Added support for ssl fingerprint validation.

- Issue #333
- Needed to patch urrlib3 for older requests versions
- Use --leap-cert-fingerprint <SHA1> to validate fingerprint

1 files changed, 6 insertions, 3 deletions

diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py
index 6b12bce4..ed09e4a3 100644
--- a/service/pixelated/bitmask_libraries/certs.py
+++ b/service/pixelated/bitmask_libraries/certs.py
@@ -22,16 +22,19 @@ from leap.common import ca_bundle
 from .config import AUTO_DETECT_CA_BUNDLE
 
 LEAP_CERT = None
+LEAP_FINGERPRINT = None
 
 
 def which_bundle(provider):
-    if LEAP_CERT:
-        return LEAP_CERT
     return str(LeapCertificate(provider).provider_ca_bundle())
 
 
+def which_bootstrap_fingerprint(provider):
+    return LEAP_FINGERPRINT
+
+
 def which_bootstrap_bundle(provider):
-    if LEAP_CERT:
+    if LEAP_CERT is not None:
         return LEAP_CERT
     return str(LeapCertificate(provider).auto_detect_bootstrap_ca_bundle())