From e65a722b2f6d09dc082dd7646327b487ac4244b5 Mon Sep 17 00:00:00 2001 From: Valentin Lorentz Date: Sun, 10 Nov 2013 11:45:01 +0100 Subject: [PATCH] Add certfp support. Closes GH-468. --- src/conf.py | 3 +++ src/drivers/Socket.py | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/conf.py b/src/conf.py index 80665199a..9b3b0441f 100644 --- a/src/conf.py +++ b/src/conf.py @@ -306,6 +306,9 @@ def registerNetwork(name, password='', ssl=False, sasl_username='', registerGlobalValue(network, 'ssl', registry.Boolean(ssl, _("""Determines whether the bot will attempt to connect with SSL sockets to %s.""") % name)) + registerGlobalValue(network, 'certfile', registry.String('', + _("""Determines what certificate file (if any) the bot will use to + connect with SSL sockets to %s.""") % name)) registerChannelValue(network.channels, 'key', registry.String('', _("""Determines what key (if any) will be used to join the channel."""), private=True)) diff --git a/src/drivers/Socket.py b/src/drivers/Socket.py index 08b799cc4..c4b12bba1 100644 --- a/src/drivers/Socket.py +++ b/src/drivers/Socket.py @@ -304,7 +304,10 @@ class SocketDriver(drivers.IrcDriver, drivers.ServersMixin): try: if getattr(conf.supybot.networks, self.irc.network).ssl(): assert globals().has_key('ssl') - self.conn = ssl.wrap_socket(self.conn) + certfile = getattr(conf.supybot.networks, self.irc.network) \ + .certfile() + self.conn = ssl.wrap_socket(self.conn, + certfile=certfile or None) self.conn.connect((address, server[1])) def setTimeout(): self.conn.settimeout(conf.supybot.drivers.poll())