Commit d0233189 authored by Stavros Sachtouris's avatar Stavros Sachtouris Committed by Giorgos Korfiatis

Add config settings for handling SSL connections

The following settings can be used at cloud level i.e., each cloud
configuration can have its own SSL settings:

ignore_ssl = on | off
ca_certs = /path/to/certificates

Both settings are passed to a agkyra.syncer.SetupSyncer instance
while setting up a session.
parent 34cfe1e1
......@@ -64,6 +64,8 @@ config.DEFAULTS = {
# <cloud>: {
# 'url': '',
# 'token': '',
# 'ignore_ssl': True or False overwrites ca_certs,
# 'ca_certs': /path/to/ca/certificate/buddle
# whatever else may be useful in this context
# },
# ... more clouds
......
......@@ -298,12 +298,26 @@ class WebSocketProtocol(WebSocket):
def init_sync(self):
"""Initialize syncer"""
sync = self._get_default_sync()
kwargs = dict(agkyra_path=AGKYRA_DIR)
# Get SSL settings
cloud = self._get_sync_cloud(sync)
try:
ignore_ssl = self.cnf.get_cloud(cloud, 'ignore_ssl') in ('on', )
kwargs['ignore_ssl'] = ignore_ssl
except KeyError:
ignore_ssl = None
if not ignore_ssl:
try:
kwargs['ca_certs'] = self.cnf.get_cloud(cloud, 'ca_certs')
except KeyError:
pass
syncer_settings = setup.SyncerSettings(
sync,
self.settings['url'], self.settings['token'],
self.settings['container'], self.settings['directory'],
agkyra_path=AGKYRA_DIR,
ignore_ssl=True)
**kwargs)
master = pithos_client.PithosFileClient(syncer_settings)
slave = localfs_client.LocalfsFileClient(syncer_settings)
self.syncer = syncer.FileSyncer(syncer_settings, master, slave)
......@@ -368,7 +382,6 @@ class WebSocketProtocol(WebSocket):
self.db.execute('BEGIN')
self.db.execute('DELETE FROM %s' % self.session_relation)
self.db.commit()
LOG.debug('Close DB connection')
self.db.close()
LOG.debug('Helper: connection closed')
......
......@@ -54,6 +54,9 @@ class SyncerSettings():
self.ignore_ssl = kwargs.get("ignore_ssl", False)
if self.ignore_ssl:
https.patch_ignore_ssl()
elif kwargs.get('ca_certs', None):
https.patch_with_certs(kwargs['ca_certs'])
self.endpoint = self._get_pithos_client(
auth_url, auth_token, container)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment