diff --git a/src/common/check_paths.py b/src/common/check_paths.py index 4ce00dcf9..9d623e333 100644 --- a/src/common/check_paths.py +++ b/src/common/check_paths.py @@ -268,7 +268,7 @@ def check_and_possibly_create_paths(): MY_DATA = configpaths.gajimpaths['MY_DATA'] MY_CONFIG = configpaths.gajimpaths['MY_CONFIG'] MY_CACHE = configpaths.gajimpaths['MY_CACHE'] - XTLS_CERTS = os.path.expanduser('~/certs/') + XTLS_CERTS = os.path.expanduser(jingle_xtls.CERTIFICATE_DIR) if not os.path.exists(MY_DATA): create_path(MY_DATA) @@ -338,7 +338,7 @@ def check_and_possibly_create_paths(): if not os.path.exists(XTLS_CERTS): create_path(XTLS_CERTS) if not (os.path.exists(os.path.join(XTLS_CERTS, jingle_xtls.SELF_SIGNED_CERTIFICATE + '.cert')) and - os.path.exist(os.path.join(XTLS_CERTS, jingle_xtls.SELF_SIGNED_CERTIFICATE + '.pkey'))): + os.path.exists(os.path.join(XTLS_CERTS, jingle_xtls.SELF_SIGNED_CERTIFICATE + '.pkey'))): jingle_xtls.make_certs(XTLS_CERTS + jingle_xtls.SELF_SIGNED_CERTIFICATE, 'gajim') diff --git a/src/common/jingle_xtls.py b/src/common/jingle_xtls.py index 1b1b00400..ea932b672 100644 --- a/src/common/jingle_xtls.py +++ b/src/common/jingle_xtls.py @@ -34,6 +34,7 @@ if PYOPENSSL_PRESENT: from OpenSSL.SSL import Context from OpenSSL import crypto +CERTIFICATE_DIR = '~/certs/' SELF_SIGNED_CERTIFICATE = 'localcert' def default_callback(connection, certificate, error_num, depth, return_code): @@ -84,11 +85,11 @@ def get_context(fingerprint, verify_cb=None): elif fingerprint == 'client': ctx.set_verify(SSL.VERIFY_PEER, verify_cb or default_callback) - ctx.use_privatekey_file (os.path.expanduser('~/certs/' + SELF_SIGNED_CERTIFICATE + '.pkey')) - ctx.use_certificate_file(os.path.expanduser('~/certs/' + SELF_SIGNED_CERTIFICATE + '.cert')) + ctx.use_privatekey_file (os.path.expanduser(CERTIFICATE_DIR + SELF_SIGNED_CERTIFICATE + '.pkey')) + ctx.use_certificate_file(os.path.expanduser(CERTIFICATE_DIR + SELF_SIGNED_CERTIFICATE + '.cert')) store = ctx.get_cert_store() - for f in os.listdir(os.path.expanduser('~/certs/')): - load_cert_file(os.path.join(os.path.expanduser('~/certs'), f), store) + for f in os.listdir(os.path.expanduser(CERTIFICATE_DIR)): + load_cert_file(os.path.join(os.path.expanduser(CERTIFICATE_DIR), f), store) return ctx # the following code is partly due to pyopenssl examples