diff options
Diffstat (limited to 'src/leap/bitmask')
| -rw-r--r-- | src/leap/bitmask/app.py | 2 | ||||
| -rw-r--r-- | src/leap/bitmask/config/flags.py | 5 | ||||
| -rw-r--r-- | src/leap/bitmask/provider/providerbootstrapper.py | 7 | ||||
| -rw-r--r-- | src/leap/bitmask/util/leap_argparse.py | 13 |
4 files changed, 23 insertions, 4 deletions
diff --git a/src/leap/bitmask/app.py b/src/leap/bitmask/app.py index 124671b3..02e27123 100644 --- a/src/leap/bitmask/app.py +++ b/src/leap/bitmask/app.py @@ -214,6 +214,8 @@ def main(): flags.APP_VERSION_CHECK = opts.app_version_check flags.API_VERSION_CHECK = opts.api_version_check + flags.CA_CERT_FILE = opts.ca_cert_file + BaseConfig.standalone = standalone replace_stdout = True diff --git a/src/leap/bitmask/config/flags.py b/src/leap/bitmask/config/flags.py index 82501fb2..5d8bc9b3 100644 --- a/src/leap/bitmask/config/flags.py +++ b/src/leap/bitmask/config/flags.py @@ -45,3 +45,8 @@ API_VERSION_CHECK = True # Offline mode? # Used for skipping soledad bootstrapping/syncs. OFFLINE = False + + +# CA cert path +# used to allow self signed certs in requests that needs SSL +CA_CERT_FILE = None diff --git a/src/leap/bitmask/provider/providerbootstrapper.py b/src/leap/bitmask/provider/providerbootstrapper.py index 654d1790..2a519206 100644 --- a/src/leap/bitmask/provider/providerbootstrapper.py +++ b/src/leap/bitmask/provider/providerbootstrapper.py @@ -99,9 +99,14 @@ class ProviderBootstrapper(AbstractBootstrapper): :rtype: bool or str """ if self._bypass_checks: - verify = False + return False + + cert = flags.CA_CERT_FILE + if cert is not None: + verify = cert else: verify = ca_bundle.where() + return verify def _check_name_resolution(self): diff --git a/src/leap/bitmask/util/leap_argparse.py b/src/leap/bitmask/util/leap_argparse.py index 56bf26dc..88267ff8 100644 --- a/src/leap/bitmask/util/leap_argparse.py +++ b/src/leap/bitmask/util/leap_argparse.py @@ -27,9 +27,10 @@ def build_parser(): All the options for the leap arg parser Some of these could be switched on only if debug flag is present! """ - epilog = "Copyright 2012-2014 The LEAP Encryption Access Project" - parser = argparse.ArgumentParser(description=""" -Launches the Bitmask client.""", epilog=epilog) + parser = argparse.ArgumentParser( + description="Launches the Bitmask client.", + epilog="Copyright 2012-2014 The LEAP Encryption Access Project") + parser.add_argument('-d', '--debug', action="store_true", help=("Launches Bitmask in debug mode, writing debug " "info to stdout.")) @@ -92,6 +93,12 @@ Launches the Bitmask client.""", epilog=epilog) "Use at your own risk!") parser.add_argument('--danger', action="store_true", help=help_text) + # optional cert file used to check domains with self signed certs. + parser.add_argument('--ca-cert-file', metavar="/path/to/cacert.pem", + nargs='?', action="store", dest="ca_cert_file", + help='Uses the given cert file to verify ' + 'against domains.') + # Not in use, we might want to reintroduce them. #parser.add_argument('-i', '--no-provider-checks', #action="store_true", default=False, |