changeset 3354:aafb53248872

plugin XEP-0077: fixed "check_certificate" handling
author Goffi <goffi@goffi.org>
date Sun, 13 Sep 2020 22:49:12 +0200 (2020-09-13)
parents 7726916c1ba6
children 33d9b38b5890
files sat/plugins/plugin_xep_0077.py
diffstat 1 files changed, 9 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/sat/plugins/plugin_xep_0077.py	Sun Sep 13 22:49:11 2020 +0200
+++ b/sat/plugins/plugin_xep_0077.py	Sun Sep 13 22:49:12 2020 +0200
@@ -18,7 +18,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 from twisted.words.protocols.jabber import jid, xmlstream, client, error as jabber_error
-from twisted.internet import defer, reactor
+from twisted.internet import defer, reactor, ssl
 from wokkel import data_form
 from sat.core.i18n import _
 from sat.core.constants import Const as C
@@ -64,9 +64,14 @@
         xs.addObserver(xmlstream.STREAM_AUTHD_EVENT, self.register)
 
         xs.initializers = [client.CheckVersionInitializer(xs)]
-        tls_init = xmlstream.TLSInitiatingInitializer(xs)
-        tls_init.required = False
-        tls_init.check_certificate = self.check_certificate
+        if self.check_certificate:
+            tls_required, configurationForTLS = True, None
+        else:
+            tls_required = False
+            configurationForTLS = ssl.CertificateOptions(trustRoot=None)
+        tls_init = xmlstream.TLSInitiatingInitializer(
+            xs, required=tls_required, configurationForTLS=configurationForTLS)
+
         xs.initializers.append(tls_init)
 
     def register(self, xmlstream):