Ubuntu One storage protocol

Merge lp:~pfibiger/ubuntuone-storage-protocol/add-ssl-context into lp:ubuntuone-storage-protocol

  1. add-ssl-context
  2. Merge into trunk
Proposed by Philip Fibiger
Status: Merged
Approved by: Joshua Blount
Approved revision: 43
Merged at revision: not available
Proposed branch: lp:~pfibiger/ubuntuone-storage-protocol/add-ssl-context
Merge into: lp:ubuntuone-storage-protocol
Diff against target: None lines
To merge this branch: bzr merge lp:~pfibiger/ubuntuone-storage-protocol/add-ssl-context
Reviewer Review Type Date Requested Status
Joshua Blount (community) Approve
Elliot Murphy (community) Approve
Review via email: mp+7817@code.launchpad.net

Commit message

[r=statik, jblount] add ssl context creation.

To post a comment you must log in.
Revision history for this message
Philip Fibiger (pfibiger) wrote :

refactors ssl context creation into u-s-p for use by both u1sync and syncdaemon.

Revision history for this message
Elliot Murphy (statik) wrote :

This looks great. A minor style suggestion which you are free to ignore; changing the function signature to be

def get_ssl_context(verify=True):

would both enable keyword args and provide a sensible default. You'd need to change the condition inside the function to

if verify:
    <stuff>
else:
    the non verify path

but I think it would make callsites of this function nicer to read.

review: Approve
Revision history for this message
Joshua Blount (jblount) wrote :

+1 (we talked about the thing elliot suggested, you made your case, etc)

