-import xmlrpclib
+import safexmlrpc
import hmac, sha
class PLCAPI:
"""
- Wrapper around xmlrpclib.ServerProxy to automagically add an Auth
+ Wrapper around safexmlrpc.ServerProxy to automagically add an Auth
struct as the first argument to every XML-RPC call. Initialize
auth with either:
self.node_id = self.key = None
self.session = auth
- self.server = xmlrpclib.ServerProxy(uri, allow_none = 1, **kwds)
+ self.server = safexmlrpc.ServerProxy(uri, allow_none = 1, **kwds)
def add_auth(self, function):
"""
--- /dev/null
+"""Leverage curl to make XMLRPC requests that check the server's credentials."""
+
+from subprocess import PIPE, Popen
+import xmlrpclib
+
+
+CURL = '/usr/bin/curl'
+
+class CertificateCheckingSafeTransport(xmlrpclib.Transport):
+ def request(self, host, handler, request_body, verbose=0):
+ self.verbose = verbose
+ p = Popen((CURL, '--cacert', '/usr/boot/cacert.pem', '--data', '@-', 'https://%s%s' % (host, handler)), stdin=PIPE, stdout=PIPE, stderr=PIPE)
+ p.stdin.write(request_body)
+ p.stdin.close()
+ contents = p.stdout.read()
+ p.stdout.close()
+ error = p.stderr.read()
+ p.stderr.close()
+ rc = p.wait()
+ if rc != 0: raise xmlrpclib.ProtocolError(host + handler, rc, error, '')
+ return xmlrpclib.loads(contents)[0]
+
+class ServerProxy(xmlrpclib.ServerProxy):
+ def __init__(self, handler, *args, **kw_args): xmlrpclib.ServerProxy.__init__(self, handler, CertificateCheckingSafeTransport())
def verify(signed_msg):
"""If <signed_msg> is a valid signed document, return its contents. Otherwise, return None."""
- p = _popen_gpg('--decrypt')
+ p = _popen_gpg('--decrypt', '--keyring', '/usr/boot/pubring.gpg', '--no-default-keyring')
p.stdin.write(signed_msg)
p.stdin.close()
msg = p.stdout.read()