ssl connection bug #43

Closed
robert-zaremba opened this Issue Jun 9, 2011 · 0 comments

Projects

None yet

2 participants

@robert-zaremba

Hi,
I want to safely connect to remote service through tls. I need authorization from server.
I use

       utils.factory.ssl_connect(host, port, ca_certs="path_to_ca_file')

The problem is that this connection doesn't check authority. Whenever I put a path to properly CA certificate file or not (certificate which don't verify server's certificate) I'm able to connect to remote server and do some operations.

I guess the issue is in factory/ssl.connection.py file. There is no cert_reqs argument passed to args_dict which goes to ssl.wrap_socket.

One solution is to add
ssl_kwargs["cert_reqs"] = ssl.CERT_REQUIRED

diff out:
123a124

ssl_kwargs = {"server_side" : False}
if keyfile:
    ssl_kwargs["keyfile"] = keyfile
if certfile:
    ssl_kwargs["certfile"] = certfile
if ca_certs:
    ssl_kwargs["ca_certs"] = ca_certs
>  ssl_kwargs["cert_reqs"] = ssl.CERT_REQUIRED
if ssl_version:
    ssl_kwargs["ssl_version"] = ssl_version
@tomerfiliba tomerfiliba was assigned Jun 9, 2011
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment