--- koji/__init__.py | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-)
diff --git a/koji/__init__.py b/koji/__init__.py index 58971da..36772bb 100644 --- a/koji/__init__.py +++ b/koji/__init__.py @@ -1599,12 +1599,7 @@ class ClientSession(object): self.explicit_port = bool(_port) self._path = uri[2] default_port = 80 - if self.opts.get('certs'): - ctx = ssl.SSLCommon.CreateSSLContext(self.opts['certs']) - cnxOpts = {'ssl_context' : ctx} - cnxClass = ssl.SSLCommon.PlgHTTPSConnection - default_port = 443 - elif scheme == 'https': + if scheme == 'https': cnxOpts = {} cnxClass = httplib.HTTPSConnection default_port = 443 @@ -1737,21 +1732,21 @@ class ClientSession(object): certs['ca_cert'] = ca certs['peer_ca_cert'] = serverca
- ctx = ssl.SSLCommon.CreateSSLContext(certs) - self._cnxOpts = {'ssl_context' : ctx} - # 60 second timeout during login - old_timeout = self._cnxOpts.get('timeout') - self._cnxOpts['timeout'] = 60 + # for ssl authentication we use custom a connection class so + # that we can pass our certs try: + old_cnx = (self._cnxClass, self._cnxOpts) + ctx = ssl.SSLCommon.CreateSSLContext(certs) + self._cnxOpts = {'ssl_context' : ctx} + # 60 second timeout during login + self._cnxOpts['timeout'] = 60 self._cnxClass = ssl.SSLCommon.PlgHTTPSConnection if self._port == 80 and not self.explicit_port: self._port = 443 sinfo = self.callMethod('sslLogin', proxyuser) finally: - if old_timeout is None: - del self._cnxOpts['timeout'] - else: - self._cnxOpts['timeout'] = old_timeout + # restore original connection type + self._cnxClass, self._cnxOpts = old_cnx if not sinfo: raise AuthError, 'unable to obtain a session'