Package tlslite :: Package integration :: Module smtp_tls
[hide private]
[frames] | no frames]

Source Code for Module tlslite.integration.smtp_tls

 1  # Author: Trevor Perrin 
 2  # See the LICENSE file for legal information regarding use of this file. 
 3   
 4  """TLS Lite + smtplib.""" 
 5   
 6  from smtplib import SMTP 
 7  from tlslite.tlsconnection import TLSConnection 
 8  from tlslite.integration.clienthelper import ClientHelper 
 9   
10 -class SMTP_TLS(SMTP):
11 """This class extends L{smtplib.SMTP} with TLS support.""" 12
13 - def starttls(self, 14 username=None, password=None, 15 certChain=None, privateKey=None, 16 x509Fingerprint=None, 17 tackID=None, 18 hardTack=None, 19 settings=None):
20 """Puts the connection to the SMTP server into TLS mode. 21 22 If the server supports TLS, this will encrypt the rest of the SMTP 23 session. 24 25 For client authentication, use one of these argument 26 combinations: 27 - username, password (SRP) 28 - certChain, privateKey (certificate) 29 30 For server authentication, you can either rely on the 31 implicit mutual authentication performed by SRP or 32 you can do certificate-based server 33 authentication with one of these argument combinations: 34 - x509Fingerprint 35 36 Certificate-based server authentication is compatible with 37 SRP or certificate-based client authentication. 38 39 The caller should be prepared to handle TLS-specific 40 exceptions. See the client handshake functions in 41 L{tlslite.TLSConnection.TLSConnection} for details on which 42 exceptions might be raised. 43 44 @type username: str 45 @param username: SRP username. Requires the 46 'password' argument. 47 48 @type password: str 49 @param password: SRP password for mutual authentication. 50 Requires the 'username' argument. 51 52 @type certChain: L{tlslite.x509certchain.X509CertChain} 53 @param certChain: Certificate chain for client authentication. 54 Requires the 'privateKey' argument. Excludes the SRP arguments. 55 56 @type privateKey: L{tlslite.utils.rsakey.RSAKey} 57 @param privateKey: Private key for client authentication. 58 Requires the 'certChain' argument. Excludes the SRP arguments. 59 60 @type x509Fingerprint: str 61 @param x509Fingerprint: Hex-encoded X.509 fingerprint for 62 server authentication. 63 64 @type tackID: str 65 @param tackID: TACK ID for server authentication. 66 67 @type hardTack: bool 68 @param hardTack: Whether to raise TackBreakSigError on TACK Break. 69 70 @type settings: L{tlslite.handshakesettings.HandshakeSettings} 71 @param settings: Various settings which can be used to control 72 the ciphersuites, certificate types, and SSL/TLS versions 73 offered by the client. 74 """ 75 (resp, reply) = self.docmd("STARTTLS") 76 if resp == 220: 77 helper = ClientHelper( 78 username, password, 79 certChain, privateKey, 80 x509Fingerprint, 81 tackID, hardTack, 82 settings) 83 conn = TLSConnection(self.sock) 84 helper._handshake(conn) 85 self.sock = conn 86 self.file = conn.makefile('rb') 87 return (resp, reply)
88