Package tlslite :: Package integration :: Module xmlrpctransport
[hide private]
[frames] | no frames]

Source Code for Module tlslite.integration.xmlrpctransport

  1  # Authors:  
  2  #   Trevor Perrin 
  3  #   Kees Bos - Fixes for compatibility with different Python versions 
  4  # 
  5  # See the LICENSE file for legal information regarding use of this file. 
  6   
  7   
  8  """TLS Lite + xmlrpclib.""" 
  9   
 10  import xmlrpclib 
 11  import httplib 
 12  from tlslite.integration.httptlsconnection import HTTPTLSConnection 
 13  from tlslite.integration.clienthelper import ClientHelper 
 14  import tlslite.errors 
 15   
 16   
17 -class XMLRPCTransport(xmlrpclib.Transport, ClientHelper):
18 """Handles an HTTPS transaction to an XML-RPC server.""" 19 20 # Pre python 2.7, the make_connection returns a HTTP class 21 transport = xmlrpclib.Transport() 22 conn_class_is_http = not hasattr(transport, '_connection') 23 del(transport) 24
25 - def __init__(self, use_datetime=0, 26 username=None, password=None, 27 certChain=None, privateKey=None, 28 checker=None, 29 settings=None, 30 ignoreAbruptClose=False):
31 """Create a new XMLRPCTransport. 32 33 An instance of this class can be passed to L{xmlrpclib.ServerProxy} 34 to use TLS with XML-RPC calls:: 35 36 from tlslite import XMLRPCTransport 37 from xmlrpclib import ServerProxy 38 39 transport = XMLRPCTransport(user="alice", password="abra123") 40 server = ServerProxy("https://localhost", transport) 41 42 For client authentication, use one of these argument 43 combinations: 44 - username, password (SRP) 45 - certChain, privateKey (certificate) 46 47 For server authentication, you can either rely on the 48 implicit mutual authentication performed by SRP or 49 you can do certificate-based server 50 authentication with one of these argument combinations: 51 - x509Fingerprint 52 53 Certificate-based server authentication is compatible with 54 SRP or certificate-based client authentication. 55 56 The constructor does not perform the TLS handshake itself, but 57 simply stores these arguments for later. The handshake is 58 performed only when this class needs to connect with the 59 server. Thus you should be prepared to handle TLS-specific 60 exceptions when calling methods of L{xmlrpclib.ServerProxy}. See the 61 client handshake functions in 62 L{tlslite.TLSConnection.TLSConnection} for details on which 63 exceptions might be raised. 64 65 @type username: str 66 @param username: SRP username. Requires the 67 'password' argument. 68 69 @type password: str 70 @param password: SRP password for mutual authentication. 71 Requires the 'username' argument. 72 73 @type certChain: L{tlslite.x509certchain.X509CertChain} 74 @param certChain: Certificate chain for client authentication. 75 Requires the 'privateKey' argument. Excludes the SRP arguments. 76 77 @type privateKey: L{tlslite.utils.rsakey.RSAKey} 78 @param privateKey: Private key for client authentication. 79 Requires the 'certChain' argument. Excludes the SRP arguments. 80 81 @type checker: L{tlslite.checker.Checker} 82 @param checker: Callable object called after handshaking to 83 evaluate the connection and raise an Exception if necessary. 84 85 @type settings: L{tlslite.handshakesettings.HandshakeSettings} 86 @param settings: Various settings which can be used to control 87 the ciphersuites, certificate types, and SSL/TLS versions 88 offered by the client. 89 90 @type ignoreAbruptClose: bool 91 @param ignoreAbruptClose: ignore the TLSAbruptCloseError on 92 unexpected hangup. 93 """ 94 95 # self._connection is new in python 2.7, since we're using it here, 96 # we'll add this ourselves too, just in case we're pre-2.7 97 self._connection = (None, None) 98 xmlrpclib.Transport.__init__(self, use_datetime) 99 self.ignoreAbruptClose = ignoreAbruptClose 100 ClientHelper.__init__(self, 101 username, password, 102 certChain, privateKey, 103 checker, 104 settings)
105
106 - def make_connection(self, host):
107 # return an existing connection if possible. This allows 108 # HTTP/1.1 keep-alive. 109 if self._connection and host == self._connection[0]: 110 http = self._connection[1] 111 else: 112 # create a HTTPS connection object from a host descriptor 113 chost, extra_headers, x509 = self.get_host_info(host) 114 115 http = HTTPTLSConnection(chost, None, 116 username=self.username, password=self.password, 117 certChain=self.certChain, privateKey=self.privateKey, 118 checker=self.checker, 119 settings=self.settings, 120 ignoreAbruptClose=self.ignoreAbruptClose) 121 # store the host argument along with the connection object 122 self._connection = host, http 123 if not self.conn_class_is_http: 124 return http 125 http2 = httplib.HTTP() 126 http2._setup(http) 127 return http2
128