I remember seeing this question in the past. It would be great if we could get those changes working in all the supported Python versions, tested and merged upstream.
On Tue, Jul 8, 2014 at 9:56 AM, <[email protected]> wrote: > Hi Cedric, > > I ran into the same issue and patched libcloud.httplib_ssl. I’ve included > the code snippets below. The proxy I use doesn’t require authentication > but hopefully you can adapt to make it do what you need. I tested with > Python 2.7 - may need tweaking for Python 3. > > Cheers, > Phil > > > I modified the LibcloudHTTPSConnection.__init__ to pick up the proxy > settings from the environment: > > > class LibcloudHTTPSConnection(httplib.HTTPSConnection): > """ > LibcloudHTTPSConnection > > Subclass of HTTPSConnection which verifies certificate names > if and only if CA certificates are available. > """ > verify = True # verify by default > ca_cert = None # no default CA Certificate > > def __init__(self, *args, **kwargs): > """ > Constructor > """ > self._setup_verify() > httplib.HTTPSConnection.__init__(self, *args, **kwargs) > > # Support for HTTPS Proxy > if 'https_proxy' in os.environ: > from urlparse import urlparse > > self.set_tunnel(self.host, port=self.port) > > proxy_host = urlparse(os.environ['https_proxy']).netloc > self._set_hostport(proxy_host, None) > > . > . > . > > And then modified the connect call to use the tunnel: > > > def connect(self): > """ > Connect > > Checks if verification is toggled; if not, just call > httplib.HTTPSConnection's connect > """ > if not self.verify: > return httplib.HTTPSConnection.connect(self) > > # otherwise, create a connection and verify the hostname > # use socket.create_connection (in 2.6+) if possible > if getattr(socket, 'create_connection', None): > sock = socket.create_connection((self.host, self.port), > self.timeout) > else: > sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) > sock.connect((self.host, self.port)) > > # Support for HTTPS Proxy > if self._tunnel_host: > self.sock = sock > self._tunnel() > > self.sock = ssl.wrap_socket(sock, > self.key_file, > self.cert_file, > cert_reqs=ssl.CERT_REQUIRED, > ca_certs=self.ca_cert, > ssl_version=ssl.PROTOCOL_TLSv1) > cert = self.sock.getpeercert() > if not self._verify_hostname(self.host, cert): > raise ssl.SSLError('Failed to verify hostname') > > > On 8 Jul 2014, at 07:23, Cedric Lebrun <[email protected]> wrote: > > > Hi All, > > > > I try to use Libcloud to connect to EC2. > > My environments (CentOS 6.5 and Ubuntu 14.04) are behind a proxy server > that requires authentication (MS ISA Proxy Server). > > I tried with defining environment variables HTTP_PROXY and HTTPS_PROXY, > but still doesn't work. > > Is there a way to set a proxy and proxy credentials directly using > Libcloud ? Or should I have to patch the http_lib to implement UrlLib2 > ProxyHandler ? > > > > Thanks for your help, > > CL > > -- > Scanned by iCritical. >
