mirror of
https://github.com/Chia-Network/chia-blockchain.git
synced 2024-09-21 08:31:52 +03:00
fix ssl context creation for server vs. client side (#11134)
This commit is contained in:
parent
0aaa343691
commit
a663ece4c3
@ -9,7 +9,7 @@ from aiohttp import ClientConnectorError, ClientSession, ClientWebSocketResponse
|
||||
|
||||
from chia.rpc.util import wrap_http_handler
|
||||
from chia.server.outbound_message import NodeType
|
||||
from chia.server.server import ssl_context_for_server
|
||||
from chia.server.server import ssl_context_for_client, ssl_context_for_server
|
||||
from chia.types.peer_info import PeerInfo
|
||||
from chia.util.byte_types import hexstr_to_bytes
|
||||
from chia.util.ints import uint16
|
||||
@ -42,6 +42,9 @@ class RpcServer:
|
||||
self.ssl_context = ssl_context_for_server(
|
||||
self.ca_cert_path, self.ca_key_path, self.crt_path, self.key_path, log=self.log
|
||||
)
|
||||
self.ssl_client_context = ssl_context_for_client(
|
||||
self.ca_cert_path, self.ca_key_path, self.crt_path, self.key_path, log=self.log
|
||||
)
|
||||
|
||||
async def stop(self):
|
||||
self.shut_down = True
|
||||
@ -278,7 +281,7 @@ class RpcServer:
|
||||
autoclose=True,
|
||||
autoping=True,
|
||||
heartbeat=60,
|
||||
ssl_context=self.ssl_context,
|
||||
ssl_context=self.ssl_client_context,
|
||||
max_msg_size=max_message_size,
|
||||
)
|
||||
await self.connection(self.websocket)
|
||||
|
@ -48,7 +48,7 @@ def ssl_context_for_server(
|
||||
if check_permissions:
|
||||
verify_ssl_certs_and_keys([ca_cert, private_cert_path], [ca_key, private_key_path], log)
|
||||
|
||||
ssl_context = ssl._create_unverified_context(purpose=ssl.Purpose.SERVER_AUTH, cafile=str(ca_cert))
|
||||
ssl_context = ssl._create_unverified_context(purpose=ssl.Purpose.CLIENT_AUTH, cafile=str(ca_cert))
|
||||
ssl_context.check_hostname = False
|
||||
ssl_context.minimum_version = ssl.TLSVersion.TLSv1_2
|
||||
ssl_context.set_ciphers(
|
||||
|
@ -50,7 +50,7 @@ from chia.consensus.vdf_info_computation import get_signage_point_vdf_info
|
||||
from chia.full_node.signage_point import SignagePoint
|
||||
from chia.plotting.util import PlotsRefreshParameter, PlotRefreshResult, PlotRefreshEvents, parse_plot_info
|
||||
from chia.plotting.manager import PlotManager
|
||||
from chia.server.server import ssl_context_for_server
|
||||
from chia.server.server import ssl_context_for_client
|
||||
from chia.types.blockchain_format.classgroup import ClassgroupElement
|
||||
from chia.types.blockchain_format.coin import Coin, hash_coin_list
|
||||
from chia.types.blockchain_format.foliage import Foliage, FoliageBlockData, FoliageTransactionBlock, TransactionsInfo
|
||||
@ -364,7 +364,7 @@ class BlockTools:
|
||||
key_path = self.root_path / self.config["daemon_ssl"]["private_key"]
|
||||
ca_cert_path = self.root_path / self.config["private_ssl_ca"]["crt"]
|
||||
ca_key_path = self.root_path / self.config["private_ssl_ca"]["key"]
|
||||
return ssl_context_for_server(ca_cert_path, ca_key_path, crt_path, key_path)
|
||||
return ssl_context_for_client(ca_cert_path, ca_key_path, crt_path, key_path)
|
||||
|
||||
def get_plot_signature(self, m: bytes32, plot_pk: G1Element) -> G2Element:
|
||||
"""
|
||||
|
Loading…
Reference in New Issue
Block a user