def make_ssl_aware(self, sock, protocol):
"""
Make the socket SSL aware
"""
try:
ssl_sock = wrap_socket(sock,
keyfile=self.key_file,
certfile=self.cert_file,
ssl_version=protocol,
server_hostname=self.host,
timeout=self.timeout)
except ssl.SSLError, ssl_exc:
msg = "SSL connection error occurred with protocol %s: '%s'"
debug(msg % (protocol, ssl_exc))
# Always close the tcp/ip connection on error
sock.close()
def make_ssl_aware(self, sock, protocol):
"""
Make the socket SSL aware
"""
try:
ssl_sock = wrap_socket(sock,
keyfile=self.key_file,
certfile=self.cert_file,
ssl_version=protocol,
server_hostname=self.host,
timeout=self.timeout)
except ssl.SSLError, ssl_exc:
msg = "SSL connection error occurred with protocol %s: '%s'"
debug(msg % (protocol, ssl_exc.__class__.__name__))
# Always close the tcp/ip connection on error
sock.close()
"""
ca_certs = self._ca_file if ca_certs is None else ca_certs
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
s.connect((domain, port))
except socket.error, se:
msg = 'Failed to connect to %s:%s. Socket error: "%s"'
args = (domain, port, se)
om.out.debug(msg % args)
return
try:
ssl_sock = wrap_socket(s,
server_hostname=domain,
ca_certs=ca_certs,
cert_reqs=cert_reqs,
ssl_version=ssl_version)
except (OpenSSL.SSL.Error, ssl.SSLError) as ssl_error:
# When a certificate validation error is found, call the
# handler (if any) and return. The other errors, like connection
# timeouts, SSL protocol handshake errors, etc. should raise
# an exception
if self._is_certificate_validation_error(ssl_error):
if on_certificate_validation_error:
on_certificate_validation_error(ssl_error, domain, port)
return Result()
else:
# Raise SSL errors
raise