Skip to content

Commit fc7dddc

Browse files
bd808bd808
committed
Use ssl.SSLContext in ib3.connection.SSL
Closes #23
1 parent 98f75ea commit fc7dddc

File tree

3 files changed

+15
-7
lines changed

3 files changed

+15
-7
lines changed

HISTORY.rst

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,9 @@
1-
v0.3.0
1+
UNRELEASED
22
----------
3+
* Use ssl.SSLContext in ib3.connection.SSL
4+
5+
v0.3.0
6+
------
37
* [BREAKING] Drop support for Python versions before 3.7
48
* Require irc>=20.0.0
59
* Convert to hatchling build system backend

src/ib3/connection.py

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,3 @@
1-
#
21
# This file is part of IRC Bot Behavior Bundle (IB3)
32
# Copyright (C) 2017 Bryan Davis and contributors
43
#
@@ -14,7 +13,6 @@
1413
#
1514
# You should have received a copy of the GNU General Public License along with
1615
# this program. If not, see <http://www.gnu.org/licenses/>.
17-
1816
import logging
1917
import ssl
2018

@@ -27,7 +25,15 @@ class SSL:
2725
"""Use SSL connections."""
2826

2927
def __init__(self, *args, **kwargs):
28+
self._ssl_context = ssl.SSLContext(protocol=ssl.PROTOCOL_TLS_CLIENT)
29+
self._ssl_context.load_default_certs()
30+
# Unfortunately the upstream library doesn't give us a simple way to
31+
# pass the IRC server hostname to the socket factory for SNI and cert
32+
# verification. See https://github.com/jaraco/irc/issues/216
33+
self._ssl_context.check_hostname = False
34+
self._ssl_context.verify_mode = ssl.CERT_NONE
35+
3036
kwargs["connect_factory"] = irc.connection.Factory(
31-
wrapper=ssl.wrap_socket,
37+
wrapper=self._ssl_context.wrap_socket,
3238
)
3339
super().__init__(*args, **kwargs)

tests/connection_test.py

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,6 @@
1313
#
1414
# You should have received a copy of the GNU General Public License along with
1515
# this program. If not, see <http://www.gnu.org/licenses/>.
16-
import ssl
17-
1816
import ib3
1917
import ib3.connection
2018

@@ -33,6 +31,6 @@ def test_ssl(mocker):
3331
)
3432
assert isinstance(bot, ib3.connection.SSL)
3533
assert isinstance(bot, ib3.Bot)
36-
conn_factory.assert_called_once_with(wrapper=ssl.wrap_socket)
34+
conn_factory.assert_called_once_with(wrapper=bot._ssl_context.wrap_socket)
3735
args, kwargs = mock_init.call_args
3836
assert kwargs["connect_factory"] is conn_factory.return_value

0 commit comments

Comments
 (0)