[tor-bugs] #28788 [Core Tor/sbws]: Document configuration verify option and disable urllib3
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Dec 8 16:56:51 UTC 2018
#28788: Document configuration verify option and disable urllib3
-------------------------------+-------------------------------
Reporter: juga | Owner: (none)
Type: defect | Status: assigned
Priority: Medium | Milestone: sbws: 1.0.x-final
Component: Core Tor/sbws | Version: sbws: 1.0.2
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-------------------------------+-------------------------------
In #28647 we say that it's ok that the destination certificate is self-
signed.
There was no any documentation about how sbws could accept self-signed
certificates and the default was hard-coded.
There're different ways to validate certificates with Python requests
(http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-
verification), but the only one implemented is to don't verify the
certificate.
The simpler way to accept self-signed certificates is to don't verify it.
When using this option, there're urllib3 warnings that should be disabled.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28788>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list