# XMLRPC-specific code for SFA Client
-# starting with 2.7.9 we need to turn off server verification
import ssl
-try:
- turn_off_server_verify = {'context': ssl._create_unverified_context()}
-except:
- turn_off_server_verify = {}
-
-from sfa.util.py23 import xmlrpc_client
-from sfa.util.py23 import http_client
+import xmlrpc.client
+import http.client
try:
from sfa.util.sfalogging import logger
pass
-class ExceptionUnmarshaller(xmlrpc_client.Unmarshaller):
+class ExceptionUnmarshaller(xmlrpc.client.Unmarshaller):
def close(self):
try:
- return xmlrpc_client.Unmarshaller.close(self)
- except xmlrpc_client.Fault as e:
+ return xmlrpc.client.Unmarshaller.close(self)
+ except xmlrpc.client.Fault as e:
raise ServerException(e.faultString)
##
# targetting only python-2.7 we can get rid of some older code
-class XMLRPCTransport(xmlrpc_client.Transport):
+def sfa_client_ssl_context():
+ ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
+ ssl_context.verify_mode = ssl.CERT_NONE
+ ssl_context.check_hostname = False
+# with open("root.gid") as root:
+# ssl_context.load_verify_locations(cadata=root.read())
+ return ssl_context
+
+
+class XMLRPCTransport(xmlrpc.client.Transport):
def __init__(self, key_file=None, cert_file=None, timeout=None):
- xmlrpc_client.Transport.__init__(self)
+ xmlrpc.client.Transport.__init__(self)
self.timeout = timeout
self.key_file = key_file
self.cert_file = cert_file
# create a HTTPS connection object from a host descriptor
# host may be a string, or a (host, x509-dict) tuple
host, extra_headers, x509 = self.get_host_info(host)
- conn = http_client.HTTPSConnection(host, None, key_file=self.key_file,
- cert_file=self.cert_file,
- **turn_off_server_verify)
-
- # Some logic to deal with timeouts. It appears that some (or all) versions
- # of python don't set the timeout after the socket is created. We'll do it
- # ourselves by forcing the connection to connect, finding the socket, and
- # calling settimeout() on it. (tested with python 2.6)
- if self.timeout:
- if hasattr(conn, 'set_timeout'):
- conn.set_timeout(self.timeout)
-
- if hasattr(conn, "_conn"):
- # HTTPS is a wrapper around HTTPSConnection
- real_conn = conn._conn
- else:
- real_conn = conn
- conn.connect()
- if hasattr(real_conn, "sock") and hasattr(real_conn.sock, "settimeout"):
- real_conn.sock.settimeout(float(self.timeout))
-
+ conn = http.client.HTTPSConnection(
+ host, port=None,
+ key_file=self.key_file,
+ cert_file=self.cert_file,
+ timeout=self.timeout,
+ context=sfa_client_ssl_context(),
+ check_hostname=False,
+ )
+
+# # Some logic to deal with timeouts. It appears that some (or all) versions
+# # of python don't set the timeout after the socket is created. We'll do it
+# # ourselves by forcing the connection to connect, finding the socket, and
+# # calling settimeout() on it. (tested with python 2.6)
+# if self.timeout:
+# if hasattr(conn, 'set_timeout'):
+# conn.set_timeout(self.timeout)
+#
+# if hasattr(conn, "_conn"):
+# # HTTPS is a wrapper around HTTPSConnection
+# real_conn = conn._conn
+# else:
+# real_conn = conn
+# conn.connect()
+# if hasattr(real_conn, "sock") and hasattr(real_conn.sock, "settimeout"):
+# real_conn.sock.settimeout(float(self.timeout))
+#
return conn
def getparser(self):
unmarshaller = ExceptionUnmarshaller()
- parser = xmlrpc_client.ExpatParser(unmarshaller)
+ parser = xmlrpc.client.ExpatParser(unmarshaller)
return parser, unmarshaller
-class XMLRPCServerProxy(xmlrpc_client.ServerProxy):
+class XMLRPCServerProxy(xmlrpc.client.ServerProxy):
def __init__(self, url, transport, allow_none=True, verbose=False):
# remember url for GetVersion
# xxx not sure this is still needed as SfaServerProxy has this too
self.url = url
- xmlrpc_client.ServerProxy.__init__(self, url, transport, allow_none=allow_none,
- verbose=verbose,
- **turn_off_server_verify)
+ xmlrpc.client.ServerProxy.__init__(
+ self, url, transport, allow_none=allow_none,
+ context=sfa_client_ssl_context(), verbose=verbose)
def __getattr__(self, attr):
logger.debug("xml-rpc %s method:%s" % (self.url, attr))
- return xmlrpc_client.ServerProxy.__getattr__(self, attr)
+ return xmlrpc.client.ServerProxy.__getattr__(self, attr)
# the object on which we can send methods that get sent over xmlrpc
self.certfile = certfile
self.verbose = verbose
self.timeout = timeout
- # an instance of xmlrpc_client.ServerProxy
+ # an instance of xmlrpc.client.ServerProxy
transport = XMLRPCTransport(keyfile, certfile, timeout)
self.serverproxy = XMLRPCServerProxy(
url, transport, allow_none=True, verbose=verbose)