2way-ssl and server hostname #499

kelvinkwong · 2019-01-31T01:37:41Z

Client Certificate

Client Certificate is not configured in XMLStream._create_secure_socket() for Python > 3.4

Please change line 473:
ctx.load_verify_locations(cafile=self.ca_certs)
to:

if self.ca_certs:
    ctx.load_verify_locations(cafile=self.ca_certs)
if self.certfile and self.keyfile:
    ctx.load_cert_chain(self.certfile, self.keyfile)

So it checks the certificates are not None, before committing it in connection.

Server Hostname

Also, Server hostname is required on my instance in XMLStream._create_secure_socket(). Not sure if everybody needs it. On line 523:
return ctx.wrap_socket(self.socket, do_handshake_on_connect=False)
To:
return ctx.wrap_socket(self.socket, do_handshake_on_connect=False, server_hostname=self._expected_server_name)

The text was updated successfully, but these errors were encountered:

kelvinkwong · 2019-02-06T02:46:08Z

wrt to Branch == develop

Neustradamus · 2019-04-08T02:21:48Z

@kelvinkwong: Better to create a PR no?

kelvinkwong · 2019-04-09T01:13:03Z

@Neustradamus whats a PR? Sorry new to terms

Neustradamus · 2019-04-09T12:51:57Z

@kelvinkwong: https://github.com/fritzy/SleekXMPP/pulls :)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

2way-ssl and server hostname #499

2way-ssl and server hostname #499

kelvinkwong commented Jan 31, 2019

kelvinkwong commented Feb 6, 2019

Neustradamus commented Apr 8, 2019

kelvinkwong commented Apr 9, 2019

Neustradamus commented Apr 9, 2019

2way-ssl and server hostname #499

2way-ssl and server hostname #499

Comments

kelvinkwong commented Jan 31, 2019

Client Certificate

Server Hostname

kelvinkwong commented Feb 6, 2019

Neustradamus commented Apr 8, 2019

kelvinkwong commented Apr 9, 2019

Neustradamus commented Apr 9, 2019