Commit 20be5093 authored by Julien Muchembled's avatar Julien Muchembled

Use 'openssl' executable if pyOpenSSL is not available.

We can't depend on pyOpenSSL because SlapOS is not ready for that.
parent d95e39a4
......@@ -32,7 +32,7 @@ setup(
keywords="slapos networkcache shadir shacache",
install_requires=[
'setuptools', # for namespace
'pyOpenSSL',
#'pyOpenSSL',
] + additional_install_requires,
classifiers=[
'Development Status :: 4 - Beta',
......
# Compatibily code in case that pyOpenSSL is not installed.
import functools, tempfile
from subprocess import Popen, PIPE, STDOUT
_tmpfile = functools.partial(tempfile.NamedTemporaryFile, prefix=__name__+'-')
class Error(Exception): pass
FILETYPE_PEM = 1
def load_privatekey(type, buffer):
r = _tmpfile()
r.write(buffer)
r.flush()
return r
def load_certificate(type, buffer):
# extract public key since we only use it to verify signatures
r = _tmpfile()
p = Popen(("openssl", "x509", "-pubkey", "-noout"),
stdin=PIPE, stdout=r, stderr=PIPE)
err = p.communicate(buffer)[1]
if p.poll():
raise Error(err)
return r
def sign(pkey, data, digest):
p = Popen(("openssl", digest, "-sign", pkey.name),
stdin=PIPE, stdout=PIPE, stderr=PIPE)
out, err = p.communicate(data)
if p.poll():
raise Error(err)
return out
def verify(cert, signature, data, digest):
with _tmpfile() as f:
f.write(signature)
f.flush()
p = Popen(("openssl", digest, "-verify", cert.name, "-signature", f.name),
stdin=PIPE, stdout=PIPE, stderr=STDOUT)
err = p.communicate(data)[0]
if p.poll():
raise Error(err)
......@@ -26,7 +26,10 @@ import tempfile
import traceback
import urllib2
import urlparse
from OpenSSL import crypto
try:
from OpenSSL import crypto
except ImportError:
from . import crypto
# Timeout here is about timeout to CONNECT to the server (socket initialization then server answers actual data), not to retrieve/send informations.
# To be clear: it is NOT about uploading/downloading data, but about time to connect to the server, then time that server takes to start answering.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment