Add option to skip ssl validation on rpc

2021-12-06 18:55:36 +01:00 · 2021-12-06 18:55:36 +01:00 · becd6744f6
parent 06c6b2562a
commit becd6744f6
6 changed files with 28 additions and 6 deletions
--- a/4
+++ b/4
@ -1,4 +1,6 @@
- 0.0.5-pending
+- 0.0.14
+	* Add option to skip ssl verification on rpc
+- 0.0.5
 	* Move eth code to separate package
 - 0.0.4-unreleased
 	* Add pack tx from already signed tx struct
--- a/chainlib/chain.py
+++ b/chainlib/chain.py
@ -186,10 +186,17 @@ class ChainSpec:
        return r


-    def __str__(self):
+    def as_string(self, skip_optional=False):
        s = '{}:{}:{}'.format(self.o['arch'], self.o['fork'], self.o['network_id'])
+        if skip_optional:
+            return s
+
        if self.o.get('common_name'):
            s += ':' + self.o['common_name']
        if self.o.get('custom'):
            s += ':' + ':'.join(self.o['custom'])
        return s
+
+
+    def __str__(self):
+        return self.as_string()        
--- a/chainlib/cli/rpc.py
+++ b/chainlib/cli/rpc.py
@ -61,7 +61,7 @@ class Rpc:
            self.id_generator = IntSequenceGenerator()

        self.chain_spec = config.get('CHAIN_SPEC')
-        self.conn = self.constructor(url=config.get('RPC_PROVIDER'), chain_spec=self.chain_spec, auth=auth)
+        self.conn = self.constructor(url=config.get('RPC_PROVIDER'), chain_spec=self.chain_spec, auth=auth, verify_identity=config.true('RPC_VERIFY'))

        return self.conn

--- a/chainlib/connection.py
+++ b/chainlib/connection.py
@ -102,10 +102,13 @@ class RPCConnection:
        }
    __constructors_for_chains = {}

-    def __init__(self, url=None, chain_spec=None, auth=None):
+    def __init__(self, url=None, chain_spec=None, auth=None, verify_identity=True):
        self.chain_spec = chain_spec
        self.location = None
        self.basic = None
+        self.verify_identity = verify_identity
+        if not self.verify_identity:
+            logg.warning('RPC host identity verification is OFF. Beware, you will be easy to cheat')
        if url == None:
            return
        self.auth = auth
@ -287,6 +290,11 @@ class JSONRPCHTTPConnection(HTTPConnection):
        :returns: Result value part of JSON RPC response
        :todo: Invalid response exception from invalid json response
        """
+        ssl_ctx = None
+        if not self.verify_identity:
+            import ssl
+            ssl_ctx = ssl.SSLContext()
+            ssl_ctx.verify_mode = ssl.CERT_NONE
        req = Request(
                self.location,
                method='POST',
@ -313,7 +321,11 @@ class JSONRPCHTTPConnection(HTTPConnection):
            install_opener(ho)

        try: 
-            r = urlopen(req, data=data.encode('utf-8'))
+            r = urlopen(
+                req,
+                data=data.encode('utf-8'),
+                context=ssl_ctx,
+                )
        except URLError as e:
            raise RPCException(e)

--- a/chainlib/data/config/config.ini
+++ b/chainlib/data/config/config.ini
@ -4,6 +4,7 @@ auth =
 credentials =
 dialect = default
 scheme = http
+verify = 1

 [chain]
 spec = 
--- a/setup.cfg
+++ b/setup.cfg
@ -6,7 +6,7 @@ name=chainlib
 license=WTFPL2
 author_email=dev@holbrook.no
 description=Generic blockchain access library and tooling
-version=0.0.12
+version=0.0.14
 url=https://gitlab.com/chaintools/chainlib
 author=Louis Holbrook