X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fclient%2Fsfaserverproxy.py;h=d1d091073442be1f672d3b9afdd3450df21ca9f4;hb=refs%2Fheads%2Fpython3;hp=18b77131a956bc0a4aead85ad36fc2f5d906172e;hpb=935de64c2ed3a68566da471c68447a1ac384455d;p=sfa.git

diff --git a/sfa/client/sfaserverproxy.py b/sfa/client/sfaserverproxy.py
index 18b77131..d1d09107 100644
--- a/sfa/client/sfaserverproxy.py
+++ b/sfa/client/sfaserverproxy.py
@@ -1,13 +1,14 @@
 # XMLRPC-specific code for SFA Client
 
-import xmlrpclib
-from httplib import HTTPS, HTTPSConnection
+import ssl
+import xmlrpc.client
+import http.client
 
 try:
     from sfa.util.sfalogging import logger
 except:
     import logging
-    logger=logging.getLogger('sfaserverproxy')
+    logger = logging.getLogger('sfaserverproxy')
 
 ##
 # ServerException, ExceptionUnmarshaller
@@ -15,14 +16,17 @@ except:
 # Used to convert server exception strings back to an exception.
 #    from usenet, Raghuram Devarakonda
 
+
 class ServerException(Exception):
     pass
 
-class ExceptionUnmarshaller(xmlrpclib.Unmarshaller):
+
+class ExceptionUnmarshaller(xmlrpc.client.Unmarshaller):
+
     def close(self):
         try:
-            return xmlrpclib.Unmarshaller.close(self)
-        except xmlrpclib.Fault, e:
+            return xmlrpc.client.Unmarshaller.close(self)
+        except xmlrpc.client.Fault as e:
             raise ServerException(e.faultString)
 
 ##
@@ -30,81 +34,95 @@ class ExceptionUnmarshaller(xmlrpclib.Unmarshaller):
 #
 # A transport for XMLRPC that works on top of HTTPS
 
-# python 2.7 xmlrpclib has changed its internal code
-# it now calls 'getresponse' on the obj returned by make_connection
-# while it used to call 'getreply'
-# regardless of the version, httplib.HTTPS does implement getreply, 
-# while httplib.HTTPSConnection has getresponse
-# so we create a dummy instance to check what's expected
-need_HTTPSConnection=hasattr(xmlrpclib.Transport().make_connection('localhost'),'getresponse')
+# targetting only python-2.7 we can get rid of some older code
+
+
+def sfa_client_ssl_context():
+    ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
+    ssl_context.verify_mode = ssl.CERT_NONE
+    ssl_context.check_hostname = False
+#    with open("root.gid") as root:
+#        ssl_context.load_verify_locations(cadata=root.read())
+    return ssl_context
+
+
+class XMLRPCTransport(xmlrpc.client.Transport):
 
