1 files changed, 56 insertions, 5 deletions

diff --git a/Lib/test/test_imaplib.py b/Lib/test/test_imaplib.py
index a29b40ac23..fac6b57081 100644
--- a/Lib/test/test_imaplib.py
+++ b/Lib/test/test_imaplib.py
@@ -79,9 +79,9 @@ if ssl:
 
         def get_request(self):
             newsocket, fromaddr = self.socket.accept()
-            connstream = ssl.wrap_socket(newsocket,
-                                         server_side=True,
-                                         certfile=CERTFILE)
+            context = ssl.SSLContext()
+            context.load_cert_chain(CERTFILE)
+            connstream = context.wrap_socket(newsocket, server_side=True)
             return connstream, fromaddr
 
     IMAP4_SSL = imaplib.IMAP4_SSL
@@ -573,6 +573,55 @@ class ThreadedNetworkedTests(unittest.TestCase):
             client.shutdown()
 
     @reap_threads
+    def test_bracket_flags(self):
+
+        # This violates RFC 3501, which disallows ']' characters in tag names,
+        # but imaplib has allowed producing such tags forever, other programs
+        # also produce them (eg: OtherInbox's Organizer app as of 20140716),
+        # and Gmail, for example, accepts them and produces them.  So we
+        # support them.  See issue #21815.
+
+        class BracketFlagHandler(SimpleIMAPHandler):
+
+            def handle(self):
+                self.flags = ['Answered', 'Flagged', 'Deleted', 'Seen', 'Draft']
+                super().handle()
+
+            def cmd_AUTHENTICATE(self, tag, args):
+                self._send_textline('+')
+                self.server.response = yield
+                self._send_tagged(tag, 'OK', 'FAKEAUTH successful')
+
+            def cmd_SELECT(self, tag, args):
+                flag_msg = ' \\'.join(self.flags)
+                self._send_line(('* FLAGS (%s)' % flag_msg).encode('ascii'))
+                self._send_line(b'* 2 EXISTS')
+                self._send_line(b'* 0 RECENT')
+                msg = ('* OK [PERMANENTFLAGS %s \\*)] Flags permitted.'
+                        % flag_msg)
+                self._send_line(msg.encode('ascii'))
+                self._send_tagged(tag, 'OK', '[READ-WRITE] SELECT completed.')
+
+            def cmd_STORE(self, tag, args):
+                new_flags = args[2].strip('(').strip(')').split()
+                self.flags.extend(new_flags)
+                flags_msg = '(FLAGS (%s))' % ' \\'.join(self.flags)
+                msg = '* %s FETCH %s' % (args[0], flags_msg)
+                self._send_line(msg.encode('ascii'))
+                self._send_tagged(tag, 'OK', 'STORE completed.')
+
+        with self.reaped_pair(BracketFlagHandler) as (server, client):
+            code, data = client.authenticate('MYAUTH', lambda x: b'fake')
+            self.assertEqual(code, 'OK')
+            self.assertEqual(server.response, b'ZmFrZQ==\r\n')
+            client.select('test')
+            typ, [data] = client.store(b'1', "+FLAGS", "[test]")
+            self.assertIn(b'[test]', data)
+            client.select('test')
+            typ, [data] = client.response('PERMANENTFLAGS')
+            self.assertIn(b'[test]', data)
+
+    @reap_threads
     def test_issue5949(self):
 
         class EOFHandler(socketserver.StreamRequestHandler):
@@ -919,8 +968,10 @@ class RemoteIMAP_SSLTest(RemoteIMAPTest):
 
     def test_logincapa_with_client_certfile(self):
         with transient_internet(self.host):
-            _server = self.imap_class(self.host, self.port, certfile=CERTFILE)
-            self.check_logincapa(_server)
+            with support.check_warnings(('', DeprecationWarning)):
+                _server = self.imap_class(self.host, self.port,
+                                          certfile=CERTFILE)
+                self.check_logincapa(_server)
 
     def test_logincapa_with_client_ssl_context(self):
         with transient_internet(self.host):