verify_locations(self.ca_certs) + if self.certfile or self.keyfile: + ctx.load_cert_chain(self.certfile, self.keyfile) + self.sock = ctx.wrap_socket(self.sock, server_hostname=self.host) + else: + self.sock = ssl.wrap_socket(self.sock, self.keyfile, self.certfile, ca_certs=self.ca_certs, cert_reqs=cert_reqs, ssl_version=ssl_version) - ssl_exc = ssl.SSLError - self.read_fd = self.sock.fileno() - except ImportError: - # No ssl module, and socket.ssl has no fileno(), and does not allow certificate verification - raise socket.sslerror("imaplib SSL mode does not work without ssl module") + ssl_exc = ssl.SSLError + self.read_fd = self.sock.fileno() if self.cert_verify_cb is not None: cert_err = self.cert_verify_cb(self.sock.getpeercert(), self.host)