diff options
author | Folker Bernitt <fbernitt@thoughtworks.com> | 2015-03-31 13:50:43 +0200 |
---|---|---|
committer | Folker Bernitt <fbernitt@thoughtworks.com> | 2015-03-31 13:53:13 +0200 |
commit | a1fc37326a79b95cdb056a100b321586f1c1fb7b (patch) | |
tree | 91584a2bcbaae7f883d338a953ac94de77a7f035 /service/pixelated/bitmask_libraries/certs.py | |
parent | faad044b8b576b6d84d88608fa5a57171e3d6169 (diff) |
Added support for ssl fingerprint validation.
- Issue #333
- Needed to patch urrlib3 for older requests versions
- Use --leap-cert-fingerprint <SHA1> to validate fingerprint
Diffstat (limited to 'service/pixelated/bitmask_libraries/certs.py')
-rw-r--r-- | service/pixelated/bitmask_libraries/certs.py | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py index 6b12bce4..ed09e4a3 100644 --- a/service/pixelated/bitmask_libraries/certs.py +++ b/service/pixelated/bitmask_libraries/certs.py @@ -22,16 +22,19 @@ from leap.common import ca_bundle from .config import AUTO_DETECT_CA_BUNDLE LEAP_CERT = None +LEAP_FINGERPRINT = None def which_bundle(provider): - if LEAP_CERT: - return LEAP_CERT return str(LeapCertificate(provider).provider_ca_bundle()) +def which_bootstrap_fingerprint(provider): + return LEAP_FINGERPRINT + + def which_bootstrap_bundle(provider): - if LEAP_CERT: + if LEAP_CERT is not None: return LEAP_CERT return str(LeapCertificate(provider).auto_detect_bootstrap_ca_bundle()) |