tlslite.integration.pop3_tls module

TLS Lite + poplib.

class tlslite.integration.pop3_tls.POP3_TLS(host, port=995, timeout=<object object>, username=None, password=None, certChain=None, privateKey=None, checker=None, settings=None)

Bases: POP3, ClientHelper

This class extends poplib.POP3 with TLS support.

__init__(host, port=995, timeout=<object object>, username=None, password=None, certChain=None, privateKey=None, checker=None, settings=None)

Create a new POP3_TLS.

For client authentication, use one of these argument combinations:

• username, password (SRP)

• certChain, privateKey (certificate)

For server authentication, you can either rely on the implicit mutual authentication performed by SRP or you can do certificate-based server authentication with one of these argument combinations:

• x509Fingerprint

Certificate-based server authentication is compatible with SRP or certificate-based client authentication.

The caller should be prepared to handle TLS-specific exceptions. See the client handshake functions in TLSConnection for details on which exceptions might be raised.

Parameters:

• host (str) – Server to connect to.

• port (int) – Port to connect to.

• username (str) – SRP username.

• password (str) – SRP password for mutual authentication. Requires the ‘username’ argument.

• certChain (X509CertChain) – Certificate chain for client authentication. Requires the ‘privateKey’ argument. Excludes the SRP argument.

• privateKey (RSAKey) – Private key for client authentication. Requires the ‘certChain’ argument. Excludes the SRP argument.

• checker (Checker) – Callable object called after handshaking to evaluate the connection and raise an Exception if necessary.

• settings (HandshakeSettings) – Various settings which can be used to control the ciphersuites, certificate types, and SSL/TLS versions offered by the client.