[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2016-09-08 Thread Christian Heimes 

Christian Heimes added the comment:

Oh sorry, this is about SNI not verified context. All protocols support SNI for 
some time.

--
resolution:  -> out of date
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2016-09-08 Thread Christian Heimes 

Christian Heimes added the comment:

Good idea, but the patch is outdated. We can enforce verification by changing 
ssl._create_stdlib_context.

--
assignee:  -> christian.heimes
nosy: +alex, dstufft, janssen
priority: normal -> high
versions: +Python 3.6, Python 3.7 -Python 3.4

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2013-06-17 Thread Antoine Pitrou 

Changes by Antoine Pitrou pit...@free.fr:


--
nosy: +christian.heimes

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2013-03-08 Thread Florian Weimer 

Changes by Florian Weimer fwei...@redhat.com:


--
nosy: +fweimer

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2013-02-11 Thread Daniel Black 

Daniel Black added the comment:

Ack. Have fix. Simple if self.certfile or self.keyfile: test added before 
load_cert_chain.

part way through developing test. Thinking #17181 would help.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2013-02-10 Thread Antoine Pitrou 

Antoine Pitrou added the comment:

I'm getting a test failure in test_ftplib:

==
ERROR: test_data_connection (test.test_ftplib.TestTLS_FTPClass)
--
Traceback (most recent call last):
  File /home/antoine/cpython/default/Lib/test/test_ftplib.py, line 834, in 
test_data_connection
with self.client.transfercmd('list') as sock:
  File /home/antoine/cpython/default/Lib/ftplib.py, line 386, in transfercmd
return self.ntransfercmd(cmd, rest)[0]
  File /home/antoine/cpython/default/Lib/ftplib.py, line 756, in ntransfercmd
self.context.load_cert_chain(self.certfile, self.keyfile)
TypeError: certfile should be a valid filesystem path


Also, since we now have SNI server support, perhaps it's easier to test the 
change :-)

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2013-02-10 Thread Senthil Kumaran 

Changes by Senthil Kumaran sent...@uthcode.com:


--
nosy: +orsenthil

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2012-12-09 Thread danblack 

danblack added the comment:

the one error in the previous review corrected.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2012-08-22 Thread danblack 

danblack added the comment:

 Thanks for the patch
 Daniel. 3.3 is nearing the release candidate phase, so I'm re-targetting to 
 3.4. I'll take a detailed look soon.

Welcome. Just noticed conflicts with #4473 in the client POP implementation. 
Hopefully they are close anyway.

 (I suppose there's no easy way to write automated tests for this, 
 unfortunately)
Well since #8109 writes the server SNI its getting easier.

In Lib/test/test_ssl.py combined with the changes of #8109 it would seem that 
changing ConnectionHandler.run to respond to AUTH TLS, AUTH SSL (ftp) and 
STLS for pop (preempt #4473).

Changing server_params_test to support a proper arguments that correspond the 
the client protocol would be the way to do it.

 By the way, could you sign a contributor agreement
yes - emailed in.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2012-08-21 Thread danblack 

Changes by danblack daniel.bl...@openquery.com:


Removed file: 
http://bugs.python.org/file26918/issue_10852_pop-smtp-imap-nntp.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2012-08-21 Thread danblack 

danblack added the comment:

previous patch had dumb error and even failed test suit. Now fixed.

--
Added file: http://bugs.python.org/file26949/issue10852-sni.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2012-08-21 Thread Antoine Pitrou 

Antoine Pitrou added the comment:

Thanks for the patch, Daniel. 3.3 is nearing the release candidate phase, so 
I'm re-targetting to 3.4. I'll take a detailed look soon.

(I suppose there's no easy way to write automated tests for this, unfortunately)

--
stage:  - patch review
versions: +Python 3.4 -Python 3.3

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2012-08-21 Thread Antoine Pitrou 

Antoine Pitrou added the comment:

By the way, could you sign a contributor agreement? You can find instructions 
at http://www.python.org/psf/contrib/

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2012-08-21 Thread R. David Murray 

Changes by R. David Murray rdmur...@bitdance.com:


--
nosy: +r.david.murray

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2012-08-20 Thread danblack 

danblack added the comment:

Antoine,

I copied off your http example for all the other protocols.

tested with:

import smtplib

a = smtplib.SMTP_SSL('gmail-smtp-in.l.google.com.')
a.starttls()

a = smtplib.SMTP_SSL('mail.internode.on.net')
a = smtplib.SMTP_SSL('smtp.gmail.com')

import ftplib
# http://secureftp-test.com/

f = ftplib.FTP_TLS('ftp.secureftp-test.com')
f.auth()

import imaplib
i = imaplib.IMAP4('calmail.berkley.edu')
i.starttls()

i = imaplib.IMAP4_SSL('mail.internode.on.net')

import poplib

p = poplib.POP3_SSL('calmail.berkley.edu')

import  nntplib 
n = nntplib.NNTP_SSL('news.internode.on.net')

I did a network capture and saw the hostname in the SNI header

--
nosy: +daniel-black
Added file: 
http://bugs.python.org/file26918/issue_10852_pop-smtp-imap-nntp.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2011-01-24 Thread Daniel Black 

Daniel Black daniel.s...@internode.on.net added the comment:

ok. should library/ssl.rst be updated to use a SSLContext example?

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2011-01-24 Thread Antoine Pitrou 

Antoine Pitrou pit...@free.fr added the comment:

Well, there are already such examples: 
http://docs.python.org/dev/library/ssl.html#examples
Do you think they are not visible enough?

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2011-01-24 Thread Giampaolo Rodola' 

Changes by Giampaolo Rodola' g.rod...@gmail.com:


--
nosy: +giampaolo.rodola

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2011-01-24 Thread Daniel Black 

Daniel Black daniel.s...@internode.on.net added the comment:

I thought previous comments you wanted SSLContext to become the primary api 
rather than wrap_socket? Coding this into the examples is probably a good way 
of making this happen.

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2011-01-07 Thread Antoine Pitrou 

Antoine Pitrou pit...@free.fr added the comment:

Oops, I hadn't noticed you had closed it.

--
nosy: +pitrou
resolution: duplicate - 
status: closed - open

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2011-01-07 Thread Antoine Pitrou 

Antoine Pitrou pit...@free.fr added the comment:

I understand this patch relies on #10851. As I said there, I would rather have 
SSLContext become the primary API, and the stdlib standardize on it. Part of 
the stdlib, as you have witnessed, already allows the user to pass a custom 
SSLContext, which is very simple way of allowing for custom user settings. 
There are two open issues for imaplib (#8808) and smtplib (#8809).

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2011-01-06 Thread Daniel Black 

New submission from Daniel Black daniel.s...@internode.on.net:

Like r85793, sni is enabled by default for url and https classes. This 
continues the consistency throughout the python libraries by adding it to other 
places where wrap_socket is used to instigate a SSL/TLS connection.

--
components: Library (Lib)
files: sni-pop-smtp-imap-nntp.patch
keywords: patch
messages: 125621
nosy: grooverdan, pitrou
priority: normal
severity: normal
status: open
title: SSL/TLS sni use in smtp,pop,imap,nntp,ftp client libs by default
type: feature request
versions: Python 3.3
Added file: http://bugs.python.org/file20299/sni-pop-smtp-imap-nntp.patch

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue10852] SSL/TLS sni use in smtp, pop, imap, nntp, ftp client libs by default

2011-01-06 Thread Daniel Black 

Daniel Black daniel.s...@internode.on.net added the comment:

dup #10853

--
nosy:  -pitrou
resolution:  - duplicate
status: open - closed

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10852
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com