0002-misc-add-a-settings-option-to-disable-https-ssl-chec.patch
src/authentic2/app_settings.py | ||
---|---|---|
153 | 153 |
A2_LOGIN_EXPONENTIAL_RETRY_TIMEOUT_MAX_DURATION=Setting(default=3600, |
154 | 154 |
definition='exponential backoff maximum duration as seconds until ' |
155 | 155 |
'time until next try after a login failure'), |
156 |
A2_VERIFY_SSL=Setting(default=True, definition='Verify SSL certificate in HTTP requests'), |
|
156 | 157 |
) |
157 | 158 | |
158 | 159 |
app_settings = AppSettings(default_settings) |
src/authentic2/http_utils.py | ||
---|---|---|
25 | 25 |
c.setopt(c.WRITEFUNCTION, buf.write) |
26 | 26 |
c.setopt(pycurl.CAINFO, app_settings.CAFILE) |
27 | 27 |
c.setopt(pycurl.CAPATH, app_settings.CAPATH) |
28 |
c.setopt(pycurl.SSL_VERIFYHOST, 2) |
|
29 |
c.setopt(pycurl.SSL_VERIFYPEER, 1) |
|
28 |
if app_settings.A2_VERIFY_SSL: |
|
29 |
c.setopt(pycurl.SSL_VERIFYHOST, 2) |
|
30 |
c.setopt(pycurl.SSL_VERIFYPEER, 1) |
|
31 |
else: |
|
32 |
c.setopt(pycurl.SSL_VERIFYHOST, 0) |
|
33 |
c.setopt(pycurl.SSL_VERIFYPEER, 0) |
|
30 | 34 |
c.perform() |
31 | 35 |
r = buf.getvalue() |
32 | 36 |
buf.close() |
33 |
- |