Distro default certificates must be iterables

This patch changes the __DEF_OS_LOCATIONS to an iterable value. The reason is because a list is an iterable, but an string is an iterable too, and this is a mistake. The function get_os_sslcertfile() has a loop to iterate the return of get_os_sslcertfile_searchpath(), that returns the value in the __DEF_OS_LOCATIONS dictionary. When the value is an iterable, the "f" variable is set to the iterable value and works fine. If the value of "f" is an string, the for-loop iterates over every character, so the test for os.path.exists is always false (is comparing the path with a character, not with the full path), so this function fails and return None. To check this change, edit your .offlineimaprc file and change the sslcacertfile to OS-DEFAULT: sslcacertfile = OS-DEFAULT And run offlineimap. If you are not using 'darwin0 (the only iterable) it will fails. Now, apply this patch, and run offlineimap again. Problem is solved. Signed-off-by: Rodolfo García Peñas (kix) <kix@kix.es>
OfflineIMAP · Oct 25, 2020 · fe25a5c · fe25a5c
1 parent bde48fe
commit fe25a5c
Showing 1 changed file with 11 additions and 13 deletions.
diff --git a/offlineimap/utils/distro_utils.py b/offlineimap/utils/distro_utils.py
@@ -11,29 +11,27 @@
 except ImportError:
     from distro import linux_distribution
 
-# Each dictionary value is either string or some iterable.
-#
 # For the former we will just return the value, for an iterable
 # we will walk through the values and will return the first
 # one that corresponds to the existing file.
 __DEF_OS_LOCATIONS = {
-    'freebsd': '/usr/local/share/certs/ca-root-nss.crt',
-    'openbsd': '/etc/ssl/cert.pem',
-    'dragonfly': '/etc/ssl/cert.pem',
+    'freebsd': ['/usr/local/share/certs/ca-root-nss.crt'],
+    'openbsd': ['/etc/ssl/cert.pem'],
+    'dragonfly': ['/etc/ssl/cert.pem'],
     'darwin': [
         # MacPorts, port curl-ca-bundle
         '/opt/local/share/curl/curl-ca-bundle.crt',
         # homebrew, package openssl
         '/usr/local/etc/openssl/cert.pem',
     ],
-    'linux-ubuntu': '/etc/ssl/certs/ca-certificates.crt',
-    'linux-debian': '/etc/ssl/certs/ca-certificates.crt',
-    'linux-gentoo': '/etc/ssl/certs/ca-certificates.crt',
-    'linux-fedora': '/etc/pki/tls/certs/ca-bundle.crt',
-    'linux-redhat': '/etc/pki/tls/certs/ca-bundle.crt',
-    'linux-suse': '/etc/ssl/ca-bundle.pem',
-    'linux-opensuse': '/etc/ssl/ca-bundle.pem',
-    'linux-arch': '/etc/ssl/certs/ca-certificates.crt',
+    'linux-ubuntu': ['/etc/ssl/certs/ca-certificates.crt'],
+    'linux-debian': ['/etc/ssl/certs/ca-certificates.crt'],
+    'linux-gentoo': ['/etc/ssl/certs/ca-certificates.crt'],
+    'linux-fedora': ['/etc/pki/tls/certs/ca-bundle.crt'],
+    'linux-redhat': ['/etc/pki/tls/certs/ca-bundle.crt'],
+    'linux-suse': ['/etc/ssl/ca-bundle.pem'],
+    'linux-opensuse': ['/etc/ssl/ca-bundle.pem'],
+    'linux-arch': ['/etc/ssl/certs/ca-certificates.crt'],
 }