X-Git-Url: http://git.onelab.eu/?p=sfa.git;a=blobdiff_plain;f=sfa%2Fclient%2Fsfaserverproxy.py;fp=sfa%2Fclient%2Fsfaserverproxy.py;h=6c11ee0603779522fabef175bc46385c72e6f0ed;hp=457a1d252072b6aefd9cd66d33317d88b356a051;hb=2b8fb7af76b173ad4ad6583dbedbdf11a49f9549;hpb=c9e68794de46ad75c8d24ccbf946d14bd33f1626 diff --git a/sfa/client/sfaserverproxy.py b/sfa/client/sfaserverproxy.py index 457a1d25..6c11ee06 100644 --- a/sfa/client/sfaserverproxy.py +++ b/sfa/client/sfaserverproxy.py @@ -1,11 +1,6 @@ # XMLRPC-specific code for SFA Client -# starting with 2.7.9 we need to turn off server verification -import ssl -try: - turn_off_server_verify = {'context': ssl._create_unverified_context()} -except: - turn_off_server_verify = {} +from sfa.util.ssl import simple_ssl_context import xmlrpc.client import http.client @@ -55,9 +50,9 @@ class XMLRPCTransport(xmlrpc.client.Transport): # create a HTTPS connection object from a host descriptor # host may be a string, or a (host, x509-dict) tuple host, extra_headers, x509 = self.get_host_info(host) - conn = http.client.HTTPSConnection(host, None, key_file=self.key_file, - cert_file=self.cert_file, - **turn_off_server_verify) + conn = http.client.HTTPSConnection( + host, None, key_file=self.key_file, + cert_file=self.cert_file, context=simple_ssl_context()) # Some logic to deal with timeouts. It appears that some (or all) versions # of python don't set the timeout after the socket is created. We'll do it @@ -90,9 +85,9 @@ class XMLRPCServerProxy(xmlrpc.client.ServerProxy): # remember url for GetVersion # xxx not sure this is still needed as SfaServerProxy has this too self.url = url - xmlrpc.client.ServerProxy.__init__(self, url, transport, allow_none=allow_none, - verbose=verbose, - **turn_off_server_verify) + xmlrpc.client.ServerProxy.__init__( + self, url, transport, allow_none=allow_none, + context=simple_ssl_context(), verbose=verbose) def __getattr__(self, attr): logger.debug("xml-rpc %s method:%s" % (self.url, attr))