New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ssl connection bug #43

Closed
robert-zaremba opened this Issue Jun 9, 2011 · 0 comments

Comments

Projects
None yet
2 participants
@robert-zaremba

robert-zaremba commented Jun 9, 2011

Hi,
I want to safely connect to remote service through tls. I need authorization from server.
I use

       utils.factory.ssl_connect(host, port, ca_certs="path_to_ca_file')

The problem is that this connection doesn't check authority. Whenever I put a path to properly CA certificate file or not (certificate which don't verify server's certificate) I'm able to connect to remote server and do some operations.

I guess the issue is in factory/ssl.connection.py file. There is no cert_reqs argument passed to args_dict which goes to ssl.wrap_socket.

One solution is to add
ssl_kwargs["cert_reqs"] = ssl.CERT_REQUIRED

diff out:
123a124

ssl_kwargs = {"server_side" : False}
if keyfile:
    ssl_kwargs["keyfile"] = keyfile
if certfile:
    ssl_kwargs["certfile"] = certfile
if ca_certs:
    ssl_kwargs["ca_certs"] = ca_certs
>  ssl_kwargs["cert_reqs"] = ssl.CERT_REQUIRED
if ssl_version:
    ssl_kwargs["ssl_version"] = ssl_version

@ghost ghost assigned tomerfiliba Jun 9, 2011

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment