M2SSLTransport

M2Crypto SSLTransport Library

class DIRAC.Core.DISET.private.Transports.M2SSLTransport.SSLTransport(*args, **kwargs)

Bases: DIRAC.Core.DISET.private.Transports.BaseTransport.BaseTransport

SSL Transport implementaiton using the M2Crypto library.

__init__(*args, **kwargs)

Create an SSLTransport object, parameters are the same as for other transports. If ctx is specified (as an instance of SSL.Context) then use that rather than creating a new context.

acceptConnection()

Accept a new client, returns a new SSLTransport object representing the client connection.

Returns:S_OK(SSLTransport object)
bAllowReuseAddress = True
close()

Close this socket.

getAppData()
getConnectingCredentials()
Returns:dictionnary with credentials

Return empty dictionnary for plainTransport.

In SSLTransport it contains (after the handshake):

  • ’DN’ : All identity name, e.g. `/C=ch/O=DIRAC/OU=DIRAC CI/CN=ciuser/emailAddress=lhcb-dirac-ci@cern.ch`
  • ’CN’ : Only the user name e.g. ciuser
  • ’x509Chain’ : List of all certificates in the chain
  • ’isProxy’ : True if the client use proxy certificate
  • ’isLimitedProxy’ : True if the client use limited proxy certificate
  • ’group’ (optional): Dirac group attached to the client
  • ’extraCredentials’ (optional): Extra credentials if exists

Before the handshake, dictionnary is empty

getFormattedCredentials()
getKeepAliveLapse()
getLastActionTimestamp()
getLocalAddress()
getRemoteAddress()
getSocket()
handshake()

Used to perform SSL handshakes. These are now done automatically.

iListenQueueSize = 128
iReadTimeout = 600
initAsClient()

Prepare this client socket for use.

initAsServer()

Prepare this server socket for use.

isLocked()

Returns if this instance is locked. Always returns false.

Returns:False
keepAliveMagic = 'dka'
latestServerRenewTime()
receiveData(maxBufferSize=0, blockAfterKeepAlive=True, idleReceive=False)
renewServerContext()

Renews the server context. This reloads the certificates and re-initialises the SSL context.

sendData(uData, prefix=False)
sendKeepAlive(responseId=None, now=False)
serverMode()
setAppData(appData)
setClientSocket(oSocket)

Set the inner socket (i.e. SSL.Connection object) of this instance to the value of oSocket. This method is intended to be used to create client connection objects from a server and should be considered to be an internal function.

Parameters:oSocket – client socket SSL.Connection object
setExtraCredentials(group)
setSocketTimeout(timeout)

Set the timeout for socket operations. The timeout parameter is in seconds (float).