1# Author: Trevor Perrin 2# See the LICENSE file for legal information regarding use of this file. 3 4"""TLS Lite + poplib.""" 5 6import socket 7from poplib import POP3, POP3_SSL_PORT 8from tlslite.tlsconnection import TLSConnection 9from tlslite.integration.clienthelper import ClientHelper 10 11class POP3_TLS(POP3, ClientHelper): 12 """This class extends L{poplib.POP3} with TLS support.""" 13 14 def __init__(self, host, port = POP3_SSL_PORT, 15 timeout=socket._GLOBAL_DEFAULT_TIMEOUT, 16 username=None, password=None, 17 certChain=None, privateKey=None, 18 checker=None, 19 settings=None): 20 """Create a new POP3_TLS. 21 22 For client authentication, use one of these argument 23 combinations: 24 - username, password (SRP) 25 - certChain, privateKey (certificate) 26 27 For server authentication, you can either rely on the 28 implicit mutual authentication performed by SRP or 29 you can do certificate-based server 30 authentication with one of these argument combinations: 31 - x509Fingerprint 32 33 Certificate-based server authentication is compatible with 34 SRP or certificate-based client authentication. 35 36 The caller should be prepared to handle TLS-specific 37 exceptions. See the client handshake functions in 38 L{tlslite.TLSConnection.TLSConnection} for details on which 39 exceptions might be raised. 40 41 @type host: str 42 @param host: Server to connect to. 43 44 @type port: int 45 @param port: Port to connect to. 46 47 @type username: str 48 @param username: SRP username. 49 50 @type password: str 51 @param password: SRP password for mutual authentication. 52 Requires the 'username' argument. 53 54 @type certChain: L{tlslite.x509certchain.X509CertChain} 55 @param certChain: Certificate chain for client authentication. 56 Requires the 'privateKey' argument. Excludes the SRP argument. 57 58 @type privateKey: L{tlslite.utils.rsakey.RSAKey} 59 @param privateKey: Private key for client authentication. 60 Requires the 'certChain' argument. Excludes the SRP argument. 61 62 @type checker: L{tlslite.checker.Checker} 63 @param checker: Callable object called after handshaking to 64 evaluate the connection and raise an Exception if necessary. 65 66 @type settings: L{tlslite.handshakesettings.HandshakeSettings} 67 @param settings: Various settings which can be used to control 68 the ciphersuites, certificate types, and SSL/TLS versions 69 offered by the client. 70 """ 71 self.host = host 72 self.port = port 73 sock = socket.create_connection((host, port), timeout) 74 ClientHelper.__init__(self, 75 username, password, 76 certChain, privateKey, 77 checker, 78 settings) 79 connection = TLSConnection(sock) 80 ClientHelper._handshake(self, connection) 81 self.sock = connection 82 self.file = self.sock.makefile('rb') 83 self._debugging = 0 84 self.welcome = self._getresp()