in qpid/connection08.py [0:0]
def connect(host, port, options = None):
sock = socket.socket()
sock.connect((host, port))
sock.setblocking(1)
if options and options.get("ssl", False):
log.debug("Wrapping socket for SSL")
ssl_certfile = options.get("ssl_certfile", None)
ssl_keyfile = options.get("ssl_keyfile", ssl_certfile)
ssl_trustfile = options.get("ssl_trustfile", None)
ssl_require_trust = options.get("ssl_require_trust", True)
ssl_verify_hostname = not options.get("ssl_skip_hostname_check", False)
try:
# Python 2.6 and 2.7
from ssl import wrap_socket, CERT_REQUIRED, CERT_NONE
try:
# Python 2.7.9 and newer
from ssl import match_hostname as verify_hostname
except ImportError:
# Before Python 2.7.9 we roll our own
from qpid.messaging.transports import verify_hostname
if ssl_require_trust or ssl_verify_hostname:
validate = CERT_REQUIRED
else:
validate = CERT_NONE
sock = wrap_socket(sock,
keyfile=ssl_keyfile,
certfile=ssl_certfile,
ca_certs=ssl_trustfile,
cert_reqs=validate)
except ImportError as e:
# Python 2.5 and older
if ssl_verify_hostname:
log.error("Your version of Python does not support ssl hostname verification. Please upgrade your version of Python.")
raise e
sock = _OldSSLSock(sock, ssl_keyfile, ssl_certfile)
if ssl_verify_hostname:
verify_hostname(sock.getpeercert(), host)
return SockIO(sock)