diff options
author | Tomas Touceda <chiiph@leap.se> | 2013-04-12 14:07:15 -0300 |
---|---|---|
committer | Tomas Touceda <chiiph@leap.se> | 2013-04-12 14:07:15 -0300 |
commit | 1fbf6db1276c5bca41c4cfbcc90818d9605c1938 (patch) | |
tree | ccf6dc5720654163a36155a2c6142e48dbef9811 /src/leap/services/eip/providerbootstrapper.py | |
parent | 4e4268af42e6d0bbf38e6027ca36d1b9f1bdda68 (diff) |
Add --danger option to not validate the first hop of certificates
This is intended to be used while testing, not in production
Diffstat (limited to 'src/leap/services/eip/providerbootstrapper.py')
-rw-r--r-- | src/leap/services/eip/providerbootstrapper.py | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/src/leap/services/eip/providerbootstrapper.py b/src/leap/services/eip/providerbootstrapper.py index 778d5149..f5559143 100644 --- a/src/leap/services/eip/providerbootstrapper.py +++ b/src/leap/services/eip/providerbootstrapper.py @@ -58,7 +58,14 @@ class ProviderBootstrapper(QtCore.QObject): check_ca_fingerprint = QtCore.Signal(dict) check_api_certificate = QtCore.Signal(dict) - def __init__(self): + def __init__(self, bypass_checks=False): + """ + Constructor for provider bootstrapper object + + @param bypass_checks: Set to true if the app should bypass + first round of checks for CA certificates at bootstrap + @type bypass_checks: bool + """ QtCore.QObject.__init__(self) # **************************************************** # @@ -71,6 +78,7 @@ class ProviderBootstrapper(QtCore.QObject): self._domain = None self._provider_config = None self._download_if_needed = False + self._bypass_checks = bypass_checks def _check_name_resolution(self): """ @@ -124,7 +132,8 @@ class ProviderBootstrapper(QtCore.QObject): # system to work try: - res = self._session.get("https://%s" % (self._domain,)) + res = self._session.get("https://%s" % (self._domain,), + verify=not self._bypass_checks) res.raise_for_status() https_data[self.PASSED_KEY] = True except requests.exceptions.SSLError as e: @@ -171,7 +180,8 @@ class ProviderBootstrapper(QtCore.QObject): res = self._session.get("https://%s/%s" % (self._domain, "provider.json"), - headers=headers) + headers=headers, + verify=not self._bypass_checks) res.raise_for_status() # Not modified @@ -270,7 +280,8 @@ class ProviderBootstrapper(QtCore.QObject): return download_ca_cert_data[self.PASSED_KEY] try: - res = self._session.get(self._provider_config.get_ca_cert_uri()) + res = self._session.get(self._provider_config.get_ca_cert_uri(), + verify=not self._bypass_checks) res.raise_for_status() cert_path = self._provider_config.get_ca_cert_path( |