[CalendarServer-changes] [4022] CalendarServer/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Wed Apr 15 17:47:22 PDT 2009
Revision: 4022
http://trac.macosforge.org/projects/calendarserver/changeset/4022
Author: sagen at apple.com
Date: 2009-04-15 17:47:19 -0700 (Wed, 15 Apr 2009)
Log Message:
-----------
Allows SSL method to be configured in the plist (default is still SSLv3)
Modified Paths:
--------------
CalendarServer/trunk/calendarserver/tap/caldav.py
CalendarServer/trunk/twistedcaldav/config.py
CalendarServer/trunk/twistedcaldav/scheduling/ischedule.py
Modified: CalendarServer/trunk/calendarserver/tap/caldav.py
===================================================================
--- CalendarServer/trunk/calendarserver/tap/caldav.py 2009-04-15 19:18:39 UTC (rev 4021)
+++ CalendarServer/trunk/calendarserver/tap/caldav.py 2009-04-16 00:47:19 UTC (rev 4022)
@@ -29,6 +29,7 @@
from pwd import getpwnam, getpwuid
from grp import getgrnam
from OpenSSL.SSL import Error as SSLError
+import OpenSSL
from zope.interface import implements
@@ -722,6 +723,7 @@
config.SSLCertificate,
certificateChainFile=config.SSLAuthorityChain,
passwdCallback=getSSLPassphrase,
+ sslmethod=getattr(OpenSSL.SSL, config.SSLMethod),
)
except SSLError, e:
self.log_error("Unable to set up SSL context factory: %s"
Modified: CalendarServer/trunk/twistedcaldav/config.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/config.py 2009-04-15 19:18:39 UTC (rev 4021)
+++ CalendarServer/trunk/twistedcaldav/config.py 2009-04-16 00:47:19 UTC (rev 4022)
@@ -97,6 +97,7 @@
"HTTPPort": 0, # HTTP port (0 to disable HTTP)
"SSLPort" : 0, # SSL port (0 to disable HTTPS)
"RedirectHTTPToHTTPS" : False, # If True, all nonSSL requests redirected to an SSL Port
+ "SSLMethod" : "SSLv3_METHOD", # SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, TLSv1_METHOD
#
# Network address configuration information
Modified: CalendarServer/trunk/twistedcaldav/scheduling/ischedule.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/scheduling/ischedule.py 2009-04-15 19:18:39 UTC (rev 4021)
+++ CalendarServer/trunk/twistedcaldav/scheduling/ischedule.py 2009-04-16 00:47:19 UTC (rev 4022)
@@ -39,6 +39,8 @@
from twistedcaldav.scheduling.itip import iTIPRequestStatus
from twistedcaldav.util import utf8String
+import OpenSSL
+
"""
Server to server utility functions and client requests.
"""
@@ -125,7 +127,7 @@
try:
from twisted.internet import reactor
if self.server.ssl:
- context = ChainingOpenSSLContextFactory(config.SSLPrivateKey, config.SSLCertificate, certificateChainFile=config.SSLAuthorityChain)
+ context = ChainingOpenSSLContextFactory(config.SSLPrivateKey, config.SSLCertificate, certificateChainFile=config.SSLAuthorityChain, sslmethod=getattr(OpenSSL.SSL, config.SSLMethod))
proto = (yield ClientCreator(reactor, HTTPClientProtocol).connectSSL(self.server.host, self.server.port, context))
else:
proto = (yield ClientCreator(reactor, HTTPClientProtocol).connectTCP(self.server.host, self.server.port))
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20090415/54b2a671/attachment-0001.html>
More information about the calendarserver-changes
mailing list