def _check_ssl_cert(self): """Preflight the SSL certificate presented by the backend. This isn't 100% bulletproof, in that we're not actually validating the transport used to communicate with Ping++, merely that the first attempt to does not use a revoked certificate. Unfortunately the interface to OpenSSL doesn't make it easy to check the certificate before sending potentially sensitive data on the wire. This approach raises the bar for an attacker significantly.""" from pingpp import verify_ssl_certs if verify_ssl_certs and not self._CERTIFICATE_VERIFIED: uri = urlparse.urlparse(pingpp.api_base) try: certificate = ssl.get_server_certificate( (uri.hostname, uri.port or 443), ssl_version=3) der_cert = ssl.PEM_cert_to_DER_cert(certificate) except socket.error, e: raise error.APIConnectionError(e) except TypeError: # The Google App Engine development server blocks the C socket # module which causes a type error when using the SSL library if util.is_appengine_dev(): self._CERTIFICATE_VERIFIED = True warnings.warn( 'We were unable to verify Ping++\'s SSL certificate ' 'due to a bug in the Google App Engine development ' 'server. Please alert us immediately at ' '[email protected] if this message appears in your ' 'production logs.') return else: raise
import datetime import platform import time import socket import urllib import urlparse import warnings import json import pingpp from pingpp import error, http_client, version, util, certificate_blacklist try: import ssl except ImportError: if util.is_appengine_dev(): warnings.warn( 'We were unable to import the ssl module due to a bug in the ' 'Google App Engine development server. For more details and ' 'suggested resolutions see: ' 'https://code.google.com/p/googleappengine/issues/detail?id=9246.' 'Please alert us immediately at [email protected] if this ' 'message appears in your production logs.') raise def _encode_datetime(dttime): if dttime.tzinfo and dttime.tzinfo.utcoffset(dttime) is not None: utc_timestamp = calendar.timegm(dttime.utctimetuple()) else: utc_timestamp = time.mktime(dttime.timetuple())