def __init__(self): SSLConfig.__init__(self) # Prefer TLSv1 to SSLv3 because it's more recent and more secure. # # PyOpenSSL server using SSLv23 accepts TLSv1 client. # M2Crypt server using SSLv23 or TLSv1 accepts TLSv1 client. self.protocol = 'tlsv1' # only understand TLSv1 # Disable cert authentication by default self.send_cert = False
def validate(self): if self.cert and (not self.key): return tr('Please specify a private key.') if self.key and (not self.cert): return tr('Please specify a certificate.') m2validate = SSLConfig.validate(self) if m2validate is not None: return m2validate return None
def __init__(self, core): Logger.__init__(self, "ssl") SSLConfig.__init__(self) config = core.config # Options self.check = config.getboolean("ssl", "check_clients") self.fqdn_check = config.getboolean("ssl", "fqdn_check") self.max_depth = config.getint("ssl", "max_depth") self.protocol = config.get("ssl", "protocol") # Filenames self.ca = config.get("ssl", "ca") self.cert = config.get("ssl", "cert") self.key = config.get("ssl", "key") self.crl = config.get("ssl", "crl") self.key_passwd = config.get("ssl", "key_passwd") # TCP parameters self.address, self.port = core.getAddressPort("_ssl", 8443)