summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorNarayan Desai <desai@mcs.anl.gov>2009-05-06 01:26:30 +0000
committerNarayan Desai <desai@mcs.anl.gov>2009-05-06 01:26:30 +0000
commit38cc3b18f268fd23db7fe22e80d5974a65fde55b (patch)
treecdbd789edf6b5c90635d817a2844d34c51b8b28c /src
parentad810e4cd9150dc79db2a8846875355affb88505 (diff)
downloadbcfg2-38cc3b18f268fd23db7fe22e80d5974a65fde55b.tar.gz
bcfg2-38cc3b18f268fd23db7fe22e80d5974a65fde55b.tar.bz2
bcfg2-38cc3b18f268fd23db7fe22e80d5974a65fde55b.zip
Proxy support for keys/certs/cas
git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@5184 ce84e21b-d406-0410-9b95-82705330c041
Diffstat (limited to 'src')
-rw-r--r--src/lib/Proxy.py28
1 files changed, 23 insertions, 5 deletions
diff --git a/src/lib/Proxy.py b/src/lib/Proxy.py
index bb392b552..59255b36e 100644
--- a/src/lib/Proxy.py
+++ b/src/lib/Proxy.py
@@ -50,16 +50,34 @@ class RetryMethod(_Method):
xmlrpclib._Method = RetryMethod
class SSLHTTPConnection(httplib.HTTPConnection):
+ def __init__(self, host, port=None, strict=None, timeout=90, key=None,
+ cert=None, ca=None):
+ httplib.HTTPConnection.__init__(self, host, port, strict, timeout)
+ self.key = key
+ self.cert = cert
+ self.ca = ca
+ if self.ca:
+ self.ca_mode = ssl.CERT_REQUIRED
+ else:
+ self.ca_mode = ssl.CERT_NONE
+
def connect(self):
rawsock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- rawsock.settimeout(90)
- self.sock = ssl.SSLSocket(rawsock,
- suppress_ragged_eofs=True)
+ rawsock.settimeout(self.timeout)
+ self.sock = ssl.SSLSocket(rawsock, cert_reqs=self.ca_mode,
+ ca_certs=self.ca, suppress_ragged_eofs=True,
+ keyfile=self.key, certfile=self.cert)
self.sock.connect((self.host, self.port))
self.sock.closeSocket = True
class XMLRPCTransport(xmlrpclib.Transport):
+ def __init__(self, key=None, cert=None, ca=None, use_datetime=0):
+ xmlrpclib.Transport.__init__(self, use_datetime)
+ self.key = key
+ self.cert = cert
+ self.ca = ca
+
def make_connection(self, host):
host = self.get_host_info(host)[0]
http = SSLHTTPConnection(host)
@@ -68,7 +86,7 @@ class XMLRPCTransport(xmlrpclib.Transport):
return https
def ComponentProxy (url, user=None, password=None, fingerprint=None,
- key=None, cert=None):
+ key=None, cert=None, ca=None):
"""Constructs proxies to components.
@@ -83,6 +101,6 @@ def ComponentProxy (url, user=None, password=None, fingerprint=None,
newurl = "%s://%s:%s@%s" % (method, user, password, path)
else:
newurl = url
- ssl_trans = XMLRPCTransport()
+ ssl_trans = XMLRPCTransport(key, cert, ca)
return xmlrpclib.ServerProxy(newurl, allow_none=True, transport=ssl_trans)