[CalendarServer-changes] [4022] CalendarServer/trunk

Wed Apr 15 17:47:22 PDT 2009

Revision: 4022
          http://trac.macosforge.org/projects/calendarserver/changeset/4022
Author:   sagen at apple.com
Date:     2009-04-15 17:47:19 -0700 (Wed, 15 Apr 2009)
Log Message:
-----------
Allows SSL method to be configured in the plist (default is still SSLv3)

Modified Paths:
--------------
    CalendarServer/trunk/calendarserver/tap/caldav.py
    CalendarServer/trunk/twistedcaldav/config.py
    CalendarServer/trunk/twistedcaldav/scheduling/ischedule.py

Modified: CalendarServer/trunk/calendarserver/tap/caldav.py
===================================================================

--- CalendarServer/trunk/calendarserver/tap/caldav.py	2009-04-15 19:18:39 UTC (rev 4021)
+++ CalendarServer/trunk/calendarserver/tap/caldav.py	2009-04-16 00:47:19 UTC (rev 4022)
@@ -29,6 +29,7 @@
 from pwd import getpwnam, getpwuid
 from grp import getgrnam
 from OpenSSL.SSL import Error as SSLError
+import OpenSSL
 
 from zope.interface import implements
 
@@ -722,6 +723,7 @@
                         config.SSLCertificate,
                         certificateChainFile=config.SSLAuthorityChain,
                         passwdCallback=getSSLPassphrase,
+                        sslmethod=getattr(OpenSSL.SSL, config.SSLMethod),
                     )
                 except SSLError, e:
                     self.log_error("Unable to set up SSL context factory: %s"

Modified: CalendarServer/trunk/twistedcaldav/config.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/config.py	2009-04-15 19:18:39 UTC (rev 4021)
+++ CalendarServer/trunk/twistedcaldav/config.py	2009-04-16 00:47:19 UTC (rev 4022)
@@ -97,6 +97,7 @@
     "HTTPPort": 0,        # HTTP port (0 to disable HTTP)
     "SSLPort" : 0,        # SSL port (0 to disable HTTPS)
     "RedirectHTTPToHTTPS" : False, # If True, all nonSSL requests redirected to an SSL Port
+    "SSLMethod" : "SSLv3_METHOD", # SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, TLSv1_METHOD
 
     #
     # Network address configuration information

Modified: CalendarServer/trunk/twistedcaldav/scheduling/ischedule.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/scheduling/ischedule.py	2009-04-15 19:18:39 UTC (rev 4021)
+++ CalendarServer/trunk/twistedcaldav/scheduling/ischedule.py	2009-04-16 00:47:19 UTC (rev 4022)
@@ -39,6 +39,8 @@
 from twistedcaldav.scheduling.itip import iTIPRequestStatus
 from twistedcaldav.util import utf8String
 
+import OpenSSL
+
 """
 Server to server utility functions and client requests.
 """
@@ -125,7 +127,7 @@
         try:
             from twisted.internet import reactor
             if self.server.ssl:
-                context = ChainingOpenSSLContextFactory(config.SSLPrivateKey, config.SSLCertificate, certificateChainFile=config.SSLAuthorityChain)
+                context = ChainingOpenSSLContextFactory(config.SSLPrivateKey, config.SSLCertificate, certificateChainFile=config.SSLAuthorityChain, sslmethod=getattr(OpenSSL.SSL, config.SSLMethod))
                 proto = (yield ClientCreator(reactor, HTTPClientProtocol).connectSSL(self.server.host, self.server.port, context))
             else:
                 proto = (yield ClientCreator(reactor, HTTPClientProtocol).connectTCP(self.server.host, self.server.port))
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20090415/54b2a671/attachment-0001.html>
