aboutsummaryrefslogtreecommitdiffstats
path: root/climl_imap_bridge.py
diff options
context:
space:
mode:
Diffstat (limited to 'climl_imap_bridge.py')
-rw-r--r--climl_imap_bridge.py21
1 files changed, 16 insertions, 5 deletions
diff --git a/climl_imap_bridge.py b/climl_imap_bridge.py
index f4d75e7..8070b86 100644
--- a/climl_imap_bridge.py
+++ b/climl_imap_bridge.py
@@ -5,16 +5,27 @@ import subprocess
import confparser
import imapclient
+import backports.ssl
+
def connect_to_imap(conf, password):
- ssl_context = None
+ cafile = conf.get('imap.tls_ca', None)
+
+ if cafile:
+ cafile = os.path.expanduser(cafile)
+
+ ssl_context = imapclient.create_default_context(cafile=cafile)
+
+ if conf.get('imap.tls_nocheck_hostname', 'false').lower() == 'true':
+ # don't check if certificate hostname doesn't match target hostname
+ ssl_context.check_hostname = False
- if conf.get('imap.ssl_ca', None):
- ssl_context = imapclient.create_default_context(
- cafile=os.path.expanduser(conf.get('imap.ssl_ca')))
+ if conf.get('imap.tls_nocheck_ca', 'false').lower() == 'true':
+ # don't check if the certificate is trusted by a certificate authority
+ ssl_context.verify_mode = backports.ssl.CERT_NONE
connection = imapclient.IMAPClient(host=conf.get('imap.server'),
- ssl=conf.get('imap.ssl', 'true').lower() == 'true',
+ ssl=conf.get('imap.tls', 'true').lower() == 'true',
ssl_context=ssl_context)
if conf.get('imap.start_tls', 'false').lower() == 'true':
connection.start_tls(ssl_context=ssl_context)