# XMLRPC-specific code for SFA Client
+# starting with 2.7.9 we need to turn off server verification
+import ssl
+ssl_needs_unverified_context = hasattr(ssl, '_create_unverified_context')
+
import xmlrpclib
from httplib import HTTPS, HTTPSConnection
# host may be a string, or a (host, x509-dict) tuple
host, extra_headers, x509 = self.get_host_info(host)
if need_HTTPSConnection:
- #conn = HTTPSConnection(host, None, key_file=self.key_file, cert_file=self.cert_file, timeout=self.timeout) #**(x509 or {}))
- conn = HTTPSConnection(host, None, key_file=self.key_file, cert_file=self.cert_file) #**(x509 or {}))
+ if not ssl_needs_unverified_context:
+ conn = HTTPSConnection(host, None, key_file = self.key_file,
+ cert_file = self.cert_file)
+ else:
+ conn = HTTPSConnection(host, None, key_file = self.key_file,
+ cert_file = self.cert_file,
+ context = ssl._create_unverified_context())
else:
- #conn = HTTPS(host, None, key_file=self.key_file, cert_file=self.cert_file, timeout=self.timeout) #**(x509 or {}))
- conn = HTTPS(host, None, key_file=self.key_file, cert_file=self.cert_file) #**(x509 or {}))
-
- if hasattr(conn, 'set_timeout'):
- conn.set_timeout(self.timeout)
+ conn = HTTPS(host, None, key_file=self.key_file, cert_file=self.cert_file)
# Some logic to deal with timeouts. It appears that some (or all) versions
# of python don't set the timeout after the socket is created. We'll do it
# ourselves by forcing the connection to connect, finding the socket, and
# calling settimeout() on it. (tested with python 2.6)
if self.timeout:
+ if hasattr(conn, 'set_timeout'):
+ conn.set_timeout(self.timeout)
+
if hasattr(conn, "_conn"):
# HTTPS is a wrapper around HTTPSConnection
real_conn = conn._conn
class XMLRPCServerProxy(xmlrpclib.ServerProxy):
def __init__(self, url, transport, allow_none=True, verbose=False):
# remember url for GetVersion
+ # xxx not sure this is still needed as SfaServerProxy has this too
self.url=url
- xmlrpclib.ServerProxy.__init__(self, url, transport, allow_none=allow_none, verbose=verbose)
+ if not ssl_needs_unverified_context:
+ xmlrpclib.ServerProxy.__init__(self, url, transport, allow_none=allow_none,
+ verbose=verbose)
+ else:
+ xmlrpclib.ServerProxy.__init__(self, url, transport, allow_none=allow_none,
+ verbose=verbose,
+ context=ssl._create_unverified_context())
def __getattr__(self, attr):
- logger.debug ("xml-rpc %s method:%s"%(self.url,attr))
+ logger.debug ("xml-rpc %s method:%s" % (self.url, attr))
return xmlrpclib.ServerProxy.__getattr__(self, attr)
########## the object on which we can send methods that get sent over xmlrpc