diff options
author | Narayan Desai <desai@mcs.anl.gov> | 2009-12-09 17:22:58 +0000 |
---|---|---|
committer | Narayan Desai <desai@mcs.anl.gov> | 2009-12-09 17:22:58 +0000 |
commit | 7d803fd552feeeac071848aef58b2314276ab21f (patch) | |
tree | 54fe3422c54fc63a01a15ab152f055818cff1c6e /src | |
parent | d132920c68b8d01b4555c4a5a5f72b6cfe293f2e (diff) | |
download | bcfg2-7d803fd552feeeac071848aef58b2314276ab21f.tar.gz bcfg2-7d803fd552feeeac071848aef58b2314276ab21f.tar.bz2 bcfg2-7d803fd552feeeac071848aef58b2314276ab21f.zip |
Proxy: better error handling (Resolves Ticket #810)
- Handle M2Crypto wrongHost errors cleanly
- auto-resolve IP addresses given in server URLs
git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@5616 ce84e21b-d406-0410-9b95-82705330c041
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/Proxy.py | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/src/lib/Proxy.py b/src/lib/Proxy.py index ac083dfa6..e24a70aec 100644 --- a/src/lib/Proxy.py +++ b/src/lib/Proxy.py @@ -14,6 +14,7 @@ from xmlrpclib import _Method import httplib import logging +import re import socket # The ssl module is provided by either Python 2.6 or a separate ssl @@ -25,6 +26,7 @@ try: SSL_LIB = 'py26_ssl' except ImportError, e: from M2Crypto import SSL + import M2Crypto.SSL.Checker SSL_LIB = 'm2crypto' @@ -220,7 +222,20 @@ class SSLHTTPConnection(httplib.HTTPConnection): self.logger.warning("SSL key specfied, but no cert. Cannot authenticate this client with SSL.") self.sock = SSL.Connection(ctx) - self.sock.connect((self.host, self.port)) # automatically checks cert matches host + if re.match('\\d+\\.\\d+\\.\\d+\\.\\d+', self.host): + # host is ip address + try: + hostname = socket.gethostbyaddr(self.host)[0] + except: + # fall back to ip address + hostname = self.host + else: + hostname = self.host + try: + self.sock.connect((hostname, self.port)) + # automatically checks cert matches host + except M2Crypto.SSL.Checker.WrongHost, wr: + raise CertificateError, wr class XMLRPCTransport(xmlrpclib.Transport): |