summaryrefslogtreecommitdiff
path: root/src/leap/services/eip/providerbootstrapper.py
diff options
context:
space:
mode:
authorTomas Touceda <chiiph@leap.se>2013-04-12 14:07:15 -0300
committerTomas Touceda <chiiph@leap.se>2013-04-12 14:07:15 -0300
commit1fbf6db1276c5bca41c4cfbcc90818d9605c1938 (patch)
treeccf6dc5720654163a36155a2c6142e48dbef9811 /src/leap/services/eip/providerbootstrapper.py
parent4e4268af42e6d0bbf38e6027ca36d1b9f1bdda68 (diff)
Add --danger option to not validate the first hop of certificates
This is intended to be used while testing, not in production
Diffstat (limited to 'src/leap/services/eip/providerbootstrapper.py')
-rw-r--r--src/leap/services/eip/providerbootstrapper.py19
1 files changed, 15 insertions, 4 deletions
diff --git a/src/leap/services/eip/providerbootstrapper.py b/src/leap/services/eip/providerbootstrapper.py
index 778d5149..f5559143 100644
--- a/src/leap/services/eip/providerbootstrapper.py
+++ b/src/leap/services/eip/providerbootstrapper.py
@@ -58,7 +58,14 @@ class ProviderBootstrapper(QtCore.QObject):
check_ca_fingerprint = QtCore.Signal(dict)
check_api_certificate = QtCore.Signal(dict)
- def __init__(self):
+ def __init__(self, bypass_checks=False):
+ """
+ Constructor for provider bootstrapper object
+
+ @param bypass_checks: Set to true if the app should bypass
+ first round of checks for CA certificates at bootstrap
+ @type bypass_checks: bool
+ """
QtCore.QObject.__init__(self)
# **************************************************** #
@@ -71,6 +78,7 @@ class ProviderBootstrapper(QtCore.QObject):
self._domain = None
self._provider_config = None
self._download_if_needed = False
+ self._bypass_checks = bypass_checks
def _check_name_resolution(self):
"""
@@ -124,7 +132,8 @@ class ProviderBootstrapper(QtCore.QObject):
# system to work
try:
- res = self._session.get("https://%s" % (self._domain,))
+ res = self._session.get("https://%s" % (self._domain,),
+ verify=not self._bypass_checks)
res.raise_for_status()
https_data[self.PASSED_KEY] = True
except requests.exceptions.SSLError as e:
@@ -171,7 +180,8 @@ class ProviderBootstrapper(QtCore.QObject):
res = self._session.get("https://%s/%s" % (self._domain,
"provider.json"),
- headers=headers)
+ headers=headers,
+ verify=not self._bypass_checks)
res.raise_for_status()
# Not modified
@@ -270,7 +280,8 @@ class ProviderBootstrapper(QtCore.QObject):
return download_ca_cert_data[self.PASSED_KEY]
try:
- res = self._session.get(self._provider_config.get_ca_cert_uri())
+ res = self._session.get(self._provider_config.get_ca_cert_uri(),
+ verify=not self._bypass_checks)
res.raise_for_status()
cert_path = self._provider_config.get_ca_cert_path(