diff options
| author | mathieui <mathieui@mathieui.net> | 2014-12-11 19:27:13 +0100 |
|---|---|---|
| committer | mathieui <mathieui@mathieui.net> | 2014-12-11 19:27:13 +0100 |
| commit | b5930ca958eefd45135840a789da08326e74ea87 (patch) | |
| tree | ae77a11a172da7c2d75b18489b300e883825df4d | |
| parent | 423974f90d4e9e7e25b99a690799419d48c4e644 (diff) | |
| download | slixmpp-b5930ca958eefd45135840a789da08326e74ea87.tar.gz slixmpp-b5930ca958eefd45135840a789da08326e74ea87.tar.bz2 slixmpp-b5930ca958eefd45135840a789da08326e74ea87.tar.xz slixmpp-b5930ca958eefd45135840a789da08326e74ea87.zip | |
Bring back authentication through SASL EXTERNAL
(and only update the ssl context before it gets used)
| -rw-r--r-- | slixmpp/plugins/xep_0257/client_cert_management.py | 2 | ||||
| -rw-r--r-- | slixmpp/xmlstream/xmlstream.py | 21 |
2 files changed, 12 insertions, 11 deletions
diff --git a/slixmpp/plugins/xep_0257/client_cert_management.py b/slixmpp/plugins/xep_0257/client_cert_management.py index d7ca50c9..729197e0 100644 --- a/slixmpp/plugins/xep_0257/client_cert_management.py +++ b/slixmpp/plugins/xep_0257/client_cert_management.py @@ -21,7 +21,7 @@ log = logging.getLogger(__name__) class XEP_0257(BasePlugin): name = 'xep_0257' - description = 'XEP-0258: Client Certificate Management for SASL EXTERNAL' + description = 'XEP-0257: Client Certificate Management for SASL EXTERNAL' dependencies = set(['xep_0030']) stanza = stanza diff --git a/slixmpp/xmlstream/xmlstream.py b/slixmpp/xmlstream/xmlstream.py index 1b69967c..c9261224 100644 --- a/slixmpp/xmlstream/xmlstream.py +++ b/slixmpp/xmlstream/xmlstream.py @@ -111,7 +111,7 @@ class XMLStream(object): #: The list of accepted ciphers, in OpenSSL Format. #: It might be useful to override it for improved security #: over the python defaults. - self._ciphers = None + self.ciphers = None #: Path to a file containing certificates for verifying the #: server SSL certificate. A non-``None`` value will trigger @@ -472,6 +472,16 @@ class XMLStream(object): loop = asyncio.get_event_loop() self.event_when_connected = "tls_success" + self.ssl_context.set_ciphers(self.ciphers) + if self.keyfile and self.certfile: + try: + self.ssl_context.load_cert_chain(self.certfile, self.keyfile) + except (ssl.SSLError, OSError): + log.debug('Error loading the cert chain:', exc_info=True) + else: + log.debug('Loaded cert file %s and key file %s', + self.certfile, self.keyfile) + ssl_connect_routine = loop.create_connection(lambda: self, ssl=self.ssl_context, sock=self.socket, server_hostname=self.address[0]) @@ -911,12 +921,3 @@ class XMLStream(object): """ pass - @property - def ciphers(self): - return self._ciphers - - @ciphers.setter - def ciphers(self, value): - self.ssl_context.set_ciphers(value) - self._ciphers = value - |