diff options
Diffstat (limited to 'libpathod')
| -rw-r--r-- | libpathod/pathoc.py | 19 | ||||
| -rw-r--r-- | libpathod/pathod.py | 12 | ||||
| -rw-r--r-- | libpathod/utils.py | 8 |
3 files changed, 26 insertions, 13 deletions
diff --git a/libpathod/pathoc.py b/libpathod/pathoc.py index 32ae8441..4e807002 100644 --- a/libpathod/pathoc.py +++ b/libpathod/pathoc.py @@ -14,15 +14,8 @@ class Response: def __repr__(self): return "Response(%s - %s)"%(self.status_code, self.msg) -SSLVERSIONS = { - 1: tcp.TLSv1_METHOD, - 2: tcp.SSLv2_METHOD, - 3: tcp.SSLv3_METHOD, - 4: tcp.SSLv23_METHOD, -} - class Pathoc(tcp.TCPClient): - def __init__(self, address, ssl=None, sni=None, sslversion=1, clientcert=None): + def __init__(self, address, ssl=None, sni=None, sslversion=1, clientcert=None, ciphers=None): tcp.TCPClient.__init__(self, address) self.settings = dict( staticdir = os.getcwd(), @@ -30,7 +23,8 @@ class Pathoc(tcp.TCPClient): ) self.ssl, self.sni = ssl, sni self.clientcert = clientcert - self.sslversion = SSLVERSIONS[sslversion] + self.sslversion = utils.SSLVERSIONS[sslversion] + self.ciphers = ciphers def http_connect(self, connect_to): self.wfile.write( @@ -56,7 +50,12 @@ class Pathoc(tcp.TCPClient): self.http_connect(connect_to) if self.ssl: try: - self.convert_to_ssl(sni=self.sni, cert=self.clientcert, method=self.sslversion) + self.convert_to_ssl( + sni=self.sni, + cert=self.clientcert, + method=self.sslversion, + cipher_list = self.ciphers + ) except tcp.NetLibError, v: raise PathocError(str(v)) diff --git a/libpathod/pathod.py b/libpathod/pathod.py index e71701fb..a8c2a29f 100644 --- a/libpathod/pathod.py +++ b/libpathod/pathod.py @@ -9,12 +9,14 @@ class PathodError(Exception): pass class SSLOptions: - def __init__(self, certfile=None, keyfile=None, not_after_connect=None, request_client_cert=False): + def __init__(self, certfile=None, keyfile=None, not_after_connect=None, request_client_cert=False, sslversion=tcp.SSLv23_METHOD, ciphers=None): self.keyfile = keyfile or utils.data.path("resources/server.key") self.certfile = certfile or utils.data.path("resources/server.crt") self.cert = certutils.SSLCert.from_pem(file(self.certfile, "rb").read()) self.not_after_connect = not_after_connect self.request_client_cert = request_client_cert + self.ciphers = ciphers + self.sslversion = sslversion class PathodHandler(tcp.BaseHandler): @@ -79,7 +81,9 @@ class PathodHandler(tcp.BaseHandler): self.server.ssloptions.cert, self.server.ssloptions.keyfile, handle_sni = self.handle_sni, - request_client_cert = self.server.ssloptions.request_client_cert + request_client_cert = self.server.ssloptions.request_client_cert, + cipher_list = self.server.ssloptions.ciphers, + method = self.server.ssloptions.sslversion, ) except tcp.NetLibError, v: s = str(v) @@ -185,7 +189,9 @@ class PathodHandler(tcp.BaseHandler): self.server.ssloptions.cert, self.server.ssloptions.keyfile, handle_sni = self.handle_sni, - request_client_cert = self.server.ssloptions.request_client_cert + request_client_cert = self.server.ssloptions.request_client_cert, + cipher_list = self.server.ssloptions.ciphers, + method = self.server.ssloptions.sslversion, ) except tcp.NetLibError, v: s = str(v) diff --git a/libpathod/utils.py b/libpathod/utils.py index b5dc73c7..110a7170 100644 --- a/libpathod/utils.py +++ b/libpathod/utils.py @@ -1,4 +1,12 @@ import os +from netlib import tcp + +SSLVERSIONS = { + 1: tcp.TLSv1_METHOD, + 2: tcp.SSLv2_METHOD, + 3: tcp.SSLv3_METHOD, + 4: tcp.SSLv23_METHOD, +} SIZE_UNITS = dict( b = 1024**0, |