Re: [pyOpenSSL] 'internal error' on 0.5.1

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi, 

For my application, I created a class sslTransport and used this in 
creating the server object. 

class sslTransport(xmlrpclib.SafeTransport):
    """Enables ssl transport with client certificates."""

    def __init__(self, x509):
        """Added to enable client SSL certificates."""
        self.x509 = x509

    def make_connection(self, host):
        """Extended to include x509 certificate."""
        return xmlrpclib.SafeTransport.make_connection(self, (host, 
self.x509))

And the client code:

x509 = {'key_file': 'client.pkey',
        'cert_file':'client.cert'}

server = xmlrpclib.ServerProxy('https://host:port',
                                sslTransport(x509))

Regards,
Remy Cool

On Tuesday 29 July 2003 19:54, Yannick Gingras wrote:
> Hi,
>   I try do customize the SafeTransport of xmlrpclib to do
> certificate validation (signature and the like).  I use you
> SecureXMLRPCServer from the distribution.
>
> It works perfectly if I keep the standard SafeTransport but if I
> try :
>
>
> class CustomTransport(SafeTransport):
>     def make_connection(self, host):
>         conn = SafeTransport.make_connection(self, host)
>         addr = (conn._conn.host, conn._conn.port)
>         ctx = SSL.Context(SSL.SSLv23_METHOD)
>         ctx.set_options(SSL.OP_NO_SSLv2)
>         sslConn = SSL.Connection( ctx, socket.socket(
> socket.AF_INET, socket.SOCK_DGRAM) ) sslConn.connect(addr)
>         sslConn.set_connect_state()
>         sslConn.renegotiate()
>         sslConn.do_handshake()
>         # must update the socket in conn here
>         print (sslConn.get_peer_certificate())
> 	# do the certificate validation here
>         return conn
>
>
> I receive this trace :
>
>   File "/usr/lib/python2.2/xmlrpclib.py", line 821, in __call__
>     return self.__send(self.__name, args)
>   File "/usr/lib/python2.2/xmlrpclib.py", line 975, in __request
>     verbose=self.__verbose
>   File "/usr/lib/python2.2/xmlrpclib.py", line 833, in request
>     h = self.make_connection(host)
>   File
> "/home/ygingras/BelugaERP/belugaerp/core/client/SimpleClient.py",
> line 32, in make_connection
>     sslConn.do_handshake()
> SSL.Error [('SSL routines', 'SSL_clear', 'internal error')]
>
> I'm not a SSL guru so I wonder what I may have done wrong.  Is this
> the right way to make a SLL connection with pyOpenSSL ?  I use
> Python 2.2.2 on Red Hat 9.  OpenSSL is a custom build of 0.9.7b (I
> tried M2Crypto).
>
> Thanks for your time !