On 8 December 2010 18:39, Alexander Reichle-Schmehl <toli...@debian.org> wrote: > Hi dave! > > * dave b <db.pub.m...@gmail.com> [101202 05:58]: > >> Here have a patch! >> This obviously will break connecting to hosts which use a self-signed >> certificate. >> Perhaps some one else can fix this when they want it fixed ;) ? >> I tested using the following config: > > I verified it, and your patch works: I accepts valid ssl connections, > and rejects invalid ones. > >> + self.sslobj = ssl_wrap(self.sock, self.keyfile, self.certfile, >> cert_reqs=ssl.CERT_REQUIRED, ca_certs="/etc/ssl/certs/ca-certificates.crt") > > But that looks kind of ugly, having a hardcoded path... Also, I wonder > if not self.certfile should be used for verification?
Sorry? Um. Well sure a hard coded path path not be the best thing ... if you know how to determine the path to the ca store on a system modify the patch to use that I guess. -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlkti=4kdafkubqouqgxoudgnxuy2ejqw5kpylez...@mail.gmail.com
