Ignore:
Timestamp:
02/07/07 09:53:03 (13 years ago)
Author:
pjkersha
Message:

Replaced socket.ssl with M2Crypto https for web service clients

ndg.security.test/ndg/security/test/AttAuthority/siteAAttAuthorityProperties.xml:
swap to https

ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py:

  • added X509CertRead import for sslCACertList keyword processing
  • added sslPeerCertCN keyword input to AA client

ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg:

  • new keywords for SSL connections: sslpeercertcn and sslcacertfilepathlist

ndg.security.test/ndg/security/test/MyProxy/Makefile: PYTHONPATH macro to
enable custom python path setting

ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py:

  • added sslPeerCertCN and sslCACertList keyword input SM client - M2Crypto

SSL integration not complete!!

ndg.security.common/ndg/security/common/ca/init.py:

  • fix to include HTTPResponse from ZSI.wstools.Utility

ndg.security.common/ndg/security/common/SessionMgr/init.py:

  • urlparse import - use to determine http/https transport
  • new ndg.security.common.m2CryptoSSLUtility module used for M2Crypto SSL
  • added sslPeerCertCN property
  • removed getSrvX509Cert() - no longer needed
  • modified call to Binding in initService to use custom M2Crypto SSL client
  • Removed exception handling for soap call wrappers - these can surpress

useful info from being reported back higher in the stack

ndg.security.common/ndg/security/common/X509.py:

  • bug fix to X509Cert.init - init caX509Stack to []
  • altered X509Stack.verifyCertChain to enable verification be self stack

rather than need for caX509Stack

ndg.security.common/ndg/security/common/AttAuthority/init.py:

  • urlparse import - use to determine http/https transport
  • new ndg.security.common.m2CryptoSSLUtility module used for M2Crypto SSL
  • added sslPeerCertCN and sslCACertList properties for SSL host checks
  • removed setSrvCertFilePath() and getSrvCert() - no longer needed
  • modified call to Binding in initService to use custom M2Crypto SSL client
  • Removed exception handling for soap call wrappers - these can surpress

useful info from being reported back higher in the stack

ndg.security.common/ndg/security/common/wsSecurity.py:

  • bug fix to binSecTokValType class var - 'X509' wrongly keyed into 'X509v3'

namespace

ndg.security.common/ndg/security/common/m2CryptoSSLUtility.py: new module
containing class to extend M2Crypto.httpslib.HTTPSConnection and
M2Crypto.SSL.Checker.Checker

File:
1 edited

Legend:

Unmodified
Added
Removed
Note: See TracChangeset for help on using the changeset viewer.