NOT YET WORKING

[sfa.git] / sfa / client / sfaserverproxy.py

diff --git a/sfa/client/sfaserverproxy.py b/sfa/client/sfaserverproxy.py
index 6c11ee0..d1d0910 100644 (file)
--- a/sfa/client/sfaserverproxy.py
+++ b/sfa/client/sfaserverproxy.py
@@ -1,7 +1,6 @@
 # XMLRPC-specific code for SFA Client
 
-from sfa.util.ssl import simple_ssl_context
-
+import ssl
 import xmlrpc.client
 import http.client
 
@@ -38,6 +37,15 @@ class ExceptionUnmarshaller(xmlrpc.client.Unmarshaller):
 # targetting only python-2.7 we can get rid of some older code
 
 
+def sfa_client_ssl_context():
+    ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
+    ssl_context.verify_mode = ssl.CERT_NONE
+    ssl_context.check_hostname = False
+#    with open("root.gid") as root:
+#        ssl_context.load_verify_locations(cadata=root.read())
+    return ssl_context
+
+
 class XMLRPCTransport(xmlrpc.client.Transport):
 
     def __init__(self, key_file=None, cert_file=None, timeout=None):
@@ -51,26 +59,31 @@ class XMLRPCTransport(xmlrpc.client.Transport):
         # host may be a string, or a (host, x509-dict) tuple
         host, extra_headers, x509 = self.get_host_info(host)
         conn = http.client.HTTPSConnection(
-            host, None, key_file=self.key_file,
-            cert_file=self.cert_file, context=simple_ssl_context())
-
-        # Some logic to deal with timeouts. It appears that some (or all) versions
-        # of python don't set the timeout after the socket is created. We'll do it
-        # ourselves by forcing the connection to connect, finding the socket, and
-        # calling settimeout() on it. (tested with python 2.6)
-        if self.timeout:
-            if hasattr(conn, 'set_timeout'):
-                conn.set_timeout(self.timeout)
-
-            if hasattr(conn, "_conn"):
-                # HTTPS is a wrapper around HTTPSConnection
-                real_conn = conn._conn
-            else:
-                real_conn = conn
-            conn.connect()
-            if hasattr(real_conn, "sock") and hasattr(real_conn.sock, "settimeout"):
-                real_conn.sock.settimeout(float(self.timeout))
-
+            host, port=None,
+            key_file=self.key_file,
+            cert_file=self.cert_file,
+            timeout=self.timeout,
+            context=sfa_client_ssl_context(),
+            check_hostname=False,
+            )
+
+#        # Some logic to deal with timeouts. It appears that some (or all) versions
+#        # of python don't set the timeout after the socket is created. We'll do it
+#        # ourselves by forcing the connection to connect, finding the socket, and
+#        # calling settimeout() on it. (tested with python 2.6)
+#        if self.timeout:
+#            if hasattr(conn, 'set_timeout'):
+#                conn.set_timeout(self.timeout)
+#
+#            if hasattr(conn, "_conn"):
+#                # HTTPS is a wrapper around HTTPSConnection
+#                real_conn = conn._conn
+#            else:
+#                real_conn = conn
+#            conn.connect()
+#            if hasattr(real_conn, "sock") and hasattr(real_conn.sock, "settimeout"):
+#                real_conn.sock.settimeout(float(self.timeout))
+#
         return conn
 
     def getparser(self):
@@ -87,7 +100,7 @@ class XMLRPCServerProxy(xmlrpc.client.ServerProxy):
         self.url = url
         xmlrpc.client.ServerProxy.__init__(
             self, url, transport, allow_none=allow_none,
-            context=simple_ssl_context(), verbose=verbose)
+            context=sfa_client_ssl_context(), verbose=verbose)
 
     def __getattr__(self, attr):
         logger.debug("xml-rpc %s method:%s" % (self.url, attr))