summaryrefslogtreecommitdiff
path: root/src/leap/soledad/shared_db.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/soledad/shared_db.py')
-rw-r--r--src/leap/soledad/shared_db.py30
1 files changed, 29 insertions, 1 deletions
diff --git a/src/leap/soledad/shared_db.py b/src/leap/soledad/shared_db.py
index 02ff8667..06f40466 100644
--- a/src/leap/soledad/shared_db.py
+++ b/src/leap/soledad/shared_db.py
@@ -27,7 +27,8 @@ except ImportError:
from u1db import errors
-from u1db.remote import http_database
+
+from u1db.remote import http_database, http_client
from leap.soledad.auth import (
@@ -35,6 +36,33 @@ from leap.soledad.auth import (
_sign_request,
)
+SOLEDAD_CERT = None
+
+#-----------------------------------------------------------------------------
+# Monkey patching u1db to be able to provide a custom SSL cert
+#-----------------------------------------------------------------------------
+
+import httplib
+import socket
+import ssl
+
+class VerifiedHTTPSConnection(httplib.HTTPSConnection):
+ """HTTPSConnection verifying server side certificates."""
+ # derived from httplib.py
+
+ def connect(self):
+ "Connect to a host on a given (SSL) port."
+ sock = socket.create_connection((self.host, self.port),
+ self.timeout, self.source_address)
+ if self._tunnel_host:
+ self.sock = sock
+ self._tunnel()
+ self.sock = ssl.wrap_socket(sock, self.key_file, SOLEDAD_CERT,
+ ssl_version=ssl.PROTOCOL_SSLv3,
+ cert_reqs=ssl.CERT_REQUIRED,
+ ca_certs=SOLEDAD_CERT)
+
+http_client._VerifiedHTTPSConnection = VerifiedHTTPSConnection
#-----------------------------------------------------------------------------
# Soledad shared database