XML-RPC and M2Crypto
Don Mills
drm2 at dss.state.va.us
Tue Dec 31 15:41:13 EST 2002
I have been using the M2Crypto python libs to prototype some XML-RPC over
SSL and have noticed a persistent problem with the httpslib.py code and
client side authentication. Any construct from this module more complex than
HTTPSConnection will not send the client certificate. I tracked the problem
down to the class definition of HTTPS which uses the standard library
HTTP.__init__. The problem is that the SSL_context I have defined is not
loaded as the HTTP._init_ merely calls
HTTP._setup(self._connection_class(host, port)).
So I changed it (M2Crypto.httpslib.py) to this:
class HTTPS(HTTP):
_connection_class = HTTPSConnection
def __init__(self, host='', port=None, **ssl):
try:
self.ssl_ctx = ssl['ssl_context']
except KeyError:
self.ssl_ctx = SSL.Context('sslv23')
self._setup(self._connection_class(host,\
port,ssl_context=self.ssl_ctx))
This seems to fix the problem. I also have extended the SimpleXMLRPCServer
class to add SSL as below:
class SimpleSSLXMLRPCServer(SSL.SSLServer, SimpleXMLRPCServer):
def __init__(self, ssl_context, address,\
RequestHandler=SimpleXMLRPCRequestHandler,\
logRequests=1):
SSL.SSLServer.__init__(self, address, RequestHandler,
ssl_context)
self.funcs = {}
self.logRequests = logRequests
self.instance = None
def finish(self):
self.request.set_shutdown(SSL.SSL_RECEIVED_SHUTDOWN | \
SSL.SSL_SENT_SHUTDOWN)
self.request.close()
Hope you can make use of these...
DRM
--
Don Mills
Network Security/WAN Architect
VA Dept. of Social Services
drm2 at dss.state.va.us
More information about the Python-list
mailing list