Revision b3cc1646 lib/http/__init__.py
| b/lib/http/__init__.py | ||
|---|---|---|
| 567 | 567 |
self._ssl_key = None |
| 568 | 568 |
self._ssl_cert = None |
| 569 | 569 |
|
| 570 |
def _CreateSocket(self, ssl_params, ssl_verify_peer, family): |
|
| 570 |
def _CreateSocket(self, ssl_params, ssl_verify_peer, family, |
|
| 571 |
ssl_verify_callback): |
|
| 571 | 572 |
"""Creates a TCP socket and initializes SSL if needed. |
| 572 | 573 |
|
| 573 | 574 |
@type ssl_params: HttpSslParams |
| ... | ... | |
| 580 | 581 |
|
| 581 | 582 |
""" |
| 582 | 583 |
assert family in (socket.AF_INET, socket.AF_INET6) |
| 584 |
if ssl_verify_peer: |
|
| 585 |
assert ssl_verify_callback is not None |
|
| 583 | 586 |
|
| 584 | 587 |
self._ssl_params = ssl_params |
| 585 | 588 |
sock = socket.socket(family, socket.SOCK_STREAM) |
| ... | ... | |
| 607 | 610 |
if ssl_verify_peer: |
| 608 | 611 |
ctx.set_verify(OpenSSL.SSL.VERIFY_PEER | |
| 609 | 612 |
OpenSSL.SSL.VERIFY_FAIL_IF_NO_PEER_CERT, |
| 610 |
self._SSLVerifyCallback)
|
|
| 613 |
ssl_verify_callback)
|
|
| 611 | 614 |
|
| 612 | 615 |
# Also add our certificate as a trusted CA to be sent to the client. |
| 613 | 616 |
# This is required at least for GnuTLS clients to work. |
Also available in: Unified diff