summaryrefslogtreecommitdiff
path: root/src/leap/common/certs.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/common/certs.py')
-rw-r--r--src/leap/common/certs.py17
1 files changed, 17 insertions, 0 deletions
diff --git a/src/leap/common/certs.py b/src/leap/common/certs.py
index db513f6..c8e0743 100644
--- a/src/leap/common/certs.py
+++ b/src/leap/common/certs.py
@@ -178,3 +178,20 @@ def should_redownload(certfile, now=time.gmtime):
return True
return False
+
+
+def get_compatible_ssl_context_factory(cert_path=None):
+ import twisted
+ cert = None
+ if twisted.version.base() > '14.0.1':
+ from twisted.web.client import BrowserLikePolicyForHTTPS
+ from twisted.internet import ssl
+ if cert_path:
+ cert = ssl.Certificate.loadPEM(open(cert_path).read())
+ policy = BrowserLikePolicyForHTTPS(cert)
+ return policy
+ else:
+ raise Exception(("""
+ Twisted 14.0.2 is needed in order to have secure Client Web SSL Contexts, not %s
+ See: http://twistedmatrix.com/trac/ticket/7647
+ """) % (twisted.version.base()))
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-17 15:04:41 +0000