diff --git a/authserv/openssl.py b/authserv/openssl.py deleted file mode 100644 index 92ffff5e7c0215b00b9ecbca952216a07e090883..0000000000000000000000000000000000000000 --- a/authserv/openssl.py +++ /dev/null @@ -1,30 +0,0 @@ -import os -from OpenSSL import crypto, SSL - - -def create_server_context(ssl_cert, ssl_key, ssl_ca, dhparams): - ctx = SSL.Context(SSL.TLSv1_METHOD) - ctx.use_privatekey_file(ssl_key) - ctx.use_certificate_file(ssl_cert) - if dhparams and os.path.exists(dhparams): - ctx.load_tmp_dh(dhparams) - #ctx.set_cipher_list('ECDHE-ECDSA-AES256-SHA384') - #ctx.set_cipher_list('DHE-RSA-AES256-SHA') - - with open(ssl_ca) as fd: - ca_cert = crypto.load_certificate(crypto.FILETYPE_PEM, fd.read()) - ctx.get_cert_store().add_cert(ca_cert) - - def verify_callback(connection, x509, errnum, errdepth, ok): - # Nothing else to do, valid CA signature has already been verified. - #print 'verify_callback(%s, %s, %s, %s, %s)' % ( - # connection, x509, errnum, errdepth, ok) - return ok - - ctx.set_verify(SSL.VERIFY_PEER - | SSL.VERIFY_FAIL_IF_NO_PEER_CERT - | SSL.VERIFY_CLIENT_ONCE, - verify_callback) - return ctx - - diff --git a/setup.py b/setup.py index e605d9baf1417a4982881eef065badb79d83aaa6..3877e0b7f7b4d4fe87102353630ea4962c64a6ae 100644 --- a/setup.py +++ b/setup.py @@ -9,7 +9,7 @@ setup( author="Autistici/Inventati", author_email="info@autistici.org", url="https://git.autistici.org/ai/authserv", - install_requires=["gevent", "python-ldap", "PyOpenSSL", "Flask", "python-memcached"], + install_requires=["gevent", "python-ldap", "Flask", "python-memcached"], setup_requires=[], zip_safe=False, packages=find_packages(),