[zorp-hu] Megoldva - pop3s, imaps, smtps

Tamas Barina tamas at barina.hu
2012. Aug. 28., K, 20:30:38 CEST 

Sziasztok:

A megoldas az archivum kedveert (Ha v.ki persze ebben a konfigban lat v.mi
nemszep dolgot, batran szoljon):
PSSL_METHOD_ALL

Es a policy.py idevago resze:
class SmtpsMail(Smtp):
     def config(self):
        Smtp.config(self)
        self.ssl.client_key_file = "/etc/ssl/sites/mail.valami.hu.key"
        self.ssl.client_cert_file = "/etc/ssl/sites/mail. valami.hu _ca.crt"
        self.ssl.client_ssl_method = PSSL_METHOD_ALL
        self.ssl.server_ssl_method = PSSL_METHOD_ALL
        self.ssl.client_connection_security = PSSL_FORCE_SSL
        self.ssl.server_connection_security = PSSL_FORCE_SSL
        self.ssl.client_disable_proto_sslv2 = TRUE
        self.ssl.server_disable_proto_sslv2 = TRUE
        self.ssl.client_ssl_cipher = PSSL_CIPHERS_HIGH
        self.ssl.server_ssl_cipher = PSSL_CIPHERS_HIGH
        self.ssl.client_verify_type = SSL_VERIFY_NONE
        self.ssl.server_verify_type = SSL_VERIFY_REQUIRED_UNTRUSTED
        self.ssl.client_verify_depth = 3
        self.ssl.server_verify_depth = 3

class ImapsMail(Imap):
     def config(self):
        Imap.config(self)
        self.ssl.client_key_file = "/etc/ssl/sites/mail. valami.hu.key"
        self.ssl.client_cert_file = "/etc/ssl/sites/mail. valami.hu _ca.crt"
        self.ssl.client_ssl_method = PSSL_METHOD_ALL
        self.ssl.server_ssl_method = PSSL_METHOD_ALL
        self.ssl.client_connection_security = PSSL_FORCE_SSL
        self.ssl.server_connection_security = PSSL_FORCE_SSL
        self.ssl.client_disable_proto_sslv2 = TRUE
        self.ssl.server_disable_proto_sslv2 = TRUE
        self.ssl.client_ssl_cipher = PSSL_CIPHERS_HIGH
        self.ssl.server_ssl_cipher = PSSL_CIPHERS_HIGH
        self.ssl.client_verify_type = SSL_VERIFY_NONE
        self.ssl.server_verify_type = SSL_VERIFY_REQUIRED_UNTRUSTED
        self.ssl.client_verify_depth = 3
        self.ssl.server_verify_depth = 3

class Pop3sMail(Pop3):
     def config(self):
        Pop3.config(self)
        self.ssl.client_key_file = "/etc/ssl/sites/mail. valami.hu.key"
        self.ssl.client_cert_file = "/etc/ssl/sites/mail. valami.hu _ca.crt"
        self.ssl.client_ssl_method = PSSL_METHOD_ALL
        self.ssl.server_ssl_method = PSSL_METHOD_ALL
        self.ssl.client_connection_security = PSSL_FORCE_SSL
        self.ssl.server_connection_security = PSSL_FORCE_SSL
        self.ssl.client_disable_proto_sslv2 = TRUE
        self.ssl.server_disable_proto_sslv2 = TRUE
        self.ssl.client_ssl_cipher = PSSL_CIPHERS_HIGH
        self.ssl.server_ssl_cipher = PSSL_CIPHERS_HIGH
        self.ssl.client_verify_type = SSL_VERIFY_NONE
        self.ssl.server_verify_type = SSL_VERIFY_REQUIRED_UNTRUSTED
        self.ssl.client_verify_depth = 3
        self.ssl.server_verify_depth = 3

Koszonom mindenkinek a hasznos otleteket.

Tamas Barina

További információk a(z) zorp-hu levelezőlistáról