diff options
| author | Pete <petiepooo@gmail.com> | 2019-12-18 12:03:17 -0500 |
|---|---|---|
| committer | Xander Desai <xdesai@duosecurity.com> | 2019-12-18 12:03:17 -0500 |
| commit | d0d47c7959f4c5193b767ddea8b0affc25ca40f0 (patch) | |
| tree | 51687dd2b779237d1acd2363cd8ad0412aaf14e9 /https_wrapper.py | |
| parent | 8c4d7c4affad93cbdc70180d0eb11a4869e5b298 (diff) | |
| download | openvpn-duo-plugin-d0d47c7959f4c5193b767ddea8b0affc25ca40f0.tar.gz openvpn-duo-plugin-d0d47c7959f4c5193b767ddea8b0affc25ca40f0.zip | |
Python3 compatibility updates (#28)
* WIP: fix imports and exception calls for python3
* fix remaining utf-8 encoding issues
* fix init trying to return a value
* change expected control checks to bytes
* make comparison of request params non-ordered
python3's url request handler likes to reorder the parameters its given
this breaks the params out and checks each separately
* refactor to simplify params comparisons
* FIX: decode auth bytes back to a utf-8 string
* FIX: also decode response data bytes to utf-8
* FIX: do not decode response data if already a str
* enhance existing test to ensure auth is str no bytes
* change test req and import from mox to mox3
* add additional python versions to CI config
* fix failing 3.7 travis ci build
* Apply changes to duo_openvpn.py similar to what we do in duo_client_python
* Apply changes to https_wrapper similar to what we do in duo_client_python
* Fixup the import bugs
* Use six for StringIO import
* Include six for py2->py3 compat layer
* use explicit decoding on control file data
* Consistent encoding and updated variable names for clarity
* Revert variable names back again.
Diffstat (limited to 'https_wrapper.py')
| -rw-r--r-- | https_wrapper.py | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/https_wrapper.py b/https_wrapper.py index d798513..e6bdc36 100644 --- a/https_wrapper.py +++ b/https_wrapper.py @@ -19,14 +19,15 @@ """Extensions to allow HTTPS requests with SSL certificate validation.""" -import httplib import re import socket -import urllib2 import ssl +from six.moves import http_client +from six.moves import urllib -class InvalidCertificateException(httplib.HTTPException): + +class InvalidCertificateException(http_client.HTTPException): """Raised when a certificate is provided with an invalid hostname.""" def __init__(self, host, cert, reason): @@ -36,7 +37,7 @@ class InvalidCertificateException(httplib.HTTPException): host: The hostname the connection was made to. cert: The SSL certificate (as a dictionary) the host returned. """ - httplib.HTTPException.__init__(self) + http_client.HTTPException.__init__(self) self.host = host self.cert = cert self.reason = reason @@ -48,10 +49,10 @@ class InvalidCertificateException(httplib.HTTPException): (self.host, self.reason, self.cert)) -class CertValidatingHTTPSConnection(httplib.HTTPConnection): +class CertValidatingHTTPSConnection(http_client.HTTPConnection): """An HTTPConnection that connects over SSL and validates certificates.""" - default_port = httplib.HTTPS_PORT + default_port = http_client.HTTPS_PORT def __init__(self, host, port=None, key_file=None, cert_file=None, ca_certs=None, strict=None, **kwargs): @@ -67,7 +68,7 @@ class CertValidatingHTTPSConnection(httplib.HTTPConnection): strict: When true, causes BadStatusLine to be raised if the status line can't be parsed as a valid HTTP/1.0 or 1.1 status line. """ - httplib.HTTPConnection.__init__(self, host, port, strict, **kwargs) + http_client.HTTPConnection.__init__(self, host, port, strict, **kwargs) self.key_file = key_file self.cert_file = cert_file self.ca_certs = ca_certs @@ -124,12 +125,12 @@ class CertValidatingHTTPSConnection(httplib.HTTPConnection): raise InvalidCertificateException(hostname, cert, 'hostname mismatch') -class CertValidatingHTTPSHandler(urllib2.HTTPSHandler): +class CertValidatingHTTPSHandler(urllib.request.HTTPSHandler): """An HTTPHandler that validates SSL certificates.""" def __init__(self, **kwargs): - """Constructor. Any keyword args are passed to the httplib handler.""" - urllib2.HTTPSHandler.__init__(self) + """Constructor. Any keyword args are passed to the http_client handler.""" + urllib.request.HTTPSHandler.__init__(self) self._connection_args = kwargs def https_open(self, req): @@ -139,10 +140,10 @@ class CertValidatingHTTPSHandler(urllib2.HTTPSHandler): return CertValidatingHTTPSConnection(host, **full_kwargs) try: return self.do_open(http_class_wrapper, req) - except urllib2.URLError, e: + except urllib.error.URLError as e: if type(e.reason) == ssl.SSLError and e.reason.args[0] == 1: raise InvalidCertificateException(req.host, '', e.reason.args[1]) raise - https_request = urllib2.HTTPSHandler.do_request_ + https_request = urllib.request.HTTPSHandler.do_request_ |