Am 01.03.2010 18:27, schrieb Cédric Krier: > He says that he can implement the same functionnality with one line of code. > So here we are waiting for your one line?
Everything you want to achieve with you "fingerprint" file is already
build into SSL. So here is the line::
self.ssl_sock = ssl.wrap_socket(self.sock, cert_reqs=True,
ca_certs=os.path.join(get_config_dir(), 'ca-bundle.crt')
(For real usage we should add some boilerplate thought ;-)
Sorry for being harsh, ced. This discussion here and the earlier once
about SSL show that you are lacking basic knowledge and understanding
about SSL, certificates, how to use SSL correctly, how to use
certificates correctly, how to use certificates in conjunction with SSL
correctly.
Why are you not trusting others to know what they are talking about? Why
are you ignoring the tips of others? I'm a security consultant for some
10 years now. It's my daily business. I've seen lots of bad stuff like
this in these years. And I know why they will not work out in the long
run -- if they work at all. What makes you believe, you are smarter
about IT security?
--
Schönen Gruß - Regards
Hartmut Goebel
Dipl.-Informatiker (univ.), CISSP, CSSLP
Goebel Consult
Spezialist für IT-Sicherheit in komplexen Umgebungen
http://www.goebel-consult.de
Monatliche Kolumne: http://www.cissp-gefluester.de/
Goebel Consult mit Mitglied bei http://www.7-it.de
smime.p7s
Description: S/MIME Cryptographic Signature
