read ca_certs from config

2014-06-01 18:52:05 -07:00 · 2014-06-01 18:52:05 -07:00 · eb2119309d
parent 5ded3dcd24
commit eb2119309d
3 changed files with 11 additions and 2 deletions
--- a/init.py
+++ b/init.py
@ -39,7 +39,8 @@ def run_phenny(config):
    def connect(config): 
        import bot
        p = bot.Phenny(config)
-        p.run(config.host, config.port, config.ssl, config.ipv6)
+        p.run(config.host, config.port, config.ssl, config.ipv6,
+              config.ca_certs)

    try: Watcher()
    except Exception as e:
--- a/irc.py
+++ b/irc.py
@ -114,8 +114,13 @@ class Bot(asynchat.async_chat):
                    cafile=self.ca_certs)
                sock = context.wrap_socket(sock, server_hostname=hostname)
            except:
+                if self.ca_certs is None:
+                    # default to standard path on most non-EL distros
+                    ca_certs = "/etc/ssl/certs/ca-certificates.crt"
+                else:
+                    ca_certs = self.ca_certs
                sock = ssl.wrap_socket(sock, ssl_version=ssl.PROTOCOL_TLSv1,
-                        cert_reqs=ssl.CERT_OPTIONAL, ca_certs=self.ca_certs)
+                        cert_reqs=ssl.CERT_OPTIONAL, ca_certs=ca_certs)
        # FIXME: this doesn't work with SSL enabled
        #sock.setblocking(False)
        self.set_socket(sock)
--- a/3
+++ b/3
@ -156,6 +156,9 @@ def main(argv=None):
 
        if not hasattr(module, 'ssl'):
            module.ssl = False
+
+        if not hasattr(module, 'ca_certs'):
+            module.ca_certs = None
 
        if not hasattr(module, 'ipv6'):
            module.ipv6 = False