def connect(self):
httplib.HTTPConnection.connect(self)
if create_default_context:
context = create_default_context()
if self.ca_certs:
context.load_verify_locations(cafile=self.ca_certs)
context.check_hostname = self.require_cert
context.verify_mode = ssl.CERT_REQUIRED if self.require_cert else ssl.CERT_NONE
if self.certfile and self.keyfile:
context.load_cert_chain(certfile=self.certfile,
keyfile=self.keyfile)
self.sock = context.wrap_socket(
self.sock,
server_hostname=self.host
if not self._tunnel_host else self._tunnel_host)
else:
with ca_certs(self.ca_certs) as certs:
self.sock = ssl.wrap_socket(
self.sock,
certfile=self.certfile,
keyfile=self.keyfile,
cert_reqs=ssl.CERT_REQUIRED
if self.require_cert else ssl.CERT_NONE,
ca_certs=certs)
if self.require_cert:
hostname = self.host if not self._tunnel_host else self._tunnel_host
cert = self.sock.getpeercert()
match_hostname(cert, hostname)
def client(host, port):
sock = socket.Socket()
yield sock.connect((host, port))
ssl_sock = yield ssl.wrap_socket(sock, require_cert=True)
cert = yield ssl_sock.getpeercert()
ssl.match_hostname(cert, host)
def client(host, port, cafile):
sock = socket.Socket()
yield sock.connect((host, port))
if cafile:
ssl_sock = yield ssl.wrap_socket(sock,
require_cert=True,
ca_certs=cafile)
else:
ssl_sock = yield ssl.wrap_socket(sock, require_cert=True)
cert = yield ssl_sock.getpeercert()
ssl.match_hostname(cert, host)
def open(self, host="", port=_DEFAULT_PORT_IMAP4_SSL):
self.host = host
self.port = port
self.sock = socket.create_connection((host, port),
timeout=self._timeout)
with ca_certs(self.ca_certs) as certs:
self.sslobj = ssl.wrap_socket(self.sock,
keyfile=self.keyfile,
certfile=self.certfile,
cert_reqs=ssl.CERT_REQUIRED,
ca_certs=certs)
cert = self.sslobj.getpeercert()
match_hostname(cert, host)
self.file = self.sslobj.makefile("rb")
def connect(self):
httplib.HTTPConnection.connect(self)
with ca_certs(self.ca_certs) as certs:
self.sock = ssl.wrap_socket(
self.sock,
certfile=self.certfile,
keyfile=self.keyfile,
cert_reqs=ssl.CERT_REQUIRED if self.require_cert else ssl.CERT_NONE,
ca_certs=certs
)
if self.require_cert:
hostname = self.host if not self._tunnel_host else self._tunnel_host
cert = self.sock.getpeercert()
match_hostname(cert, hostname)
def open(self, host="", port=_DEFAULT_PORT_IMAP4_SSL):
self.host = host
self.port = port
self.sock = socket.create_connection((host, port), timeout=self._timeout)
with ca_certs(self.ca_certs) as certs:
self.sslobj = ssl.wrap_socket(
self.sock,
keyfile=self.keyfile,
certfile=self.certfile,
cert_reqs=ssl.CERT_REQUIRED,
ca_certs=certs
)
cert = self.sslobj.getpeercert()
match_hostname(cert, host)
self.file = self.sslobj.makefile("rb")
def starttls(self, keyfile=None, certfile=None):
self.ehlo_or_helo_if_needed()
if not self.has_extn("starttls"):
raise smtplib.SMTPException("server doesn't support STARTTLS")
response, reply = self.docmd("STARTTLS")
if response == 220:
with ca_certs(self._ca_certs) as certs:
self.sock = ssl.wrap_socket(
self.sock, certfile=certfile, keyfile=keyfile, ca_certs=certs, cert_reqs=ssl.CERT_REQUIRED
)
cert = self.sock.getpeercert()
match_hostname(cert, self._host)
self.file = smtplib.SSLFakeFile(self.sock)
self.helo_resp = None
self.ehlo_resp = None
self.esmtp_features = {}
self.does_esmtp = 0
return response, reply
def starttls(self, keyfile=None, certfile=None):
self.ehlo_or_helo_if_needed()
if not self.has_extn("starttls"):
raise smtplib.SMTPException("server doesn't support STARTTLS")
response, reply = self.docmd("STARTTLS")
if response == 220:
with ca_certs(self._ca_certs) as certs:
self.sock = ssl.wrap_socket(
self.sock,
certfile=certfile,
keyfile=keyfile,
ca_certs=certs,
cert_reqs=ssl.CERT_REQUIRED
)
cert = self.sock.getpeercert()
match_hostname(cert, self._host)
self.file = smtplib.SSLFakeFile(self.sock)
self.helo_resp = None
self.ehlo_resp = None
self.esmtp_features = {}
self.does_esmtp = 0
return response, reply
