Revision b3cc1646 lib/http/__init__.py
b/lib/http/__init__.py | ||
---|---|---|
567 | 567 |
self._ssl_key = None |
568 | 568 |
self._ssl_cert = None |
569 | 569 |
|
570 |
def _CreateSocket(self, ssl_params, ssl_verify_peer, family): |
|
570 |
def _CreateSocket(self, ssl_params, ssl_verify_peer, family, |
|
571 |
ssl_verify_callback): |
|
571 | 572 |
"""Creates a TCP socket and initializes SSL if needed. |
572 | 573 |
|
573 | 574 |
@type ssl_params: HttpSslParams |
... | ... | |
580 | 581 |
|
581 | 582 |
""" |
582 | 583 |
assert family in (socket.AF_INET, socket.AF_INET6) |
584 |
if ssl_verify_peer: |
|
585 |
assert ssl_verify_callback is not None |
|
583 | 586 |
|
584 | 587 |
self._ssl_params = ssl_params |
585 | 588 |
sock = socket.socket(family, socket.SOCK_STREAM) |
... | ... | |
607 | 610 |
if ssl_verify_peer: |
608 | 611 |
ctx.set_verify(OpenSSL.SSL.VERIFY_PEER | |
609 | 612 |
OpenSSL.SSL.VERIFY_FAIL_IF_NO_PEER_CERT, |
610 |
self._SSLVerifyCallback)
|
|
613 |
ssl_verify_callback)
|
|
611 | 614 |
|
612 | 615 |
# Also add our certificate as a trusted CA to be sent to the client. |
613 | 616 |
# This is required at least for GnuTLS clients to work. |
Also available in: Unified diff