imap breaks on OpenSSL 1.1.1 when SNI is enforced

[CaseyFaist]

BPO	37777
Nosy	@tiran, @alex, @dstufft, @CaseyFaist

^{Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.}

Show more details

GitHub fields:

assignee = 'https://github.com/tiran'
closed_at = <Date 2019-08-06.21:49:23.423>
created_at = <Date 2019-08-06.19:49:52.436>
labels = ['expert-SSL', 'type-bug']
title = 'imap breaks on OpenSSL 1.1.1 when SNI is enforced'
updated_at = <Date 2019-08-06.21:49:23.422>
user = 'https://github.com/CaseyFaist'

bugs.python.org fields:

activity = <Date 2019-08-06.21:49:23.422>
actor = 'cfactoid'
assignee = 'christian.heimes'
closed = True
closed_date = <Date 2019-08-06.21:49:23.423>
closer = 'cfactoid'
components = ['SSL']
creation = <Date 2019-08-06.19:49:52.436>
creator = 'cfactoid'
dependencies = []
files = []
hgrepos = []
issue_num = 37777
keywords = []
message_count = 2.0
messages = ['349131', '349136']
nosy_count = 5.0
nosy_names = ['janssen', 'christian.heimes', 'alex', 'dstufft', 'cfactoid']
pr_nums = []
priority = 'normal'
resolution = None
stage = 'resolved'
status = 'closed'
superseder = None
type = 'behavior'
url = 'https://bugs.python.org/issue37777'
versions = ['Python 2.7']

[CaseyFaist]

OpenSSL 1.1.1 is an LTS release that will see long maintenance, and Ubuntu 18.04 LTS has now upgraded from 1.1.0 to 1.1.1. However, with this upgrade, TLS 1.3 allows email clients to require an SNI for the handshake to succeed. Because the 2.7 imap module does not enforce or provide SNI to the handshake, Python 2.7 with OpenSSL 1.1.1 will break if an email client requires the SNI hostname.

Relevant 2.7 file:
https://github.com/python/cpython/blob/2.7/Lib/imaplib.py

Right now, the only email client that enforces an SNI header to connect is GMail, and this is why no SSL or imap tests would currently fail due to this issue. This issue was addressed in Python 3.4 but not backported as far as I've been able to tell:

7243b57

With a few releases still planned for Python 2.7 before EOL according to PEP-373, while this is not directly a security issue it does block the use of the latest OpenSSL package and seems like a useful inclusion to the last few releases. Happy to submit a backport PR (in progress) if that's likely.

Reproduce steps here:

https://github.com/CaseyFaist/reproduceSNIcase

[CaseyFaist]

Update: After digging further (and enabling the "Less secure app access" setting on the test Google account) it looks like Python 2.7 caps TLS at 1.2 rather than using 1.3 when OpenSSL is upgraded. This prevents breakage, and it looks like the SSLSocket class silences the handshake complaints.

If this were an active branch, this could be worth revisiting - but since 2.7 is soon to be EOL and we can't reproduce the breakage, not sure it's worth it.