← Back to branch summary

~facundo/magicicada-protocol/trunk

« back to all changes in this revision

Viewing changes to ubuntuone/storageprotocol/context.py

  • Committer: Tarmac
  • Author(s): Guillermo Gonzalez
  • Date: 2014-04-15 21:35:07 UTC
  • mfrom: (163.1.2 load-all-available-certs)
  • Revision ID: tarmac-20140415213507-njtp73nkkz30lsal
Fix get_certificates to load all certificates

Show diffs side-by-side

added added

removed removed

Lines of Context:
ubuntuone/storageprotocol/context.py
68
68
def get_certificates():
69
69
    """Get a list of certificate paths."""
70
70
    ssl_cert_location = get_cert_dir()
71
 
    ca_file = ssl.Certificate.loadPEM(file(os.path.join(ssl_cert_location,
72
 
                     'UbuntuOne-Go_Daddy_Class_2_CA.pem'), 'r').read())
73
 
    ca_file_2 = ssl.Certificate.loadPEM(file(os.path.join(ssl_cert_location,
74
 
                    'UbuntuOne-Go_Daddy_CA.pem'), 'r').read())
75
 
    ca_file_3 = ssl.Certificate.loadPEM(file(os.path.join(ssl_cert_location,
76
 
                    'UbuntuOne-ValiCert_Class_2_VA.pem'), 'r').read())
77
 
    return [ca_file.original, ca_file_2.original, ca_file_3.original]
 
71
    ca_files = []
 
72
    digests = set()
 
73
    for fname in os.listdir(ssl_cert_location):
 
74
        full_path = os.path.join(ssl_cert_location, fname)
 
75
        if os.path.isdir(full_path) or not fname.endswith(".pem"):
 
76
            continue
 
77
        with open(full_path, 'r') as fd:
 
78
            ca_file = ssl.Certificate.loadPEM(fd.read())
 
79
            # we need to avoid adding the same cert twice as openssl
 
80
            # doesn't like it
 
81
            digest = ca_file.original.digest("sha1")
 
82
            if digest in digests:
 
83
                continue
 
84
            digests.add(digest)
 
85
            ca_files.append(ca_file.original)
 
86
    return ca_files
78
87
 
79
88
 
80
89
def get_ssl_context(no_verify, hostname=None):