0x2620/openmedialibrary
1
0
Fork 0
Code Issues 131 Pull requests Releases Wiki Activity

fix loading 1024 bit keys in debian

Browse source
This commit is contained in:
j 2018-12-14 11:36:05 +01:00
parent ff7cee2be1
commit 3bddb36fcb
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
oml/tor_request.py
View file

@ -74,7 +74,13 @@ class TorHTTPSConnection(http.client.HTTPSConnection):
if context: if context:
context.check_hostname = False context.check_hostname = False
context.verify_mode = ssl.CERT_NONE context.verify_mode = ssl.CERT_NONE
context.load_cert_chain(settings.ssl_cert_path, settings.ssl_key_path) # tor keys are still 1024 bit, debian started to require 2048 by default,
# try to lower requirements to 1024 if needed
try:
context.load_cert_chain(settings.ssl_cert_path, settings.ssl_key_path)
except ssl.SSLError:
context.set_ciphers('DEFAULT@SECLEVEL=1')
context.load_cert_chain(settings.ssl_cert_path, settings.ssl_key_path)
context.load_default_certs() context.load_default_certs()
http.client.HTTPSConnection.__init__(self, host, port, http.client.HTTPSConnection.__init__(self, host, port,
check_hostname=check_hostname, context=context, **kwargs) check_hostname=check_hostname, context=context, **kwargs)