Adding --verify for SSL certificate verification

Review Request #6783 — Created Jan. 16, 2015 and discarded — Latest diff uploaded

Information

RBTools
master

Reviewers

This is diff is for passing a self signed certificate down through to the SSLContext. This is necessary because python 2.7.9 has recently made urllib2.urlopen and its kin actually verify ssl certificates. I know, how dare they, right? So us peons that don't give money to thawte are S.O.L. without something like this.

This will store everything into an SSL_CONTEXT variable, which can either be a CA file in PEM format, or False. The former will obviously verify against that certificate while the latter will disable certificate stuff entirely.

Some considerations of this approach: * If you hit two different reviewboard servers and one has a self-signed certificate, it is likely there is no value besides False which you can supply that will make both servers happy. I think this could be done with the capath= argument and using a directory of certificates, but I couldn't figure out how openssl wanted the directory structure formatted

NB I just ran tests with python2.6 and they just exploded -- that said I'm late for an engagement so will fix later

Just preliminary testing, hitting our own server, hitting reviewboard.org's server, and hitting some rando's server i don't have the certificate for. Have only tested on python2.7.9 so far

    Loading...