Statistics
| Branch: | Tag: | Revision:

root / lib / http @ 2d93a6a7

Name Size
__init__.py 27.6 kB
auth.py 9.3 kB
client.py 12.1 kB
server.py 17.5 kB

Latest revisions

# Date Author Comment
2d93a6a7 10/12/2010 07:09 pm Apollon Oikonomopoulos

Set list of trusted SSL CAs for client to verify

As per SSL_CTX_set_client_CA_list(3SSL), set the list of acceptable CAs
advertised to SSL clients to include the server's own certificate. This
evidently fixes the pycurl/gnutls RPC client.

During the TLS Handshake, when client verification is requested, the...
5117f822 09/10/2010 02:54 pm Michael Hanselmann

Fix pylint warning in http/__init__.py

My bad for not seeing this before:
R0201:614:HttpBase.GetSslCiphers: Method could be a function

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>
91c69613 09/10/2010 02:43 pm Michael Hanselmann

Allow SSL ciphers to be overridden in HTTP server

Users of this class, such as the RAPI server, might want to override or adjust
the default SSL cipher defined in a constant.

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>
33231500 07/16/2010 06:18 pm Michael Hanselmann

Convert RPC client to PycURL

Instead of using our custom HTTP client, using PycURL's multi
interface allows us to get rid of the HTTP client threadpool.
The majority of the code is still in the ganeti.http.client
module.

A simple per-thread HTTP client pool gives cURL a chance to...
971bbd84 06/14/2010 07:58 pm Michael Hanselmann

Disallow DES for SSL connections

Older OpenSSL versions include DES-CBC3-* ciphers when specifying the
HIGH group of ciphers. Removing potentially weak ciphers from the list
of allowed ciphers ensures only strong ciphers are considered for SSL
connections....
e0036155 06/04/2010 05:26 pm Iustin Pop

http client: support per-request read timeout

Currently, the read timeout is hardcoded in the
HttpClientRequestExecutor class. The patch changes the timeout so that
it's a per-request property, and makes the rpc.Client class pass one
explicitly in. Furthermore, we modify the rpc.RpcRunner class to support...
716a32cb 06/01/2010 11:34 am Guido Trotter

Move hash functions to the compat module

Since the hash functions' changed their module name between python 2.4
and 2.6, and we have to do an try/import/except trick, we'll do it just
once, for both hash functions, and in compat.py. This also fixes a use...
791f317d 03/18/2010 03:56 pm Guido Trotter

Merge branch 'devel-2.1'

  • devel-2.1:
    burnin: implement basic confd testing
    AsyncUDPSocket.process_next_packet
    WaitForSocketCondition: rename, handle EINTR
    move http.WaitForSocketCondition to utils
    ConfdCountingCallback
    ConfdClient: add synchronous features...
dcd511c8 03/18/2010 01:39 pm Guido Trotter

move http.WaitForSocketCondition to utils

Signed-off-by: Guido Trotter <>
Reviewed-by: Michael Hanselmann <>
dfdc4060 03/18/2010 01:39 pm Guido Trotter

WaitForSocketCondition: rename, handle EINTR

- Rename WaitForSocketCondition to SingleWaitForFdCondition
- Avoid potentially infinite loop, if we continue to get interrupted
- Handle eintr correctly
- Avoid the poller try/finally, as the poller object gets destroyed...

View revisions

Also available in: Atom