def creatorForNetloc(self, hostname, port): opts = ClientTLSOptions( hostname.decode("ascii"), OpenSSLCertificateOptions(verify=False).getContext()) # This forces Twisted to not validate the hostname of the certificate. opts._ctx.set_info_callback(lambda *args: None) return opts
def getContext(self, hostname=None, port=None): self.method = SSL.SSLv23_METHOD ctx = ScrapyClientContextFactory.getContext(self) ctx.set_options(SSL.OP_ALL) if hostname: ClientTLSOptions(hostname, ctx) return ctx
def getContext(self, hostname=None, port=None): ctx = ClientContextFactory.getContext(self) # Enable all workarounds to SSL bugs as documented by # http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html ctx.set_options(SSL.OP_ALL) if hostname: ClientTLSOptions(hostname, ctx) return ctx
def _identityVerifyingInfoCallback(self, connection, where, ret): """ In case *where* indicates that the SSL handshake has been done, this does nothing (as opposed to ClientTLSOptions._identityVerifyingInfoCallback, which would validate the certificate). In all other cases, the superclass method is called. """ if where & SSL_CB_HANDSHAKE_DONE: # ClientTLSOptions._identityVerifyingInfoCallback would validate the certificate # in that case. Instead, we just do nothing. pass else: return ClientTLSOptions._identityVerifyingInfoCallback( self, connection, where, ret)
def get_options(self, host): # Use _makeContext so that we get a fresh OpenSSL CTX each time. # Check if certificate verification has been enabled should_verify = self._config.federation_verify_certificates # Check if we've disabled certificate verification for this host if should_verify: for regex in self._config.federation_certificate_verification_whitelist: if regex.match(host): should_verify = False break if should_verify: return ClientTLSOptions(host, self._options_verify._makeContext()) return ClientTLSOptionsNoVerify(host, self._options_noverify._makeContext())
def getContext(self, hostname=None, port=None): ctx = ClientContextFactory.getContext(self) # Enable all workarounds to SSL bugs as documented by # http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html ctx.set_options(SSL.OP_ALL) if hostname: ClientTLSOptions(hostname, ctx) return ctx from OpenSSL import SSL # class CustomContextFactory(ScrapyClientContextFactory): # """ # Custom context factory that allows SSL negotiation. # """ # def __init__(self): # # Use SSLv23_METHOD so we can use protocol negotiation # self.method = SSL.SSLv23_METHOD
def creatorForNetloc(self, hostname, port): certificateOptions = OpenSSLCertificateOptions() return ClientTLSOptions(hostname, certificateOptions.getContext())
def getContext(self): # NOQA: N802 ctx = ssl.ClientContextFactory.getContext(self) ClientTLSOptions(host, ctx) return ctx
def getContext(self, hostname=None, port=None): ctx = ClientContextFactory.getContext(self) ctx.set_options(SSL.OP_ALL) if hostname: ClientTLSOptions(hostname, ctx) return ctx
def getContext(self): ctx = self._contextFactory(self.method) if self.hostname: ClientTLSOptions(self.hostname, ctx) return ctx
def getContext(self, hostname=None, port=None): ctx = ssl.ClientContextFactory.getContext(self) ClientTLSOptions(hostname, ctx) return ctx
def get_options(self, host): # Use _makeContext so that we get a fresh OpenSSL CTX each time. return ClientTLSOptions(host, self._options._makeContext())
def creatorForNetloc(self, hostname, port): certificateOptions = TorProjectCertificateOptions(self.torproject_pem) return ClientTLSOptions(hostname.decode('utf-8'), certificateOptions.getContext(hostname, port))
def creatorForNetloc(self, hostname, port): return ClientTLSOptions(hostname.decode("ascii"), self.getContext())