uawdijnntqw1x1x1
IP : 216.73.217.167
Hostname : xhost1.intravision.ru
Kernel : Linux xhost1.intravision.ru 3.16.0-7-amd64 #1 SMP Debian 3.16.59-1 (2018-10-03) x86_64
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
OS : Linux
PATH:
/
var
/
lib
/
python-support
/
.
/
.
/
.
/
python2.7
/
ndg
/
httpsclient
/
ssl_context_util.py
/
/
"""ndg_httpsclient SSL Context utilities module containing convenience routines for setting SSL context configuration. """ __author__ = "P J Kershaw (STFC)" __date__ = "09/12/11" __copyright__ = "(C) 2012 Science and Technology Facilities Council" __license__ = "BSD - see LICENSE file in top-level directory" __contact__ = "Philip.Kershaw@stfc.ac.uk" __revision__ = '$Id$' import urlparse from OpenSSL import SSL from ndg.httpsclient.ssl_peer_verification import ServerSSLCertVerification class SSlContextConfig(object): """ Holds configuration options for creating a SSL context. This is used as a template to create the contexts with specific verification callbacks. """ def __init__(self, key_file=None, cert_file=None, pem_file=None, ca_dir=None, verify_peer=False): self.key_file = key_file self.cert_file = cert_file self.pem_file = pem_file self.ca_dir = ca_dir self.verify_peer = verify_peer def make_ssl_context_from_config(ssl_config=False, url=None): return make_ssl_context(ssl_config.key_file, ssl_config.cert_file, ssl_config.pem_file, ssl_config.ca_dir, ssl_config.verify_peer, url) def make_ssl_context(key_file=None, cert_file=None, pem_file=None, ca_dir=None, verify_peer=False, url=None, method=SSL.SSLv23_METHOD): """ Creates SSL context containing certificate and key file locations. """ ssl_context = SSL.Context(method) # Key file defaults to certificate file if present. if cert_file: ssl_context.use_certificate_file(cert_file) if key_file: ssl_context.use_privatekey_file(key_file) else: if cert_file: ssl_context.use_privatekey_file(cert_file) if pem_file or ca_dir: ssl_context.load_verify_locations(pem_file, ca_dir) def _callback(conn, x509, errnum, errdepth, preverify_ok): """Default certification verification callback. Performs no checks and returns the status passed in. """ return preverify_ok verify_callback = _callback if verify_peer: ssl_context.set_verify_depth(9) if url: set_peer_verification_for_url_hostname(ssl_context, url) else: ssl_context.set_verify(SSL.VERIFY_PEER, verify_callback) else: ssl_context.set_verify(SSL.VERIFY_NONE, verify_callback) return ssl_context def set_peer_verification_for_url_hostname(ssl_context, url, if_verify_enabled=False): '''Convenience routine to set peer verification callback based on ServerSSLCertVerification class''' if not if_verify_enabled or (ssl_context.get_verify_mode() & SSL.VERIFY_PEER): urlObj = urlparse.urlparse(url) hostname = urlObj.hostname verify_callback = ServerSSLCertVerification(hostname=hostname) ssl_context.set_verify(SSL.VERIFY_PEER, verify_callback)
/var/lib/python-support/./././python2.7/ndg/httpsclient/ssl_context_util.py