Show More
@@ -327,13 +327,18 b' def validatesocket(sock, strict=False):' | |||
|
327 | 327 | |
|
328 | 328 | # If a certificate fingerprint is pinned, use it and only it to |
|
329 | 329 | # validate the remote cert. |
|
330 | peerfingerprint = util.sha1(peercert).hexdigest() | |
|
331 | nicefingerprint = ":".join([peerfingerprint[x:x + 2] | |
|
332 | for x in xrange(0, len(peerfingerprint), 2)]) | |
|
330 | peerfingerprints = { | |
|
331 | 'sha1': util.sha1(peercert).hexdigest(), | |
|
332 | 'sha256': util.sha256(peercert).hexdigest(), | |
|
333 | 'sha512': util.sha512(peercert).hexdigest(), | |
|
334 | } | |
|
335 | nicefingerprint = ':'.join([peerfingerprints['sha1'][x:x + 2] | |
|
336 | for x in range(0, len(peerfingerprints['sha1']), 2)]) | |
|
337 | ||
|
333 | 338 | if settings['certfingerprints']: |
|
334 | 339 | fingerprintmatch = False |
|
335 | 340 | for hash, fingerprint in settings['certfingerprints']: |
|
336 | if peerfingerprint.lower() == fingerprint: | |
|
341 | if peerfingerprints[hash].lower() == fingerprint: | |
|
337 | 342 | fingerprintmatch = True |
|
338 | 343 | break |
|
339 | 344 | if not fingerprintmatch: |
General Comments 0
You need to be logged in to leave comments.
Login now