Package: getmail4
Version: 4.32.0-2
Severity: important
Tags: upstream patch
With changing from squeeze to wheezy, I could not get emails from an
Microsoft Exchange Server 2003 anymore with getmail4. This is caused
by changed default in the OpenSSL library. Linking Python against
libssl from squeeze "solves" the problem in fact, but of course, this
is not an option. The correct solution seems to be to set the right
SSL protocol version when connecting, but unfortunately, Python before
3.3.0 does not allow to set the SSL version for the IMAP4_SSL class,
which is used by getmail4. One can, however, monkey patch it, which
should greatly improve compatibility. Given that MSexChange is
regrettably widespread, I took the liberty to set the severity to
important. The patch needs a review desperately, but it works for me.
--- compatibility.py.orig 2013-02-27 21:29:04.620006917 +0100
+++ compatibility.py 2013-02-27 21:29:26.400007377 +0100
@@ -76,3 +76,24 @@
imaplib.IMAP4_SSL.read = new.instancemethod(fixed_read, None,
imaplib.IMAP4_SSL)
+
+
+if sys.version_info < (3, 3, 0):
+ # enhance compatibility, e.g. for Microsoft Exchange Server 2003:
+ # IMAP4_SSL class uses ssl.PROTOCOL_SSLv23, which is the best choice
+ # for servers, but the Python documentation states, that for clients
+ # ssl.PROTOCOL_SSLv3 is the most compatible SSL variant. This monkey
+ # patch should be removed for Python >= 3.3.0 and the ssl.SSLContext
+ # should be used instead.
+ def IMAP4_SSL_open(self, host = '', port = imaplib.IMAP4_SSL_PORT):
+ self.host = host
+ self.port = port
+ self.sock = socket.create_connection((host, port))
+ self.sslobj = ssl.wrap_socket(self.sock, self.keyfile, self.certfile,
+ ssl_version=ssl.PROTOCOL_SSLv3)
+ self.file = self.sslobj.makefile('rb')
+
+ imaplib.IMAP4_SSL.open = new.instancemethod(IMAP4_SSL_open, None,
+ imaplib.IMAP4_SSL)
+else:
+ raise DeprecationWarning("better use ssl.SSLContext now")
