openstack/deb-python-websocket-client
Code Issues Proposed changes

fixed #175

Browse Source
This commit is contained in:
liris
2015-04-20 08:34:35 +09:00
parent 52a7cb56b3
commit 9cc99f2ee2
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
websocket/_http.py
View File

@@ -125,9 +125,11 @@ def _can_use_sni():
def _wrap_sni_socket(sock, sslopt, hostname): def _wrap_sni_socket(sock, sslopt, hostname):
context = ssl.create_default_context(cafile=sslopt.get('ca_certs', None)) context = ssl.create_default_context(cafile=sslopt.get('ca_certs', None))
context.options = sslopt.get('ssl_version', context.options) context.options = sslopt.get('ssl_version', context.options)
context.check_hostname = sslopt.get('check_hostname', True)
context.verify_mode = sslopt['cert_reqs'] context.verify_mode = sslopt['cert_reqs']
if 'ciphers' in sslopt: if 'ciphers' in sslopt:
context.set_ciphers(sslopt['ciphers']) context.set_ciphers(sslopt['ciphers'])
return context.wrap_socket( return context.wrap_socket(
sock, sock,
do_handshake_on_connect=sslopt.get('do_handshake_on_connect', True), do_handshake_on_connect=sslopt.get('do_handshake_on_connect', True),
@@ -143,11 +145,12 @@ def _ssl_socket(sock, user_sslopt, hostname):
if os.path.isfile(certPath): if os.path.isfile(certPath):
sslopt['ca_certs'] = certPath sslopt['ca_certs'] = certPath
sslopt.update(user_sslopt) sslopt.update(user_sslopt)
check_hostname = sslopt.pop('check_hostname', True) check_hostname = sslopt.get('check_hostname', True)
if _can_use_sni(): if _can_use_sni():
sock = _wrap_sni_socket(sock, sslopt, hostname) sock = _wrap_sni_socket(sock, sslopt, hostname)
else: else:
sslopt.pop('check_hostname', True)
sock = ssl.wrap_socket(sock, **sslopt) sock = ssl.wrap_socket(sock, **sslopt)
if (sslopt["cert_reqs"] != ssl.CERT_NONE and check_hostname): if (sslopt["cert_reqs"] != ssl.CERT_NONE and check_hostname):