after an upgrade from Debian squeeze to Debian wheezy, I could
not connect to a Microsoft Exchange Server 2003 anymore, because
the OpenSSL library, Python is linked with, changed from version
0.9.8o to 1.0.1e, which has different defaults. The code is:

import imaplib

With the new OpenSSL version, the following exception is raised:

Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python2.7/imaplib.py", line 1148, in __init__
IMAP4.__init__(self, host, port)
File "/usr/lib/python2.7/imaplib.py", line 192, in __init__
typ, dat = self.capability()
File "/usr/lib/python2.7/imaplib.py", line 361, in capability
typ, dat = self._simple_command(name)
File "/usr/lib/python2.7/imaplib.py", line 1070, in _simple_command
return self._command_complete(name, self._command(name, *args))
File "/usr/lib/python2.7/imaplib.py", line 897, in _command_complete
typ, data = self._get_tagged_response(tag)
File "/usr/lib/python2.7/imaplib.py", line 999, in _get_tagged_response
File "/usr/lib/python2.7/imaplib.py", line 916, in _get_response
resp = self._get_line()
File "/usr/lib/python2.7/imaplib.py", line 1009, in _get_line
line = self.readline()
File "/usr/lib/python2.7/imaplib.py", line 1171, in readline
return self.file.readline()
File "/usr/lib/python2.7/socket.py", line 447, in readline
data = self._sock.recv(self._rbufsize)
File "/usr/lib/python2.7/ssl.py", line 241, in recv
return self.read(buflen)
File "/usr/lib/python2.7/ssl.py", line 160, in read
return self._sslobj.read(len)
ssl.SSLError: [Errno 1] _ssl.c:1359: error:1408F10B:SSL
routines:SSL3_GET_RECORD:wrong version number

The problem seems to be, that IMAP4_SSL does not specify the SSL
version, so the default is used (ssl.PROTOCOL_SSLv23?). The
Python documentation states, that for clients the best option in
terms of compatilibity is ssl.PROTOCOL_SSLv3.

When I add an ssl_version argument to the call to
ssl.wrap_socket() in imaplib.IMAP4_SSL.open(), I can connect to
the Exchange server without problems:

self.sslobj = ssl.wrap_socket(self.sock, self.keyfile, self.certfile,
ssl_version = ssl.PROTOCOL_SSLv3)

Would it make sense, to make this change in the Python standard

Thanks in advance!

Search Discussions

Discussion Posts

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 1 of 4 | next ›
Discussion Overview
grouppython-list @
postedFeb 25, '13 at 10:43p
activeMar 1, '13 at 7:03p



site design / logo © 2022 Grokbase