Ensure server's SSL cert is validated

A bug was introduced which meant that the server SSL certificate was not being verified. Here we make sure that it is checked (unless the --insecure flag is used). Helps guard against man-in-the-middle attack. Change-Id: I08f30bf3906b6580c871729311343fa8eefda91b Closes-bug: #1357430
2014-08-15 14:53:34 +00:00
parent c59ba203dd
commit d6498b602f
2 changed files with 12 additions and 3 deletions
@@ -77,7 +77,8 @@ class HTTPSAdapter(adapters.HTTPAdapter):

    def cert_verify(self, conn, url, verify, cert):
        super(HTTPSAdapter, self).cert_verify(conn, url, verify, cert)
-        conn.insecure = not verify
+        conn.ca_certs = verify[0]
+        conn.insecure = verify[1]


 class HTTPSConnectionPool(connectionpool.HTTPSConnectionPool):