From 3c7ac177e1f173fa4806feb583e05fdcfb83ceed Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Wed, 8 Aug 2007 13:32:41 +0000 Subject: Fix server auth svn path=/scripts/http-client.py; revision=840 --- scripts/http-client.py | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) (limited to 'scripts/http-client.py') diff --git a/scripts/http-client.py b/scripts/http-client.py index 35091f26..02af3659 100644 --- a/scripts/http-client.py +++ b/scripts/http-client.py @@ -15,21 +15,15 @@ f = open("biz-certs/Dave-EE.key", "r") privateKey = tlslite.api.parsePEMKey(f.read(), private=True) f.close() -# There doesn't seem to be any existing OpenSSL-based python HTTPS -# client which bothers to check the server's certificate. tlslite -# does check, but only when it's using cryptlib...which doesn't -# compile on FreeBSD this week due to a completely unrelated symbol -# collision with another FreeBSD package (don't ask). -# -# The mechanism that requires cryptlib is the x509TrustList parameter to -# tlslite.api.HTTPTLSConnection(), which looks just about perfect other -# than requiring cryptlib. Not sure how much work it would be to get -# this to work with M2Crypto (would help if M2Crypto were documented). -# -# For the moment, just punt on the issue, as this is test code. In -# production this would be a problem. +x509TrustList = [] +for file in ("biz-certs/Alice-Root.cer", "biz-certs/Bob-Root.cer", "biz-certs/Carol-Root.cer"): + f = open(file, "r") + x509 = tlslite.api.X509() + x509.parse(f.read()) + f.close() + x509TrustList.append(x509) -https = tlslite.api.HTTPTLSConnection(host="localhost", port=8080, certChain=certChain, privateKey=privateKey) +https = tlslite.api.HTTPTLSConnection(host="localhost", port=4433, certChain=certChain, privateKey=privateKey, x509TrustList=x509TrustList) https.connect() https.request("POST", "/", "This is a test. This is only a test. Had this been real you would now be really confused.\n", {"Content-Type":"application/wombat"}) -- cgit v1.2.3