On Sat, 21 May 2011 12:32:21 +0200 vinay.sajip <python-checkins at python.org> wrote: > + if secure: > + import ssl > + fd, fn = tempfile.mkstemp() > + os.close(fd) > + with open(fn, 'w') as f: > + f.write(self.PEMFILE) > + sslctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) > + sslctx.load_cert_chain(fn) We already bundle a couple of cert files in Lib/test, so you shouldn't have to use your own (see e.g. Lib/test/keycert.pem). > + self.h_hdlr = logging.handlers.HTTPHandler(host, '/frob', secure=secure) If you want real security, HTTPHandler should configure its SSLContext in CERT_REQUIRED mode (and be given the proper root certificate(s)). Otherwise you are vulnerable to man-in-the-middle attacks. See the "context" and "check_hostname" arguments to HTTPSConnection: http://docs.python.org/dev/library/http.client.html#http.client.HTTPSConnection Regards Antoine.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4