[Yum-devel] [UG][Yum] SSL Cert checking - urlgrabber patch
James Bowes
jbowes at redhat.com
Mon Sep 18 21:08:07 UTC 2006
Here's the urlgrabber patch.
Instead of importing urllib2, we import m2urllib2, M2Crypto's SSL
wrapper around urllib2.
The URLGrabber object can take two new kwargs, ssl_ca_cert, and
ssl_context. These two arguments conflict, so ssl_ca_cert is preferred
over ssl_context.
ssl_ca_cert is the path to a file on disk containing ca certs. If this
argument is provided, urlgrabber will create an SSL context that will
perform ca cert checking against the certs in this file.
ssl_context is an M2Crypto SSL Context, which can be passed in if you
want more fine-grained control over the SSL setup.
If neither of these arguments are provided, then a default SSL context
is used. It's pretty equivalent to what would be used now with python's ssl.
From here, you just pass ssl_context into any m2urllib2 methods.
-James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ug-ssl.patch
Type: text/x-patch
Size: 8833 bytes
Desc: not available
Url : http://lists.baseurl.org/pipermail/yum-devel/attachments/20060918/8ca8041f/attachment.bin
More information about the Yum-devel
mailing list