From c6eb51dbc3be8ef1b97ad66ac5f218d5d48c9ec0 Mon Sep 17 00:00:00 2001 From: Seth Vidal Date: Thu, 22 Apr 2010 17:06:20 -0400 Subject: [PATCH] optionally allow a passwd callback for opening the ssl keys --- certmaster/SSLCommon.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/certmaster/SSLCommon.py b/certmaster/SSLCommon.py index 6959749..e93ff63 100644 --- a/certmaster/SSLCommon.py +++ b/certmaster/SSLCommon.py @@ -29,13 +29,16 @@ def our_verify(connection, x509, errNum, errDepth, preverifyOK): return preverifyOK -def CreateSSLContext(pkey, cert, ca_cert): +def CreateSSLContext(pkey, cert, ca_cert, passwd_callback=None): for f in pkey, cert, ca_cert: if f and not os.access(f, os.R_OK): print "%s does not exist or is not readable." % f os._exit(1) ctx = SSL.Context(SSL.SSLv3_METHOD) # SSLv3 only + if passwd_callback: + ctx.set_passwd_cb = passwd_callback + ctx.use_certificate_file(cert) ctx.use_privatekey_file(pkey) ctx.load_client_ca(ca_cert) -- 2.39.5