1
2
3
4 """TLS Lite + poplib."""
5
6 import socket
7 from poplib import POP3, POP3_SSL_PORT
8 from tlslite.tlsconnection import TLSConnection
9 from tlslite.integration.clienthelper import ClientHelper
10
12 """This class extends L{poplib.POP3} with TLS support."""
13
14 - def __init__(self, host, port = POP3_SSL_PORT,
15 timeout=socket._GLOBAL_DEFAULT_TIMEOUT,
16 username=None, password=None,
17 certChain=None, privateKey=None,
18 checker=None,
19 settings=None):
20 """Create a new POP3_TLS.
21
22 For client authentication, use one of these argument
23 combinations:
24 - username, password (SRP)
25 - certChain, privateKey (certificate)
26
27 For server authentication, you can either rely on the
28 implicit mutual authentication performed by SRP or
29 you can do certificate-based server
30 authentication with one of these argument combinations:
31 - x509Fingerprint
32
33 Certificate-based server authentication is compatible with
34 SRP or certificate-based client authentication.
35
36 The caller should be prepared to handle TLS-specific
37 exceptions. See the client handshake functions in
38 L{tlslite.TLSConnection.TLSConnection} for details on which
39 exceptions might be raised.
40
41 @type host: str
42 @param host: Server to connect to.
43
44 @type port: int
45 @param port: Port to connect to.
46
47 @type username: str
48 @param username: SRP username.
49
50 @type password: str
51 @param password: SRP password for mutual authentication.
52 Requires the 'username' argument.
53
54 @type certChain: L{tlslite.x509certchain.X509CertChain}
55 @param certChain: Certificate chain for client authentication.
56 Requires the 'privateKey' argument. Excludes the SRP argument.
57
58 @type privateKey: L{tlslite.utils.rsakey.RSAKey}
59 @param privateKey: Private key for client authentication.
60 Requires the 'certChain' argument. Excludes the SRP argument.
61
62 @type checker: L{tlslite.checker.Checker}
63 @param checker: Callable object called after handshaking to
64 evaluate the connection and raise an Exception if necessary.
65
66 @type settings: L{tlslite.handshakesettings.HandshakeSettings}
67 @param settings: Various settings which can be used to control
68 the ciphersuites, certificate types, and SSL/TLS versions
69 offered by the client.
70 """
71 self.host = host
72 self.port = port
73 sock = socket.create_connection((host, port), timeout)
74 ClientHelper.__init__(self,
75 username, password,
76 certChain, privateKey,
77 checker,
78 settings)
79 connection = TLSConnection(sock)
80 ClientHelper._handshake(self, connection)
81 self.sock = connection
82 self.file = self.sock.makefile('rb')
83 self._debugging = 0
84 self.welcome = self._getresp()
85