From 3629b8bd60f9d14828bcd6a0feb3f948c95351f0 Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Tue, 15 Mar 2016 12:46:49 +0100 Subject: Make http_request take optional session parameter --- tools/certtools.py | 70 +++++++++++++++++++++++++++++------------------------- 1 file changed, 38 insertions(+), 32 deletions(-) (limited to 'tools/certtools.py') diff --git a/tools/certtools.py b/tools/certtools.py index 69e376d..023bc1e 100644 --- a/tools/certtools.py +++ b/tools/certtools.py @@ -266,38 +266,44 @@ def check_auth_header(authheader, expected_key, publickeydir, data, path): sigdecode=ecdsa.util.sigdecode_der) return True -def http_request(url, data=None, key=None, verifynode=None, publickeydir=".", params=None): - with requests.sessions.Session() as session: - (keyname, keyfile) = key - privatekey = get_eckey_from_file(keyfile) - sk = ecdsa.SigningKey.from_der(privatekey) - if data == None: - method = "GET" - else: - method = "POST" - assert(params == None) - req = requests.Request(method, url, params=params, data=data) - prepared_req = session.prepare_request(req) - parsed_url = urlparse.urlparse(prepared_req.url) - if data == None: - data_to_sign = parsed_url.query - else: - data_to_sign = data - url_to_sign = parsed_url.path - signature = sk.sign("%s\0%s\0%s" % (method, url_to_sign, data_to_sign), hashfunc=hashlib.sha256, - sigencode=ecdsa.util.sigencode_der) - prepared_req.headers['X-Catlfish-Auth'] = base64.b64encode(signature) + ";key=" + keyname - with warnings.catch_warnings(): - try: - warnings.filterwarnings("ignore", category=requests.packages.urllib3.exceptions.SubjectAltNameWarning) - except AttributeError: - pass - result = session.send(prepared_req, verify=sslparameters.cafile) - result.raise_for_status() - authheader = result.headers.get('X-Catlfish-Auth') - data = result.text - check_auth_header(authheader, verifynode, publickeydir, data, url_to_sign) - return data +def http_request(url, data=None, key=None, verifynode=None, publickeydir=".", params=None, session=None): + if session: + return http_request_session(url, data=data, key=key, verifynode=verifynode, publickeydir=publickeydir, params=params, session=session) + else: + with requests.sessions.Session() as session: + return http_request_session(url, data=data, key=key, verifynode=verifynode, publickeydir=publickeydir, params=params, session=session) + +def http_request_session(url, data=None, key=None, verifynode=None, publickeydir=".", params=None, session=None): + (keyname, keyfile) = key + privatekey = get_eckey_from_file(keyfile) + sk = ecdsa.SigningKey.from_der(privatekey) + if data == None: + method = "GET" + else: + method = "POST" + assert(params == None) + req = requests.Request(method, url, params=params, data=data) + prepared_req = session.prepare_request(req) + parsed_url = urlparse.urlparse(prepared_req.url) + if data == None: + data_to_sign = parsed_url.query + else: + data_to_sign = data + url_to_sign = parsed_url.path + signature = sk.sign("%s\0%s\0%s" % (method, url_to_sign, data_to_sign), hashfunc=hashlib.sha256, + sigencode=ecdsa.util.sigencode_der) + prepared_req.headers['X-Catlfish-Auth'] = base64.b64encode(signature) + ";key=" + keyname + with warnings.catch_warnings(): + try: + warnings.filterwarnings("ignore", category=requests.packages.urllib3.exceptions.SubjectAltNameWarning) + except AttributeError: + pass + result = session.send(prepared_req, verify=sslparameters.cafile) + result.raise_for_status() + authheader = result.headers.get('X-Catlfish-Auth') + data = result.text + check_auth_header(authheader, verifynode, publickeydir, data, url_to_sign) + return data def get_signature(baseurl, data, key=None): try: -- cgit v1.1