From a1fc37326a79b95cdb056a100b321586f1c1fb7b Mon Sep 17 00:00:00 2001 From: Folker Bernitt Date: Tue, 31 Mar 2015 13:50:43 +0200 Subject: Added support for ssl fingerprint validation. - Issue #333 - Needed to patch urrlib3 for older requests versions - Use --leap-cert-fingerprint to validate fingerprint --- service/pixelated/bitmask_libraries/certs.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'service/pixelated/bitmask_libraries/certs.py') diff --git a/service/pixelated/bitmask_libraries/certs.py b/service/pixelated/bitmask_libraries/certs.py index 6b12bce4..ed09e4a3 100644 --- a/service/pixelated/bitmask_libraries/certs.py +++ b/service/pixelated/bitmask_libraries/certs.py @@ -22,16 +22,19 @@ from leap.common import ca_bundle from .config import AUTO_DETECT_CA_BUNDLE LEAP_CERT = None +LEAP_FINGERPRINT = None def which_bundle(provider): - if LEAP_CERT: - return LEAP_CERT return str(LeapCertificate(provider).provider_ca_bundle()) +def which_bootstrap_fingerprint(provider): + return LEAP_FINGERPRINT + + def which_bootstrap_bundle(provider): - if LEAP_CERT: + if LEAP_CERT is not None: return LEAP_CERT return str(LeapCertificate(provider).auto_detect_bootstrap_ca_bundle()) -- cgit v1.2.3