summaryrefslogtreecommitdiff
path: root/tools/certtools.py
diff options
context:
space:
mode:
Diffstat (limited to 'tools/certtools.py')
-rw-r--r--tools/certtools.py23
1 files changed, 16 insertions, 7 deletions
diff --git a/tools/certtools.py b/tools/certtools.py
index 498a2e0..405aabd 100644
--- a/tools/certtools.py
+++ b/tools/certtools.py
@@ -88,12 +88,24 @@ def get_root_cert(issuer):
return root_cert
-def urlopen(url, data=None):
+class sslparameters:
+ sslcontext = None
+
+def create_ssl_context(cafile=None):
try:
- opener = urllib2.build_opener(urllib2.HTTPSHandler(context=ssl.SSLContext(ssl.PROTOCOL_TLSv1)))
+ sslparameters.sslcontext = ssl.create_default_context(cafile=cafile)
except AttributeError:
+ sslparameters.sslcontext = None
+
+def get_opener():
+ try:
+ opener = urllib2.build_opener(urllib2.HTTPSHandler(context=sslparameters.sslcontext))
+ except TypeError:
opener = urllib2.build_opener(urllib2.HTTPSHandler())
- return opener.open(url, data)
+ return opener
+
+def urlopen(url, data=None):
+ return get_opener().open(url, data)
def get_sth(baseurl):
result = urlopen(baseurl + "ct/v1/get-sth").read()
@@ -238,10 +250,7 @@ def check_auth_header(authheader, expected_key, publickeydir, data, path):
return True
def http_request(url, data=None, key=None, verifynode=None, publickeydir="."):
- try:
- opener = urllib2.build_opener(urllib2.HTTPSHandler(context=ssl.SSLContext(ssl.PROTOCOL_TLSv1)))
- except AttributeError:
- opener = urllib2.build_opener(urllib2.HTTPSHandler())
+ opener = get_opener()
(keyname, keyfile) = key
privatekey = get_eckey_from_file(keyfile)