Browse Source

use certs from request module in interface.py

283
ThomasV 10 years ago
parent
commit
0c0da6a36d
  1. 11
      lib/interface.py

11
lib/interface.py

@ -23,6 +23,10 @@ import socks
import socket import socket
import ssl import ssl
import requests
ca_path = requests.certs.where()
print ca_path
from version import ELECTRUM_VERSION, PROTOCOL_VERSION from version import ELECTRUM_VERSION, PROTOCOL_VERSION
from util import print_error, print_msg from util import print_error, print_msg
from simple_config import SimpleConfig from simple_config import SimpleConfig
@ -37,7 +41,6 @@ import util
def Interface(server, config = None): def Interface(server, config = None):
host, port, protocol = server.split(':') host, port, protocol = server.split(':')
port = int(port) port = int(port)
@ -169,11 +172,9 @@ class TcpInterface(threading.Thread):
s = self.get_simple_socket() s = self.get_simple_socket()
if s is None: if s is None:
return return
# try with CA first # try with CA first
try: try:
ca_certs = os.path.join(self.config.path, 'ca', 'ca-bundle.crt') s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv3, cert_reqs=ssl.CERT_REQUIRED, ca_certs=ca_path, do_handshake_on_connect=True)
s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv3, cert_reqs=ssl.CERT_REQUIRED, ca_certs=ca_certs, do_handshake_on_connect=True)
except ssl.SSLError, e: except ssl.SSLError, e:
s = None s = None
if s and self.check_host_name(s.getpeercert(), self.host): if s and self.check_host_name(s.getpeercert(), self.host):
@ -242,7 +243,7 @@ class TcpInterface(threading.Thread):
return return
print_error("wrong certificate", self.host) print_error("wrong certificate", self.host)
return return
except Exception: except BaseException:
print_error("wrap_socket failed", self.host) print_error("wrap_socket failed", self.host)
traceback.print_exc(file=sys.stderr) traceback.print_exc(file=sys.stderr)
return return

Loading…
Cancel
Save