|
|
|
@ -173,7 +173,7 @@ class TcpInterface(threading.Thread): |
|
|
|
return |
|
|
|
# try with CA first |
|
|
|
try: |
|
|
|
s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv3, cert_reqs=ssl.CERT_REQUIRED, ca_certs=ca_path, do_handshake_on_connect=True) |
|
|
|
s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv23, cert_reqs=ssl.CERT_REQUIRED, ca_certs=ca_path, do_handshake_on_connect=True) |
|
|
|
except ssl.SSLError, e: |
|
|
|
s = None |
|
|
|
if s and self.check_host_name(s.getpeercert(), self.host): |
|
|
|
@ -184,7 +184,7 @@ class TcpInterface(threading.Thread): |
|
|
|
# Do not use ssl.get_server_certificate because it does not work with proxy |
|
|
|
s = self.get_simple_socket() |
|
|
|
try: |
|
|
|
s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv3, cert_reqs=ssl.CERT_NONE, ca_certs=None) |
|
|
|
s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv23, cert_reqs=ssl.CERT_NONE, ca_certs=None) |
|
|
|
except ssl.SSLError, e: |
|
|
|
print_error("SSL error retrieving SSL certificate:", self.host, e) |
|
|
|
return |
|
|
|
@ -210,7 +210,7 @@ class TcpInterface(threading.Thread): |
|
|
|
if self.use_ssl: |
|
|
|
try: |
|
|
|
s = ssl.wrap_socket(s, |
|
|
|
ssl_version=ssl.PROTOCOL_SSLv3, |
|
|
|
ssl_version=ssl.PROTOCOL_SSLv23, |
|
|
|
cert_reqs=ssl.CERT_REQUIRED, |
|
|
|
ca_certs= (temporary_path if is_new else cert_path), |
|
|
|
do_handshake_on_connect=True) |
|
|
|
|
ThomasV
10 years ago