diff options
| -rw-r--r-- | scripts/rpki/https.py | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/scripts/rpki/https.py b/scripts/rpki/https.py index 6c56123f..38cdea2c 100644 --- a/scripts/rpki/https.py +++ b/scripts/rpki/https.py @@ -12,13 +12,7 @@ import rpki.x509, rpki.exceptions rpki_content_type = "application/x-rpki" -# Setting this here is a crock, but the default is much too short and -# this is the easiest way to make sure that all of our scripts use a -# more reasonable value. - -socket.setdefaulttimeout(90) # Seconds - -def client(msg, privateKey, certChain, x509TrustList, url): +def client(msg, privateKey, certChain, x509TrustList, url, timeout = 300): """Open client HTTPS connection, send a message, wait for response. This function wraps most of what one needs to do to send a message @@ -36,12 +30,17 @@ def client(msg, privateKey, certChain, x509TrustList, url): u.query == "" and \ u.fragment == "" + # We could add a "settings = foo" argument to the following call to + # pass in a tlslite.HandshakeSettings object that would let us + # insist on, eg, particular SSL/TLS versions. + httpc = tlslite.api.HTTPTLSConnection(host = u.hostname or "localhost", port = u.port or 443, privateKey = privateKey.get_tlslite(), certChain = certChain.tlslite_certChain(), x509TrustList = x509TrustList.tlslite_trustList()) httpc.connect() + httpc.sock.settimeout(timeout) httpc.request("POST", u.path, msg, {"Content-Type" : rpki_content_type}) response = httpc.getresponse() if response.status == httplib.OK: @@ -96,6 +95,9 @@ class httpServer(tlslite.api.TLSSocketServerMixIn, BaseHTTPServer.HTTPServer): assert self.rpki_privateKey is not None assert self.rpki_sessionCache is not None try: + # We could add a "settings = foo" argument to the following call + # to pass in a tlslite.HandshakeSettings object that would let + # us insist on, eg, particular SSL/TLS versions. tlsConnection.handshakeServer(certChain = self.rpki_certChain, privateKey = self.rpki_privateKey, sessionCache = self.rpki_sessionCache) |