# XMLRPC-specific code for SFA Client
-from sfa.util.ssl import simple_ssl_context
-
+import ssl
import xmlrpc.client
import http.client
# targetting only python-2.7 we can get rid of some older code
+def sfa_client_ssl_context():
+ ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
+ ssl_context.verify_mode = ssl.CERT_NONE
+ ssl_context.check_hostname = False
+# with open("root.gid") as root:
+# ssl_context.load_verify_locations(cadata=root.read())
+ return ssl_context
+
+
class XMLRPCTransport(xmlrpc.client.Transport):
def __init__(self, key_file=None, cert_file=None, timeout=None):
# host may be a string, or a (host, x509-dict) tuple
host, extra_headers, x509 = self.get_host_info(host)
conn = http.client.HTTPSConnection(
- host, None, key_file=self.key_file,
- cert_file=self.cert_file, context=simple_ssl_context())
-
- # Some logic to deal with timeouts. It appears that some (or all) versions
- # of python don't set the timeout after the socket is created. We'll do it
- # ourselves by forcing the connection to connect, finding the socket, and
- # calling settimeout() on it. (tested with python 2.6)
- if self.timeout:
- if hasattr(conn, 'set_timeout'):
- conn.set_timeout(self.timeout)
-
- if hasattr(conn, "_conn"):
- # HTTPS is a wrapper around HTTPSConnection
- real_conn = conn._conn
- else:
- real_conn = conn
- conn.connect()
- if hasattr(real_conn, "sock") and hasattr(real_conn.sock, "settimeout"):
- real_conn.sock.settimeout(float(self.timeout))
-
+ host, port=None,
+ key_file=self.key_file,
+ cert_file=self.cert_file,
+ timeout=self.timeout,
+ context=sfa_client_ssl_context(),
+ check_hostname=False,
+ )
+
+# # Some logic to deal with timeouts. It appears that some (or all) versions
+# # of python don't set the timeout after the socket is created. We'll do it
+# # ourselves by forcing the connection to connect, finding the socket, and
+# # calling settimeout() on it. (tested with python 2.6)
+# if self.timeout:
+# if hasattr(conn, 'set_timeout'):
+# conn.set_timeout(self.timeout)
+#
+# if hasattr(conn, "_conn"):
+# # HTTPS is a wrapper around HTTPSConnection
+# real_conn = conn._conn
+# else:
+# real_conn = conn
+# conn.connect()
+# if hasattr(real_conn, "sock") and hasattr(real_conn.sock, "settimeout"):
+# real_conn.sock.settimeout(float(self.timeout))
+#
return conn
def getparser(self):
self.url = url
xmlrpc.client.ServerProxy.__init__(
self, url, transport, allow_none=allow_none,
- context=simple_ssl_context(), verbose=verbose)
+ context=sfa_client_ssl_context(), verbose=verbose)
def __getattr__(self, attr):
logger.debug("xml-rpc %s method:%s" % (self.url, attr))