fixed #227

2016-01-04 17:04:42 +09:00
parent f1db0f8d7c
commit b614606b35
2 changed files with 6 additions and 3 deletions
--- a/1
+++ b/1
@@ -6,6 +6,7 @@ ChangeLog
  - use inspect.getfullargspec with Python 3.x (#219)
  - Check that exception message is actually a string before trying for substring check (#224)
  - Use pre-initialized stream socket (#226)
+  - fixed TypeError: cafile, capath and cadata cannot be all omitted (#227)

 - 0.34.0

--- a/websocket/_http.py
+++ b/websocket/_http.py
@@ -129,7 +129,8 @@ def _can_use_sni():
 def _wrap_sni_socket(sock, sslopt, hostname, check_hostname):
    context = ssl.SSLContext(sslopt.get('ssl_version', ssl.PROTOCOL_SSLv23))

-    context.load_verify_locations(cafile=sslopt.get('ca_certs', None))
+    if sslopt.get('cert_reqs', ssl.CERT_NONE) != ssl.CERT_NONE:
+        context.load_verify_locations(cafile=sslopt.get('ca_certs', None))
    if sslopt.get('certfile', None):
        context.load_cert_chain(
            sslopt['certfile'],
@@ -156,11 +157,12 @@ def _wrap_sni_socket(sock, sslopt, hostname, check_hostname):

 def _ssl_socket(sock, user_sslopt, hostname):
    sslopt = dict(cert_reqs=ssl.CERT_REQUIRED)
+    sslopt.update(user_sslopt)
+    
    certPath = os.path.join(
        os.path.dirname(__file__), "cacert.pem")
-    if os.path.isfile(certPath):
+    if os.path.isfile(certPath) and user_sslopt.get('ca_certs', None) == None:
        sslopt['ca_certs'] = certPath
-    sslopt.update(user_sslopt)
    check_hostname = sslopt["cert_reqs"] != ssl.CERT_NONE and sslopt.pop('check_hostname', True)

    if _can_use_sni():