当前位置: 首页>>代码示例>>Python>>正文


Python ssl.VERIFY_CRL_CHECK_LEAF属性代码示例

本文整理汇总了Python中ssl.VERIFY_CRL_CHECK_LEAF属性的典型用法代码示例。如果您正苦于以下问题:Python ssl.VERIFY_CRL_CHECK_LEAF属性的具体用法?Python ssl.VERIFY_CRL_CHECK_LEAF怎么用?Python ssl.VERIFY_CRL_CHECK_LEAF使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在ssl的用法示例。


在下文中一共展示了ssl.VERIFY_CRL_CHECK_LEAF属性的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: create_ssl_context

# 需要导入模块: import ssl [as 别名]
# 或者: from ssl import VERIFY_CRL_CHECK_LEAF [as 别名]
def create_ssl_context(config):
    # taken from conn.py, as it adds a lot more logic to the context configuration than the initial version
    ssl_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)  # pylint: disable=no-member
    ssl_context.options |= ssl.OP_NO_SSLv2  # pylint: disable=no-member
    ssl_context.options |= ssl.OP_NO_SSLv3  # pylint: disable=no-member
    ssl_context.verify_mode = ssl.CERT_OPTIONAL
    if config.get('ssl_check_hostname'):
        ssl_context.check_hostname = True
    if config['ssl_cafile']:
        ssl_context.load_verify_locations(config['ssl_cafile'])
        ssl_context.verify_mode = ssl.CERT_REQUIRED
    if config['ssl_certfile'] and config['ssl_keyfile']:
        ssl_context.load_cert_chain(
            certfile=config['ssl_certfile'], keyfile=config['ssl_keyfile'], password=config.get('ssl_password')
        )
    if config.get('ssl_crlfile'):
        if not hasattr(ssl, 'VERIFY_CRL_CHECK_LEAF'):
            raise RuntimeError('This version of Python does not support ssl_crlfile!')
        ssl_context.load_verify_locations(config['ssl_crlfile'])
        # pylint: disable=no-member
        ssl_context.verify_flags |= ssl.VERIFY_CRL_CHECK_LEAF
    if config.get('ssl_ciphers'):
        ssl_context.set_ciphers(config['ssl_ciphers'])
    return ssl_context 
开发者ID:aiven,项目名称:karapace,代码行数:26,代码来源:config.py

示例2: generate_ssl_context

# 需要导入模块: import ssl [as 别名]
# 或者: from ssl import VERIFY_CRL_CHECK_LEAF [as 别名]
def generate_ssl_context(ssl_check_hostname,
                         ssl_cafile,
                         ssl_certfile,
                         ssl_keyfile,
                         ssl_password,
                         ssl_crlfile,
                         ssl_supported_protocols,
                         ssl_ciphers):
    """
    Generate SSLContext for kafka client.
    """
    log.debug('Configuring default SSL Context')
    ssl_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
    ssl_context.options |= ssl.OP_NO_SSLv2
    ssl_context.options |= ssl.OP_NO_SSLv3
    ssl_context.verify_mode = ssl.CERT_OPTIONAL
    if ssl_supported_protocols:
        if 'TLSv1' not in ssl_supported_protocols:
            ssl_context.options |= ssl.OP_NO_TLSv1
        if 'TLSv1.1' not in ssl_supported_protocols:
            ssl_context.options |= ssl.OP_NO_TLSv1_1
        if 'TLSv1.2' not in ssl_supported_protocols:
            ssl_context.options |= ssl.OP_NO_TLSv1_2
    if ssl_check_hostname:
        ssl_context.check_hostname = True
    if ssl_cafile:
        log.info('Loading SSL CA from %s', ssl_cafile)
        ssl_context.load_verify_locations(ssl_cafile)
        ssl_context.verify_mode = ssl.CERT_REQUIRED
    else:
        log.info('Loading system default SSL CAs from %s',
                 ssl.get_default_verify_paths())
        ssl_context.load_default_certs()
    if ssl_certfile and ssl_keyfile:
        log.info('Loading SSL Cert from %s', ssl_certfile)
        log.info('Loading SSL Key from %s', ssl_keyfile)
        ssl_context.load_cert_chain(
            certfile=ssl_certfile,
            keyfile=ssl_keyfile,
            password=ssl_password)
    if ssl_crlfile:
        if not hasattr(ssl, 'VERIFY_CRL_CHECK_LEAF'):
            raise RuntimeError('This version of Python does not'
                               ' support ssl_crlfile!')
        log.info('Loading SSL CRL from %s', ssl_crlfile)
        ssl_context.load_verify_locations(ssl_crlfile)
        ssl_context.verify_flags |= ssl.VERIFY_CRL_CHECK_LEAF
    if ssl_ciphers:
        log.info('Setting SSL Ciphers: %s', ssl_ciphers)
        ssl_context.set_ciphers(ssl_ciphers)
    return ssl_context 
开发者ID:StephenSorriaux,项目名称:ansible-kafka-admin,代码行数:53,代码来源:ssl_utils.py


注:本文中的ssl.VERIFY_CRL_CHECK_LEAF属性示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。