---
koji/__init__.py | 25 ++++++++++---------------
1 file changed, 10 insertions(+), 15 deletions(-)
diff --git a/koji/__init__.py b/koji/__init__.py
index 58971da..36772bb 100644
--- a/koji/__init__.py
+++ b/koji/__init__.py
@@ -1599,12 +1599,7 @@ class ClientSession(object):
self.explicit_port = bool(_port)
self._path = uri[2]
default_port = 80
- if self.opts.get('certs'):
- ctx = ssl.SSLCommon.CreateSSLContext(self.opts['certs'])
- cnxOpts = {'ssl_context' : ctx}
- cnxClass = ssl.SSLCommon.PlgHTTPSConnection
- default_port = 443
- elif scheme == 'https':
+ if scheme == 'https':
cnxOpts = {}
cnxClass = httplib.HTTPSConnection
default_port = 443
@@ -1737,21 +1732,21 @@ class ClientSession(object):
certs['ca_cert'] = ca
certs['peer_ca_cert'] = serverca
- ctx = ssl.SSLCommon.CreateSSLContext(certs)
- self._cnxOpts = {'ssl_context' : ctx}
- # 60 second timeout during login
- old_timeout = self._cnxOpts.get('timeout')
- self._cnxOpts['timeout'] = 60
+ # for ssl authentication we use custom a connection class so
+ # that we can pass our certs
try:
+ old_cnx = (self._cnxClass, self._cnxOpts)
+ ctx = ssl.SSLCommon.CreateSSLContext(certs)
+ self._cnxOpts = {'ssl_context' : ctx}
+ # 60 second timeout during login
+ self._cnxOpts['timeout'] = 60
self._cnxClass = ssl.SSLCommon.PlgHTTPSConnection
if self._port == 80 and not self.explicit_port:
self._port = 443
sinfo = self.callMethod('sslLogin', proxyuser)
finally:
- if old_timeout is None:
- del self._cnxOpts['timeout']
- else:
- self._cnxOpts['timeout'] = old_timeout
+ # restore original connection type
+ self._cnxClass, self._cnxOpts = old_cnx
if not sinfo:
raise AuthError, 'unable to obtain a session'
--
1.9.3