Add support for TLS client certificate/key

2018-09-17 10:55:39 +01:00 · 2018-09-17 10:55:39 +01:00 · d307fab507
commit d307fab507
parent 3576f18a82
2 changed files with 9 additions and 0 deletions
--- a/IRCServer.py
+++ b/IRCServer.py
@ -85,8 +85,15 @@ class Server(object):
        context.options |= ssl.OP_NO_SSLv2
        context.options |= ssl.OP_NO_SSLv3
        context.options |= ssl.OP_NO_TLSv1
+
        context.load_default_certs()
        context.verify_mode = ssl.CERT_REQUIRED
+
+        client_certificate = self.bot.config.get("ssl-certificate", None)
+        client_key = self.bot.config.get("ssl-key", None)
+        if client_certificate and client_key:
+            context.load_cert_chain(client_certificate, keyfile=client_key)
+
        self.socket = context.wrap_socket(self.socket)

    def connect(self):
--- a/bot.conf.example
+++ b/bot.conf.example
@ -1,4 +1,6 @@
 [bot]
+ssl-certificate          =
+ssl-key                  =
 openweathermap-api-key   =
 wolframalpha-api-key     =
 google-api-key           =