-class XMLRPCTransport(xmlrpclib.Transport):
-    
     def __init__(self, key_file=None, cert_file=None, timeout=None):
-        xmlrpclib.Transport.__init__(self)
-        self.timeout=timeout
+        xmlrpc.client.Transport.__init__(self)
+        self.timeout = timeout
         self.key_file = key_file
         self.cert_file = cert_file
-        
+
     def make_connection(self, host):
         # create a HTTPS connection object from a host descriptor
         # host may be a string, or a (host, x509-dict) tuple
         host, extra_headers, x509 = self.get_host_info(host)
-        if need_HTTPSConnection:
-            #conn = HTTPSConnection(host, None, key_file=self.key_file, cert_file=self.cert_file, timeout=self.timeout) #**(x509 or {}))
-            conn = HTTPSConnection(host, None, key_file=self.key_file, cert_file=self.cert_file) #**(x509 or {}))
-        else:
-            #conn = HTTPS(host, None, key_file=self.key_file, cert_file=self.cert_file, timeout=self.timeout) #**(x509 or {}))
-            conn = HTTPS(host, None, key_file=self.key_file, cert_file=self.cert_file) #**(x509 or {}))
-
-        if hasattr(conn, 'set_timeout'):
-            conn.set_timeout(self.timeout)
-
-        # Some logic to deal with timeouts. It appears that some (or all) versions
-        # of python don't set the timeout after the socket is created. We'll do it
-        # ourselves by forcing the connection to connect, finding the socket, and
-        # calling settimeout() on it. (tested with python 2.6)
-        if self.timeout:
-            if hasattr(conn, "_conn"):
-                # HTTPS is a wrapper around HTTPSConnection
-                real_conn = conn._conn
-            else:
-                real_conn = conn
-            conn.connect()
-            if hasattr(real_conn, "sock") and hasattr(real_conn.sock, "settimeout"):
-                real_conn.sock.settimeout(float(self.timeout))
-
+        conn = http.client.HTTPSConnection(
+            host, port=None,
+            key_file=self.key_file,
+            cert_file=self.cert_file,
+            timeout=self.timeout,
+            context=sfa_client_ssl_context(),
+            check_hostname=False,
+            )
+
+#        # Some logic to deal with timeouts. It appears that some (or all) versions
+#        # of python don't set the timeout after the socket is created. We'll do it
+#        # ourselves by forcing the connection to connect, finding the socket, and
+#        # calling settimeout() on it. (tested with python 2.6)
+#        if self.timeout:
+#            if hasattr(conn, 'set_timeout'):
+#                conn.set_timeout(self.timeout)
+#
+#            if hasattr(conn, "_conn"):
+#                # HTTPS is a wrapper around HTTPSConnection
+#                real_conn = conn._conn
+#            else:
+#                real_conn = conn
+#            conn.connect()
+#            if hasattr(real_conn, "sock") and hasattr(real_conn.sock, "settimeout"):
+#                real_conn.sock.settimeout(float(self.timeout))
+#
         return conn
 
     def getparser(self):
         unmarshaller = ExceptionUnmarshaller()
-        parser = xmlrpclib.ExpatParser(unmarshaller)
+        parser = xmlrpc.client.ExpatParser(unmarshaller)
         return parser, unmarshaller
 
-class XMLRPCServerProxy(xmlrpclib.ServerProxy):
+
+class XMLRPCServerProxy(xmlrpc.client.ServerProxy):
+
     def __init__(self, url, transport, allow_none=True, verbose=False):
         # remember url for GetVersion
-        self.url=url
-        xmlrpclib.ServerProxy.__init__(self, url, transport, allow_none=allow_none, verbose=verbose)
+        # xxx not sure this is still needed as SfaServerProxy has this too
+        self.url = url
+        xmlrpc.client.ServerProxy.__init__(
+            self, url, transport, allow_none=allow_none,
+            context=sfa_client_ssl_context(), verbose=verbose)
 
     def __getattr__(self, attr):
-        logger.debug ("xml-rpc %s method:%s"%(self.url,attr))
-        return xmlrpclib.ServerProxy.__getattr__(self, attr)
+        logger.debug("xml-rpc %s method:%s" % (self.url, attr))
+        return xmlrpc.client.ServerProxy.__getattr__(self, attr)
+
+# the object on which we can send methods that get sent over xmlrpc
+
 
-########## the object on which we can send methods that get sent over xmlrpc
 class SfaServerProxy:
 
-    def __init__ (self, url, keyfile, certfile, verbose=False, timeout=None):
-        self.url=url
-        self.keyfile=keyfile
-        self.certfile=certfile
-        self.verbose=verbose
-        self.timeout=timeout
-        # an instance of xmlrpclib.ServerProxy
+    def __init__(self, url, keyfile, certfile, verbose=False, timeout=None):
+        self.url = url
+        self.keyfile = keyfile
+        self.certfile = certfile
+        self.verbose = verbose
+        self.timeout = timeout
+        # an instance of xmlrpc.client.ServerProxy
         transport = XMLRPCTransport(keyfile, certfile, timeout)
-        self.serverproxy = XMLRPCServerProxy(url, transport, allow_none=True, verbose=verbose)
+        self.serverproxy = XMLRPCServerProxy(
+            url, transport, allow_none=True, verbose=verbose)
 
-    # this is python magic to return the code to run when 
+    # this is python magic to return the code to run when
     # SfaServerProxy receives a method call
     # so essentially we send the same method with identical arguments
     # to the server_proxy object
@@ -112,4 +130,3 @@ class SfaServerProxy:
         def func(*args, **kwds):
             return getattr(self.serverproxy, name)(*args, **kwds)
         return func
-