mirror of
https://github.com/azlux/pymumble
synced 2024-11-23 13:56:26 +00:00
Compare commits
No commits in common. "8be2d18ac7324669e1fcd9b37083560fadb9e9e7" and "6aa2085157bee5db66d85a059dfc9ac9f770d4dd" have entirely different histories.
8be2d18ac7
...
6aa2085157
@ -19,21 +19,6 @@ from . import tools
|
||||
from . import mumble_pb2
|
||||
|
||||
|
||||
def _wrap_socket(sock, keyfile=None, certfile=None, verify_mode=ssl.CERT_NONE, server_hostname=None):
|
||||
try:
|
||||
ssl_context = ssl.create_default_context()
|
||||
if certfile:
|
||||
ssl_context.load_cert_chain(certfile, keyfile)
|
||||
ssl_context.check_hostname = (verify_mode != ssl.CERT_NONE) and (server_hostname is not None)
|
||||
ssl_context.verify_mode = verify_mode
|
||||
return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
|
||||
except AttributeError:
|
||||
try:
|
||||
return ssl.wrap_socket(sock, keyfile, certfile, cert_reqs=verify_mode, ssl_version=ssl.PROTOCOL_TLS)
|
||||
except AttributeError:
|
||||
return ssl.wrap_socket(sock, keyfile, certfile, cert_reqs=verify_mode, ssl_version=ssl.PROTOCOL_TLSv1)
|
||||
|
||||
|
||||
class Mumble(threading.Thread):
|
||||
"""
|
||||
Mumble client library main object.
|
||||
@ -176,9 +161,10 @@ class Mumble(threading.Thread):
|
||||
self.connected = PYMUMBLE_CONN_STATE_FAILED
|
||||
return self.connected
|
||||
|
||||
# FIXME: Default verify_mode and server_hostname are not safe, as no
|
||||
# certificate checks are performed.
|
||||
self.control_socket = _wrap_socket(std_sock, self.keyfile, self.certfile)
|
||||
try:
|
||||
self.control_socket = ssl.wrap_socket(std_sock, certfile=self.certfile, keyfile=self.keyfile, ssl_version=ssl.PROTOCOL_TLS)
|
||||
except AttributeError:
|
||||
self.control_socket = ssl.wrap_socket(std_sock, certfile=self.certfile, keyfile=self.keyfile, ssl_version=ssl.PROTOCOL_TLSv1)
|
||||
try:
|
||||
self.control_socket.connect((self.host, self.port))
|
||||
self.control_socket.setblocking(False)
|
||||
|
Loading…
Reference in New Issue
Block a user