➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2014-11-27 20:23 by desbma, last changed 2022-04-11 14:58 by admin. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| issue22960.diff | alex, 2014-11-30 02:47 | |||
| issue22960-3.diff | alex, 2014-11-30 04:08 | review | ||
| Messages (7) | |||
|---|---|---|---|
| msg231778 - (view) | Author: desbma (desbma) * | Date: 2014-11-27 20:23 | |
When using xmlrpc.server it is possible (despite being intrusive) to use a custom SSL context, ie: import ssl import xmlrpc.server rpc_server = xmlrpc.server.SimpleXMLRPCServer(...) ssl_context = ssl.SSLContext() # setup the context ... rpc_server.socket = ssl_context.wrap_socket(rpc_server.socket, ...) However it is not possible (unless using some ugly monkey patching, which I am ashamed of writing) to do the same for xmlrpc.client. xmlrpc.client.ServerProxy() could accept a context constructor, and pass it to the SafeTransport instance, and then to the http.client.HTTPSConnection instance (https://hg.python.org/cpython/file/3.4/Lib/xmlrpc/client.py#l1338). I would allow passing a SSL context more secure than the default one, and thus improve security. |
|||
| msg231880 - (view) | Author: Alex Gaynor (alex) *  |
Date: 2014-11-30 02:47 | |
Attached is a patch for 2.7 |
|||
| msg231882 - (view) | Author: Benjamin Peterson (benjamin.peterson) * |
Date: 2014-11-30 03:20 | |
I suppose I should ask you to write a test. Of course, HTTPS doesn't seem to be tested at all right now (see the attractive "FIXME: mostly untested" comment in SafeTransport.) Maybe, it's easier now, though, using the code in Lib/test/ssl_servers.py? |
|||
| msg231883 - (view) | Author: Roundup Robot (python-dev)  |
Date: 2014-11-30 03:57 | |
New changeset 62bd574e95d5 by Benjamin Peterson in branch '2.7': add context parameter to xmlrpclib.ServerProxy (#22960) https://hg.python.org/cpython/rev/62bd574e95d5 |
|||
| msg231884 - (view) | Author: Alex Gaynor (alex) * |
Date: 2014-11-30 04:08 | |
Attached patch fixes it for Python3. |
|||
| msg231885 - (view) | Author: Roundup Robot (python-dev) |
Date: 2014-11-30 04:34 | |
New changeset 4b00430388ad by Benjamin Peterson in branch '3.4': add context parameter to xmlrpclib.ServerProxy (#22960) https://hg.python.org/cpython/rev/4b00430388ad New changeset 2a126ce6f83e by Benjamin Peterson in branch 'default': merge 3.4 (#22960) https://hg.python.org/cpython/rev/2a126ce6f83e |
|||
| msg231888 - (view) | Author: desbma (desbma) * | Date: 2014-11-30 11:55 | |
Thank you |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:58:10 | admin | set | github: 67149 |
| 2014-11-30 11:55:59 | desbma | set | messages: + msg231888 |
| 2014-11-30 04:37:20 | benjamin.peterson | set | status: open -> closed resolution: fixed |
| 2014-11-30 04:34:36 | python-dev | set | messages: + msg231885 |
| 2014-11-30 04:08:12 | alex | set | files:
+ issue22960-3.diff messages: + msg231884 |
| 2014-11-30 03:57:24 | python-dev | set | nosy:
+ python-dev messages: + msg231883 |
| 2014-11-30 03:20:52 | benjamin.peterson | set | nosy:
+ benjamin.peterson messages: + msg231882 |
| 2014-11-30 02:47:15 | alex | set | files:
+ issue22960.diff keywords: + patch messages: + msg231880 |
| 2014-11-27 20:30:59 | alex | set | nosy:
+ janssen, pitrou, giampaolo.rodola, christian.heimes, alex, dstufft versions: + Python 2.7 |
| 2014-11-27 20:23:06 | desbma | create | |