Add support for ssl client certificates

This patch adds sslclientcert and sslclientkey configuration options which are passed through to imaplib in order to allow the use of client certificates for authentication. Tue Nov 13 14:44:17 CST 2007 Mark Hymers <mhy@debian.org>
2008-05-23 14:58:18 -05:00 · 2008-05-23 14:58:18 -05:00 · ca08c1e553
parent 3c7edc2e4d
commit ca08c1e553
3 changed files with 22 additions and 3 deletions
--- a/offlineimap.conf
+++ b/offlineimap.conf
@ -221,6 +221,12 @@ remotehost = examplehost
 # Whether or not to use SSL.
 ssl = yes

+# SSL Client certificate (optional)
+# sslclientcert = /path/to/file.crt
+
+# SSL Client key (optional)
+# sslclientkey = /path/to/file.key
+
 # Specify the port.  If not specified, use a default port.
 # remoteport = 993

--- a/offlineimap/imapserver.py
+++ b/offlineimap/imapserver.py
@ -72,7 +72,7 @@ class IMAPServer:
    def __init__(self, config, reposname,
                 username = None, password = None, hostname = None,
                 port = None, ssl = 1, maxconnections = 1, tunnel = None,
-                 reference = '""'):
+                 reference = '""', sslclientcert = None, sslclientkey = None):
        self.reposname = reposname
        self.config = config
        self.username = username
@ -83,6 +83,8 @@ class IMAPServer:
        self.tunnel = tunnel
        self.port = port
        self.usessl = ssl
+        self.sslclientcert = sslclientcert
+        self.sslclientkey = sslclientkey
        self.delim = None
        self.root = None
        if port == None:
@ -218,7 +220,8 @@ class IMAPServer:
                success = 1
            elif self.usessl:
                UIBase.getglobalui().connecting(self.hostname, self.port)
-                imapobj = UsefulIMAP4_SSL(self.hostname, self.port)
+                imapobj = UsefulIMAP4_SSL(self.hostname, self.port,
+                                          self.sslclientkey, self.sslclientcert)
            else:
                UIBase.getglobalui().connecting(self.hostname, self.port)
                imapobj = UsefulIMAP4(self.hostname, self.port)
@ -360,6 +363,8 @@ class ConfigedIMAPServer(IMAPServer):
            user = self.repos.getuser()
            port = self.repos.getport()
            ssl = self.repos.getssl()
+            sslclientcert = self.repos.getsslclientcert()
+            sslclientkey = self.repos.getsslclientkey()
        reference = self.repos.getreference()
        server = None
        password = None
@ -379,4 +384,6 @@ class ConfigedIMAPServer(IMAPServer):
            IMAPServer.__init__(self, self.config, self.repos.getname(),
                                user, password, host, port, ssl,
                                self.repos.getmaxconnections(),
-                                reference = reference)
+                                reference = reference,
+                                sslclientcert = sslclientcert,
+                                sslclientkey = sslclientkey)
--- a/offlineimap/repository/IMAP.py
+++ b/offlineimap/repository/IMAP.py
@ -125,6 +125,12 @@ class IMAPRepository(BaseRepository):
    def getssl(self):
        return self.getconfboolean('ssl', 0)

+    def getsslclientcert(self):
+        return self.getconf('sslclientcert', None)
+
+    def getsslclientkey(self):
+        return self.getconf('sslclientkey', None)
+
    def getpreauthtunnel(self):
        return self.getconf('preauthtunnel', None)