Fix cert checking and comment match_hostname for the time being

author: Tomas Touceda <chiiph@leap.se> 2013-05-15 15:38:53 -0300
committer: Tomas Touceda <chiiph@leap.se> 2013-05-15 15:38:53 -0300
commit: 021078750d24162d24d7474f8b1fe97ef9467784 (patch)
tree: b96b78099c0b8f1346624fa6f324334fd8c56599
parent: b4408f695e9158e0cd6e11b83b726bac4ecdbee2 (diff)
1 files changed, 7 insertions, 5 deletions
diff --git a/src/leap/soledad/__init__.py b/src/leap/soledad/__init__.py
index 70ff146d..84935191 100644
--- a/src/leap/soledad/__init__.py
+++ b/src/leap/soledad/__init__.py
@@ -218,6 +218,7 @@ class Soledad(object):
         self._init_config(secrets_path, local_db_path, server_url)
         self._set_token(auth_token)
         # configure SSL certificate
+        global SOLEDAD_CERT
         SOLEDAD_CERT = cert_file
         # initiate bootstrap sequence
         self._bootstrap()
@@ -990,11 +991,12 @@ class VerifiedHTTPSConnection(httplib.HTTPSConnection):
         if self._tunnel_host:
             self.sock = sock
             self._tunnel()
-        self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file,
-                                    ssl_version=ssl.PROTOCOL_SSLv3,
-                                    cert_reqs=ssl.CERT_REQUIRED,
-                                    ca_certs=SOLEDAD_CERT)
-        match_hostname(self.sock.getpeercert(), self.host)
+
+        self.sock = ssl.wrap_socket(sock,
+                                    ca_certs=SOLEDAD_CERT,
+                                    cert_reqs=ssl.CERT_REQUIRED)
+        # TODO: enable this when the certificate is fixed
+        #match_hostname(self.sock.getpeercert(), self.host)
 
 
 old__VerifiedHTTPSConnection = http_client._VerifiedHTTPSConnection
author	Tomas Touceda <chiiph@leap.se>	2013-05-15 15:38:53 -0300
committer	Tomas Touceda <chiiph@leap.se>	2013-05-15 15:38:53 -0300
commit	021078750d24162d24d7474f8b1fe97ef9467784 (patch)
tree	b96b78099c0b8f1346624fa6f324334fd8c56599
parent	b4408f695e9158e0cd6e11b83b726bac4ecdbee2 (diff)