Sziasztok: A megoldas az archivum kedveert (Ha v.ki persze ebben a konfigban lat v.mi nemszep dolgot, batran szoljon): PSSL_METHOD_ALL Es a policy.py idevago resze: class SmtpsMail(Smtp): def config(self): Smtp.config(self) self.ssl.client_key_file = "/etc/ssl/sites/mail.valami.hu.key" self.ssl.client_cert_file = "/etc/ssl/sites/mail. valami.hu _ca.crt" self.ssl.client_ssl_method = PSSL_METHOD_ALL self.ssl.server_ssl_method = PSSL_METHOD_ALL self.ssl.client_connection_security = PSSL_FORCE_SSL self.ssl.server_connection_security = PSSL_FORCE_SSL self.ssl.client_disable_proto_sslv2 = TRUE self.ssl.server_disable_proto_sslv2 = TRUE self.ssl.client_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.server_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.client_verify_type = SSL_VERIFY_NONE self.ssl.server_verify_type = SSL_VERIFY_REQUIRED_UNTRUSTED self.ssl.client_verify_depth = 3 self.ssl.server_verify_depth = 3 class ImapsMail(Imap): def config(self): Imap.config(self) self.ssl.client_key_file = "/etc/ssl/sites/mail. valami.hu.key" self.ssl.client_cert_file = "/etc/ssl/sites/mail. valami.hu _ca.crt" self.ssl.client_ssl_method = PSSL_METHOD_ALL self.ssl.server_ssl_method = PSSL_METHOD_ALL self.ssl.client_connection_security = PSSL_FORCE_SSL self.ssl.server_connection_security = PSSL_FORCE_SSL self.ssl.client_disable_proto_sslv2 = TRUE self.ssl.server_disable_proto_sslv2 = TRUE self.ssl.client_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.server_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.client_verify_type = SSL_VERIFY_NONE self.ssl.server_verify_type = SSL_VERIFY_REQUIRED_UNTRUSTED self.ssl.client_verify_depth = 3 self.ssl.server_verify_depth = 3 class Pop3sMail(Pop3): def config(self): Pop3.config(self) self.ssl.client_key_file = "/etc/ssl/sites/mail. valami.hu.key" self.ssl.client_cert_file = "/etc/ssl/sites/mail. valami.hu _ca.crt" self.ssl.client_ssl_method = PSSL_METHOD_ALL self.ssl.server_ssl_method = PSSL_METHOD_ALL self.ssl.client_connection_security = PSSL_FORCE_SSL self.ssl.server_connection_security = PSSL_FORCE_SSL self.ssl.client_disable_proto_sslv2 = TRUE self.ssl.server_disable_proto_sslv2 = TRUE self.ssl.client_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.server_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.client_verify_type = SSL_VERIFY_NONE self.ssl.server_verify_type = SSL_VERIFY_REQUIRED_UNTRUSTED self.ssl.client_verify_depth = 3 self.ssl.server_verify_depth = 3 Koszonom mindenkinek a hasznos otleteket. Tamas Barina
A PSSL_ helyett SSL_ prefix az ami támogatott a 3.9-es verzióban. Ezt még érdemes lehet tudni. Egyébiránt hasznos példákat lehet találni az alábbi címen, egyebek mellett SSL melletti használatra is. https://github.com/balabit/zorp-examples Üdv, Pfeiffer Szilárd On k, 2012-08-28 at 19:30 +0100, Tamas Barina wrote:
Sziasztok:
A megoldas az archivum kedveert (Ha v.ki persze ebben a konfigban lat v.mi nemszep dolgot, batran szoljon): PSSL_METHOD_ALL
Es a policy.py idevago resze: class SmtpsMail(Smtp): def config(self): Smtp.config(self) self.ssl.client_key_file = "/etc/ssl/sites/mail.valami.hu.key" self.ssl.client_cert_file = "/etc/ssl/sites/mail. valami.hu _ca.crt" self.ssl.client_ssl_method = PSSL_METHOD_ALL self.ssl.server_ssl_method = PSSL_METHOD_ALL self.ssl.client_connection_security = PSSL_FORCE_SSL self.ssl.server_connection_security = PSSL_FORCE_SSL self.ssl.client_disable_proto_sslv2 = TRUE self.ssl.server_disable_proto_sslv2 = TRUE self.ssl.client_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.server_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.client_verify_type = SSL_VERIFY_NONE self.ssl.server_verify_type = SSL_VERIFY_REQUIRED_UNTRUSTED self.ssl.client_verify_depth = 3 self.ssl.server_verify_depth = 3
class ImapsMail(Imap): def config(self): Imap.config(self) self.ssl.client_key_file = "/etc/ssl/sites/mail. valami.hu.key" self.ssl.client_cert_file = "/etc/ssl/sites/mail. valami.hu _ca.crt" self.ssl.client_ssl_method = PSSL_METHOD_ALL self.ssl.server_ssl_method = PSSL_METHOD_ALL self.ssl.client_connection_security = PSSL_FORCE_SSL self.ssl.server_connection_security = PSSL_FORCE_SSL self.ssl.client_disable_proto_sslv2 = TRUE self.ssl.server_disable_proto_sslv2 = TRUE self.ssl.client_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.server_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.client_verify_type = SSL_VERIFY_NONE self.ssl.server_verify_type = SSL_VERIFY_REQUIRED_UNTRUSTED self.ssl.client_verify_depth = 3 self.ssl.server_verify_depth = 3
class Pop3sMail(Pop3): def config(self): Pop3.config(self) self.ssl.client_key_file = "/etc/ssl/sites/mail. valami.hu.key" self.ssl.client_cert_file = "/etc/ssl/sites/mail. valami.hu _ca.crt" self.ssl.client_ssl_method = PSSL_METHOD_ALL self.ssl.server_ssl_method = PSSL_METHOD_ALL self.ssl.client_connection_security = PSSL_FORCE_SSL self.ssl.server_connection_security = PSSL_FORCE_SSL self.ssl.client_disable_proto_sslv2 = TRUE self.ssl.server_disable_proto_sslv2 = TRUE self.ssl.client_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.server_ssl_cipher = PSSL_CIPHERS_HIGH self.ssl.client_verify_type = SSL_VERIFY_NONE self.ssl.server_verify_type = SSL_VERIFY_REQUIRED_UNTRUSTED self.ssl.client_verify_depth = 3 self.ssl.server_verify_depth = 3
Koszonom mindenkinek a hasznos otleteket.
Tamas Barina
_______________________________________________ zorp-hu mailing list zorp-hu@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/zorp-hu
Koszonom a linket es az eszrevetelt. Udv, Tamas Barina
participants (2)
-
Szilárd Pfeiffer
-
Tamas Barina