Mercurial > libervia-backend
comparison sat/tools/web.py @ 3205:2c0628f3927e
plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Fri, 06 Mar 2020 18:19:03 +0100 |
| parents | 9d0df638c8b4 |
| children | be6d91572633 |
comparison
equal
deleted
inserted
replaced
| 3204:fc2bea41e402 | 3205:2c0628f3927e |
|---|---|
| 43 connection.set_app_data(tlsProtocol) | 43 connection.set_app_data(tlsProtocol) |
| 44 return connection | 44 return connection |
| 45 | 45 |
| 46 | 46 |
| 47 @implementer(iweb.IPolicyForHTTPS) | 47 @implementer(iweb.IPolicyForHTTPS) |
| 48 class NoCheckContextFactory(ssl.ClientContextFactory): | 48 class NoCheckContextFactory: |
| 49 """Context factory which doesn't do TLS certificate check | 49 """Context factory which doesn't do TLS certificate check |
| 50 | 50 |
| 51 /!\\ it's obvisously a security flaw to use this class, | 51 /!\\ it's obvisously a security flaw to use this class, |
| 52 and it should be used only with explicit agreement from the end used | 52 and it should be used only with explicit agreement from the end used |
| 53 """ | 53 """ |
| 62 return NoCheckConnectionCreator(hostname, certificateOptions.getContext()) | 62 return NoCheckConnectionCreator(hostname, certificateOptions.getContext()) |
| 63 | 63 |
| 64 | 64 |
| 65 #: following treq doesn't check TLS, obviously it is unsecure and should not be used | 65 #: following treq doesn't check TLS, obviously it is unsecure and should not be used |
| 66 #: without explicit warning | 66 #: without explicit warning |
| 67 treq_no_ssl = HTTPClient(http_client.Agent(reactor, NoCheckContextFactory)) | 67 treq_client_no_ssl = HTTPClient(http_client.Agent(reactor, NoCheckContextFactory())) |