diff options
| author | Kyle Morton <kylemorton@google.com> | 2015-06-20 12:54:03 -0700 |
|---|---|---|
| committer | Kyle Morton <kylemorton@google.com> | 2015-06-22 16:48:09 -0700 |
| commit | 7afe44ba4ee8810e24abfa32f74dfac61e5551d3 (patch) | |
| tree | ddcec133c985d2105c6ddfa4d28c08736a95bca3 /netlib/tcp.py | |
| parent | 2aa1b98fbf8d03005e022da86e3e534cf25ebf62 (diff) | |
| download | mitmproxy-7afe44ba4ee8810e24abfa32f74dfac61e5551d3.tar.gz mitmproxy-7afe44ba4ee8810e24abfa32f74dfac61e5551d3.tar.bz2 mitmproxy-7afe44ba4ee8810e24abfa32f74dfac61e5551d3.zip | |
Updating TCPServer to allow tests (and potentially other use cases) to serve
certificate chains instead of only single certificates.
Diffstat (limited to 'netlib/tcp.py')
| -rw-r--r-- | netlib/tcp.py | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py index 77eb7b52..61306e4e 100644 --- a/netlib/tcp.py +++ b/netlib/tcp.py @@ -567,7 +567,8 @@ class BaseHandler(_Connection): dhparams=None, **sslctx_kwargs): """ - cert: A certutils.SSLCert object. + cert: A certutils.SSLCert object or the path to a certificate + chain file. handle_sni: SNI handler, should take a connection object. Server name can be retrieved like this: @@ -594,7 +595,10 @@ class BaseHandler(_Connection): context = self._create_ssl_context(**sslctx_kwargs) context.use_privatekey(key) - context.use_certificate(cert.x509) + if isinstance(cert, certutils.SSLCert): + context.use_certificate(cert.x509) + else: + context.use_certificate_chain_file(cert) if handle_sni: # SNI callback happens during do_handshake() |