diff options
| author | avborhanian <avborhanian@gmail.com> | 2018-11-06 10:21:10 -0500 |
|---|---|---|
| committer | Asif Saif Uddin <auvipy@gmail.com> | 2018-11-06 21:21:10 +0600 |
| commit | 88794b4de3e6ce5d8201ac23df900152c6426a38 (patch) | |
| tree | a13941f6cd2ed2f1ad8ff3da27a7bef94dc48041 | |
| parent | 6bb93e308649fd4561300f271e3cd817d97dab28 (diff) | |
| download | py-amqp-88794b4de3e6ce5d8201ac23df900152c6426a38.tar.gz | |
Change direct SSLSocket instantiation with wrap_socket (#215)
| -rw-r--r-- | amqp/transport.py | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/amqp/transport.py b/amqp/transport.py index 90dffd7..4363fb7 100644 --- a/amqp/transport.py +++ b/amqp/transport.py @@ -341,11 +341,16 @@ class SSLTransport(_AbstractTransport): opts['ssl_version'] = ssl.PROTOCOL_TLS else: opts['ssl_version'] = ssl.PROTOCOL_SSLv23 + sock = ssl.wrap_socket(**opts) # Set SNI headers if supported if (server_hostname is not None) and ( - hasattr(ssl, 'HAS_SNI') and ssl.HAS_SNI): - opts['server_hostname'] = server_hostname - sock = ssl.SSLSocket(**opts) + hasattr(ssl, 'HAS_SNI') and ssl.HAS_SNI) and ( + hasattr(ssl, 'SSLContext')): + context = ssl.SSLContext(opts['ssl_version']) + context.verify_mode = cert_reqs + context.check_hostname = True + context.load_cert_chain(certfile, keyfile) + sock = context.wrap_socket(sock, server_hostname=server_hostname) return sock def _shutdown_transport(self): |