Projet

Général

Profil

0002-misc-add-a-settings-option-to-disable-https-ssl-chec.patch

Frédéric Péters, 17 février 2015 12:03

Télécharger (1,74 ko)

Voir les différences: 

Subject: [PATCH 2/2] misc: add a settings option to disable https ssl checks
 (#6539)


 src/authentic2/app_settings.py | 1 +
 src/authentic2/http_utils.py   | 8 ++++++--
 2 files changed, 7 insertions(+), 2 deletions(-)
src/authentic2/app_settings.py
153 153 
    A2_LOGIN_EXPONENTIAL_RETRY_TIMEOUT_MAX_DURATION=Setting(default=3600,
154 154 
            definition='exponential backoff maximum duration as seconds until '
155 155 
            'time until next try after a login failure'),
156 
    A2_VERIFY_SSL=Setting(default=True, definition='Verify SSL certificate in HTTP requests'),
156 157 
)
157 158 

  		




  158
  159
  
    
app_settings = AppSettings(default_settings)

  		












  

    
      src/authentic2/http_utils.py
    
  





  25
  25
  
    
        c.setopt(c.WRITEFUNCTION, buf.write)

  		




  26
  26
  
    
        c.setopt(pycurl.CAINFO, app_settings.CAFILE)

  		




  27
  27
  
    
        c.setopt(pycurl.CAPATH, app_settings.CAPATH)

  		




  28
  
  
    
        c.setopt(pycurl.SSL_VERIFYHOST, 2)

  		




  29
  
  
    
        c.setopt(pycurl.SSL_VERIFYPEER, 1)

  		




  
  28
  
    
        if app_settings.A2_VERIFY_SSL:

  		




  
  29
  
    
            c.setopt(pycurl.SSL_VERIFYHOST, 2)

  		




  
  30
  
    
            c.setopt(pycurl.SSL_VERIFYPEER, 1)

  		




  
  31
  
    
        else:

  		




  
  32
  
    
            c.setopt(pycurl.SSL_VERIFYHOST, 0)

  		




  
  33
  
    
            c.setopt(pycurl.SSL_VERIFYPEER, 0)

  		




  30
  34
  
    
        c.perform()

  		




  31
  35
  
    
        r = buf.getvalue()

  		




  32
  36
  
    
        buf.close()

  		




  33
  
  
    
-