fix loading 1024 bit keys in debian
This commit is contained in:
parent
ff7cee2be1
commit
3bddb36fcb
1 changed files with 7 additions and 1 deletions
|
@ -74,7 +74,13 @@ class TorHTTPSConnection(http.client.HTTPSConnection):
|
|||
if context:
|
||||
context.check_hostname = False
|
||||
context.verify_mode = ssl.CERT_NONE
|
||||
context.load_cert_chain(settings.ssl_cert_path, settings.ssl_key_path)
|
||||
# tor keys are still 1024 bit, debian started to require 2048 by default,
|
||||
# try to lower requirements to 1024 if needed
|
||||
try:
|
||||
context.load_cert_chain(settings.ssl_cert_path, settings.ssl_key_path)
|
||||
except ssl.SSLError:
|
||||
context.set_ciphers('DEFAULT@SECLEVEL=1')
|
||||
context.load_cert_chain(settings.ssl_cert_path, settings.ssl_key_path)
|
||||
context.load_default_certs()
|
||||
http.client.HTTPSConnection.__init__(self, host, port,
|
||||
check_hostname=check_hostname, context=context, **kwargs)
|
||||
|
|
Loading…
Reference in a new issue