def __init__(self, host=None, port=None, config=None, ca_certs=None, cert=None, key=None, unix_socket=None, ciphers=None, verify_pattern=None, validate=True): """Initialize a TSSLServerSocket Raises an IOError exception if any of the ca_certs, cert or key file is None, not present or unreadable. """ if config is not None: # use values from config if not passed sc = SecurityConfiguration(config) if ca_certs is None: ca_certs = sc.getTrustedSslCerts() if cert is None: cert = sc.getSslCertificate() if key is None: key = sc.getPrivateKey() if ciphers is None: ciphers = sc.getSslCiphers() if ca_certs is None or not os.access(ca_certs, os.R_OK): raise IOError('Certificate Authority ca_certs file "%s" is not' ' readable, cannot validate SSL certificates.' % ca_certs) if cert is None or not os.access(cert, os.R_OK): raise IOError('Server Certificate certs file "%s" is not' ' readable, cannot validate SSL certificates.' % cert) if key is None or not os.access(key, os.R_OK): raise IOError('Server Key file "%s" is not' ' readable, cannot validate SSL certificates.' % key) TSSL.TSSLServerSocket.__init__(self, host=host, port=port, unix_socket=unix_socket, certfile=cert) TVerifyingSSLSocket.__init__(self, self, verify_pattern) self.ca_certs = ca_certs self.cert = cert self.key = key self.ciphers = ciphers self.validate = validate if not self.validate: self.cert_reqs = ssl.CERT_NONE else: self.cert_reqs = ssl.CERT_REQUIRED
def __init__(self, config=None, host='localhost', port=9090, validate=True, unix_socket=None, verify_pattern=None, ca_certs=None, cert=None, key=None): if config is not None: # use values from config if not passed sc = SecurityConfiguration(config) if ca_certs is None: ca_certs = sc.getTrustedSslCerts() if cert is None: cert = sc.getSslCertificate() if key is None: key = sc.getPrivateKey() TSSL.TSSLSocket.__init__(self, host=host, port=port, validate=validate, ca_certs=ca_certs, certfile=cert, keyfile=key, unix_socket=unix_socket) TVerifyingSSLSocket.__init__(self, self, verify_pattern)