Package tlslite :: Package integration :: Module xmlrpctransport
[hide private]
[frames] | no frames]

Source Code for Module tlslite.integration.xmlrpctransport

  1  # Author: Trevor Perrin 
  2  # See the LICENSE file for legal information regarding use of this file. 
  3   
  4  """TLS Lite + xmlrpclib.""" 
  5   
  6  import xmlrpclib 
  7  import httplib 
  8  from tlslite.integration.httptlsconnection import HTTPTLSConnection 
  9  from tlslite.integration.clienthelper import ClientHelper 
 10   
 11   
12 -class XMLRPCTransport(xmlrpclib.Transport, ClientHelper):
13 """Handles an HTTPS transaction to an XML-RPC server.""" 14
15 - def __init__(self, 16 username=None, password=None, 17 certChain=None, privateKey=None, 18 x509Fingerprint=None, 19 tackID=None, 20 hardTack=None, 21 settings=None):
22 """Create a new XMLRPCTransport. 23 24 An instance of this class can be passed to L{xmlrpclib.ServerProxy} 25 to use TLS with XML-RPC calls:: 26 27 from tlslite import XMLRPCTransport 28 from xmlrpclib import ServerProxy 29 30 transport = XMLRPCTransport(user="alice", password="abra123") 31 server = ServerProxy("https://localhost", transport) 32 33 For client authentication, use one of these argument 34 combinations: 35 - username, password (SRP) 36 - certChain, privateKey (certificate) 37 38 For server authentication, you can either rely on the 39 implicit mutual authentication performed by SRP or 40 you can do certificate-based server 41 authentication with one of these argument combinations: 42 - x509Fingerprint 43 44 Certificate-based server authentication is compatible with 45 SRP or certificate-based client authentication. 46 47 The constructor does not perform the TLS handshake itself, but 48 simply stores these arguments for later. The handshake is 49 performed only when this class needs to connect with the 50 server. Thus you should be prepared to handle TLS-specific 51 exceptions when calling methods of L{xmlrpclib.ServerProxy}. See the 52 client handshake functions in 53 L{tlslite.TLSConnection.TLSConnection} for details on which 54 exceptions might be raised. 55 56 @type username: str 57 @param username: SRP username. Requires the 58 'password' argument. 59 60 @type password: str 61 @param password: SRP password for mutual authentication. 62 Requires the 'username' argument. 63 64 @type certChain: L{tlslite.x509certchain.X509CertChain} 65 @param certChain: Certificate chain for client authentication. 66 Requires the 'privateKey' argument. Excludes the SRP arguments. 67 68 @type privateKey: L{tlslite.utils.rsakey.RSAKey} 69 @param privateKey: Private key for client authentication. 70 Requires the 'certChain' argument. Excludes the SRP arguments. 71 72 @type x509Fingerprint: str 73 @param x509Fingerprint: Hex-encoded X.509 fingerprint for 74 server authentication. 75 76 @type tackID: str 77 @param tackID: TACK ID for server authentication. 78 79 @type hardTack: bool 80 @param hardTack: Whether to raise TackBreakSigError on TACK Break. 81 82 @type settings: L{tlslite.handshakesettings.HandshakeSettings} 83 @param settings: Various settings which can be used to control 84 the ciphersuites, certificate types, and SSL/TLS versions 85 offered by the client. 86 """ 87 88 ClientHelper.__init__(self, 89 username, password, 90 certChain, privateKey, 91 x509Fingerprint, 92 tackID, 93 hardTack, 94 settings)
95 96
97 - def make_connection(self, host):
98 # create a HTTPS connection object from a host descriptor 99 host, extra_headers, x509 = self.get_host_info(host) 100 if hasattr(self, "http") and self.http: 101 tlsSession = self.http.tlsSession 102 else: 103 tlsSession = None 104 http = HTTPTLSConnection(host, None, 105 self.username, self.password, 106 self.certChain, self.privateKey, 107 self.checker.x509Fingerprint, 108 self.checker.tack, 109 self.checker.hardTack, 110 self.settings) 111 self.http.tlsSession = tlsSession 112 http2 = httplib.HTTP() 113 http2._setup(http) 114 return http2
115