1
0
mirror of https://github.com/azlux/pymumble synced 2024-11-23 13:56:26 +00:00

Compare commits

..

No commits in common. "8be2d18ac7324669e1fcd9b37083560fadb9e9e7" and "6aa2085157bee5db66d85a059dfc9ac9f770d4dd" have entirely different histories.

View File

@ -19,21 +19,6 @@ from . import tools
from . import mumble_pb2
def _wrap_socket(sock, keyfile=None, certfile=None, verify_mode=ssl.CERT_NONE, server_hostname=None):
try:
ssl_context = ssl.create_default_context()
if certfile:
ssl_context.load_cert_chain(certfile, keyfile)
ssl_context.check_hostname = (verify_mode != ssl.CERT_NONE) and (server_hostname is not None)
ssl_context.verify_mode = verify_mode
return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
except AttributeError:
try:
return ssl.wrap_socket(sock, keyfile, certfile, cert_reqs=verify_mode, ssl_version=ssl.PROTOCOL_TLS)
except AttributeError:
return ssl.wrap_socket(sock, keyfile, certfile, cert_reqs=verify_mode, ssl_version=ssl.PROTOCOL_TLSv1)
class Mumble(threading.Thread):
"""
Mumble client library main object.
@ -176,9 +161,10 @@ class Mumble(threading.Thread):
self.connected = PYMUMBLE_CONN_STATE_FAILED
return self.connected
# FIXME: Default verify_mode and server_hostname are not safe, as no
# certificate checks are performed.
self.control_socket = _wrap_socket(std_sock, self.keyfile, self.certfile)
try:
self.control_socket = ssl.wrap_socket(std_sock, certfile=self.certfile, keyfile=self.keyfile, ssl_version=ssl.PROTOCOL_TLS)
except AttributeError:
self.control_socket = ssl.wrap_socket(std_sock, certfile=self.certfile, keyfile=self.keyfile, ssl_version=ssl.PROTOCOL_TLSv1)
try:
self.control_socket.connect((self.host, self.port))
self.control_socket.setblocking(False)