[lxc-devel] [pylxd/master] Make the websocket client reuse the client's certificate

Wed, 27 May 2020 12:34:23 -0700 

The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/pylxd/pull/400

This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.

=== Description (from pull-request) ===
This change allows to use the `events()` on remote clients, by passing the SSL certificate and keyfile from the HTTP client to to the websocket client.

I had to move the definition of `self.cert` to pick up the default certificates.

This fixes issue #381.

From ef21f8217b34b6c0c9e7c77f70a79fd9d6b3a224 Mon Sep 17 00:00:00 2001
From: Hugo Geoffroy <pista...@lebib.org>
Date: Wed, 27 May 2020 20:57:30 +0200
Subject: [PATCH] Make the websocket client reuse the client's certificate

fix #381
---
 pylxd/client.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/pylxd/client.py b/pylxd/client.py
index a2551409..2afbf5e1 100644
--- a/pylxd/client.py
+++ b/pylxd/client.py
@@ -288,7 +288,6 @@ def __init__(
 
         """
 
-        self.cert = cert
         if endpoint is not None:
             if endpoint.startswith('/') and os.path.isfile(endpoint):
                 self.api = _APINode('http+unix://{}'.format(
@@ -311,6 +310,7 @@ def __init__(
                 path = '/var/lib/lxd/unix.socket'
             endpoint = 'http+unix://{}'.format(parse.quote(path, safe=''))
             self.api = _APINode(endpoint, timeout=timeout)
+        self.cert = cert
         self.api = self.api[version]
 
         # Verify the connection is valid.
@@ -425,7 +425,11 @@ def events(self, websocket_client=None, event_types=None):
         if websocket_client is None:
             websocket_client = _WebsocketClient
 
-        client = websocket_client(self.websocket_url)
+        if self.cert is not None:
+            ssl_options = dict(certfile=self.cert[0], keyfile=self.cert[1])
+        else:
+            ssl_options = None
+        client = websocket_client(self.websocket_url, ssl_options=ssl_options)
         parsed = parse.urlparse(self.api.events._api_endpoint)
 
         resource = parsed.path

_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel

Reply via email to