scripts/lib/mic/3rdparty/pykickstart/urlgrabber/sslfactory.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

#   This library is free software; you can redistribute it and/or
#   modify it under the terms of the GNU Lesser General Public
#   License as published by the Free Software Foundation; either
#   version 2.1 of the License, or (at your option) any later version.
#
#   This library is distributed in the hope that it will be useful,
#   but WITHOUT ANY WARRANTY; without even the implied warranty of
#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
#   Lesser General Public License for more details.
#
#   You should have received a copy of the GNU Lesser General Public
#   License along with this library; if not, write to the 
#      Free Software Foundation, Inc., 
#      59 Temple Place, Suite 330, 
#      Boston, MA  02111-1307  USA

# This file is part of urlgrabber, a high-level cross-protocol url-grabber

import httplib
import urllib2

try:
    from M2Crypto import SSL
    from M2Crypto import httpslib
    from M2Crypto import m2urllib2

    SSL.Connection.clientPostConnectionCheck = None
    have_m2crypto = True
except ImportError:
    have_m2crypto = False

DEBUG = None

if have_m2crypto:
    
    class M2SSLFactory:

        def __init__(self, ssl_ca_cert, ssl_context):
            self.ssl_context = self._get_ssl_context(ssl_ca_cert, ssl_context)

        def _get_ssl_context(self, ssl_ca_cert, ssl_context):
            """
            Create an ssl context using the CA cert file or ssl context.

            The CA cert is used first if it was passed as an option. If not,
            then the supplied ssl context is used. If no ssl context was supplied,
            None is returned.
            """
            if ssl_ca_cert:
                context = SSL.Context()
                context.load_verify_locations(ssl_ca_cert)
                context.set_verify(SSL.verify_none, -1)
                return context
            else:
                return ssl_context

        def create_https_connection(self, host, response_class = None):
            connection = httplib.HTTPSConnection(host, self.ssl_context)
            if response_class:
                connection.response_class = response_class
            return connection

        def create_opener(self, *handlers):
            return m2urllib2.build_opener(self.ssl_context, *handlers)


class SSLFactory:

    def create_https_connection(self, host, response_class = None):
        connection = httplib.HTTPSConnection(host)
        if response_class:
            connection.response_class = response_class
        return connection

    def create_opener(self, *handlers):
        return urllib2.build_opener(*handlers)

   
def get_factory(ssl_ca_cert = None, ssl_context = None):
    """ Return an SSLFactory, based on if M2Crypto is available. """
    if have_m2crypto:
        return M2SSLFactory(ssl_ca_cert, ssl_context)
    else:
        # Log here if someone provides the args but we don't use them.
        if ssl_ca_cert or ssl_context:
            if DEBUG:
                DEBUG.warning("SSL arguments supplied, but M2Crypto is not available. "
                        "Using Python SSL.")
        return SSLFactory()