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== added file 'canonical/ubuntuone/storage/protocol/context.py'
--- canonical/ubuntuone/storage/protocol/context.py 1970-01-01 00:00:00 +0000
+++ canonical/ubuntuone/storage/protocol/context.py 2009-06-23 19:38:42 +0000
@@ -0,0 +1,31 @@
1# canonical.ubuntuone.storage.protocol.context - ssl context creation
2#
3# Copyright 2009 Canonical Ltd.
4#
5# This program is free software: you can redistribute it and/or modify it
6# under the terms of the GNU Affero General Public License version 3,
7# as published by the Free Software Foundation.
8#
9# This program is distributed in the hope that it will be useful, but
10# WITHOUT ANY WARRANTY; without even the implied warranties of
11# MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR
12# PURPOSE. See the GNU Affero General Public License for more details.
13#
14# You should have received a copy of the GNU Affero General Public License
15# along with this program. If not, see <http://www.gnu.org/licenses/>.
16
17from OpenSSL import SSL
18from twisted.internet import ssl
19
20def get_ssl_context(no_verify):
21 if no_verify:
22 ctx = ssl.ClientContextFactory()
23 else:
24 ca_file = ssl.Certificate.loadPEM(file(
25 '/etc/ssl/certs/UbuntuOne-Go_Daddy_Class_2_CA.pem', 'r').read())
26 ca_file_2 = ssl.Certificate.loadPEM(file(
27 '/etc/ssl/certs/UbuntuOne-Go_Daddy_CA.pem', 'r').read())
28 ctx = ssl.CertificateOptions(verify=True,
29 caCerts=[ca_file.original, ca_file_2.original],
30 method=SSL.SSLv23_METHOD)
31 return ctx
032
=== added directory 'data'
=== added file 'data/UbuntuOne-Go_Daddy_CA.pem'
--- data/UbuntuOne-Go_Daddy_CA.pem 1970-01-01 00:00:00 +0000
+++ data/UbuntuOne-Go_Daddy_CA.pem 2009-06-23 19:38:42 +0000
@@ -0,0 +1,29 @@
1-----BEGIN CERTIFICATE-----
2MIIE3jCCA8agAwIBAgICAwEwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCVVMx
3ITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28g
4RGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExMTYw
5MTU0MzdaFw0yNjExMTYwMTU0MzdaMIHKMQswCQYDVQQGEwJVUzEQMA4GA1UECBMH
6QXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5j
7b20sIEluYy4xMzAxBgNVBAsTKmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5j
8b20vcmVwb3NpdG9yeTEwMC4GA1UEAxMnR28gRGFkZHkgU2VjdXJlIENlcnRpZmlj
9YXRpb24gQXV0aG9yaXR5MREwDwYDVQQFEwgwNzk2OTI4NzCCASIwDQYJKoZIhvcN
10AQEBBQADggEPADCCAQoCggEBAMQt1RWMnCZM7DI161+4WQFapmGBWTtwY6vj3D3H
11KrjJM9N55DrtPDAjhI6zMBS2sofDPZVUBJ7fmd0LJR4h3mUpfjWoqVTr9vcyOdQm
12VZWt7/v+WIbXnvQAjYwqDL1CBM6nPwT27oDyqu9SoWlm2r4arV3aLGbqGmu75RpR
13SgAvSMeYddi5Kcju+GZtCpyz8/x4fKL4o/K1w/O5epHBp+YlLpyo7RJlbmr2EkRT
14cDCVw5wrWCs9CHRK8r5RsL+H0EwnWGu1NcWdrxcx+AuP7q2BNgWJCJjPOq8lh8BJ
156qf9Z/dFjpfMFDniNoW1fho3/Rb2cRGadDAW/hOUoz+EDU8CAwEAAaOCATIwggEu
16MB0GA1UdDgQWBBT9rGEyk2xF1uLuhV+auud2mWjM5zAfBgNVHSMEGDAWgBTSxLDS
17kdRMEXGzYcs9of7dqGrU4zASBgNVHRMBAf8ECDAGAQH/AgEAMDMGCCsGAQUFBwEB
18BCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZ29kYWRkeS5jb20wRgYDVR0f
19BD8wPTA7oDmgN4Y1aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBv
20c2l0b3J5L2dkcm9vdC5jcmwwSwYDVR0gBEQwQjBABgRVHSAAMDgwNgYIKwYBBQUH
21AgEWKmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeTAO
22BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBANKGwOy9+aG2Z+5mC6IG
23OgRQjhVyrEp0lVPLN8tESe8HkGsz2ZbwlFalEzAFPIUyIXvJxwqoJKSQ3kbTJSMU
24A2fCENZvD117esyfxVgqwcSeIaha86ykRvOe5GPLL5CkKSkB2XIsKd83ASe8T+5o
250yGPwLPk9Qnt0hCqU7S+8MxZC9Y7lhyVJEnfzuz9p0iRFEUOOjZv2kWzRaJBydTX
26RE4+uXR21aITVSzGh6O1mawGhId/dQb8vxRMDsxuxN89txJx9OjxUUAiKEngHUuH
27qDTMBqLdElrRhjZkAzVvb3du6/KFUJheqwNTrZEjYx8WnM25sgVjOuH0aBsXBTWV
28U+4=
29-----END CERTIFICATE-----
030
=== added file 'data/UbuntuOne-Go_Daddy_Class_2_CA.pem'
--- data/UbuntuOne-Go_Daddy_Class_2_CA.pem 1970-01-01 00:00:00 +0000
+++ data/UbuntuOne-Go_Daddy_Class_2_CA.pem 2009-06-23 19:38:42 +0000
@@ -0,0 +1,25 @@
1-----BEGIN CERTIFICATE-----
2MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJV
3UzEhMB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQL
4EyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4X
5DTA0MDYyOTE3MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMx
6ITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMo
7R28gRGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAw
8DQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d
9/+TvZxz0ZWizV3GgXne77ZtJ6XCAPVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9
10S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6wwdhFJ2+qN1j3hybX2C32qRe3H3I2
11TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXiEqITLdiOr18SPaAIBQi2XKVl
12OARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMYavx4A6lNf4DD+qta/KFA
13pMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+YihfukEHU1jPEX44
14dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLEsNKR1EwRcbNh
15yz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h/t2oatTj
16oWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5IEdy
17b3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj
18YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
19BQADggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYX
20MP80kWNyOO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKt
21I3lpjbi2Tc7PTMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheab
22IZ0KbIIOqPjCDPoQHmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzr
23Tia2cyvk0/ZM/iZx4mERdEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBD
24pqWeCtWVYpoNz4iCxTIM5CufReYNnyicsbkqWletNw+vHX/bvZ8=
25-----END CERTIFICATE-----
026
=== modified file 'setup.py'
--- setup.py 2009-06-17 22:31:14 +0000
+++ setup.py 2009-06-23 19:38:42 +0000
@@ -124,6 +124,9 @@
124 'canonical.ubuntuone',124 'canonical.ubuntuone',
125 'canonical.ubuntuone.storage',125 'canonical.ubuntuone.storage',
126 'canonical.ubuntuone.storage.protocol'],126 'canonical.ubuntuone.storage.protocol'],
127 data_files=[('/etc/ssl/certs',
128 ['data/UbuntuOne-Go_Daddy_CA.pem',
129 'data/UbuntuOne-Go_Daddy_Class_2_CA.pem'])],
127130
128 cmdclass = {131 cmdclass = {
129 'build' : StorageProtocolBuild,132 'build' : StorageProtocolBuild,

Subscribers

People subscribed via source and target branches