summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--tools/certtools.py54
1 files changed, 48 insertions, 6 deletions
diff --git a/tools/certtools.py b/tools/certtools.py
index 405aabd..3a1e582 100644
--- a/tools/certtools.py
+++ b/tools/certtools.py
@@ -107,16 +107,51 @@ def get_opener():
def urlopen(url, data=None):
return get_opener().open(url, data)
+def pyopenssl_https_get(url):
+ """
+ HTTPS GET-function to use when running old Python < 2.7
+ """
+ from OpenSSL import SSL
+ import socket
+
+ # TLSv1 is the best we can get on Python 2.6
+ context = SSL.Context(SSL.TLSv1_METHOD)
+ sock = SSL.Connection(context, socket.socket(socket.AF_INET, socket.SOCK_STREAM))
+
+ url_without_scheme = url.split('https://')[-1]
+ host = url_without_scheme.split('/')[0]
+ path = url_without_scheme.split('/', 1)[1]
+ http_get_request = ("GET /{path} HTTP/1.1\r\n"
+ "Host: {host}\r\n"
+ "\r\n"
+ ).format(path=path, host=host)
+
+ sock.connect((host, 443))
+ sock.write(http_get_request)
+ response = sock.recv(1024)
+ response_lines = response.rsplit('\n')
+
+ # We are only interested in the actual response,
+ # without headers, contained in the last line.
+ return response_lines[len(response_lines) - 1]
+
def get_sth(baseurl):
- result = urlopen(baseurl + "ct/v1/get-sth").read()
+ try:
+ result = urlopen(baseurl + "ct/v1/get-sth").read()
+ except urllib2.URLError:
+ result = pyopenssl_https_get(baseurl + "ct/v1/get-sth")
return json.loads(result)
def get_proof_by_hash(baseurl, hash, tree_size):
try:
params = urllib.urlencode({"hash":base64.b64encode(hash),
"tree_size":tree_size})
- result = \
- urlopen(baseurl + "ct/v1/get-proof-by-hash?" + params).read()
+ try:
+ result = \
+ urlopen(baseurl + "ct/v1/get-proof-by-hash?" + params).read()
+ except urllib2.URLError:
+ result = \
+ pyopenssl_https_get(baseurl + "ct/v1/get-proof-by-hash?" + params)
return json.loads(result)
except urllib2.HTTPError, e:
print "ERROR:", e.read()
@@ -126,8 +161,12 @@ def get_consistency_proof(baseurl, tree_size1, tree_size2):
try:
params = urllib.urlencode({"first":tree_size1,
"second":tree_size2})
- result = \
- urlopen(baseurl + "ct/v1/get-sth-consistency?" + params).read()
+ try:
+ result = \
+ urlopen(baseurl + "ct/v1/get-sth-consistency?" + params).read()
+ except urllib2.URLError:
+ result = \
+ pyopenssl_https_get(baseurl + "ct/v1/get-sth-consistency?" + params)
return json.loads(result)["consistency"]
except urllib2.HTTPError, e:
print "ERROR:", e.read()
@@ -184,10 +223,13 @@ def add_prechain(baseurl, submission):
raise e
def get_entries(baseurl, start, end):
+ params = urllib.urlencode({"start":start, "end":end})
try:
- params = urllib.urlencode({"start":start, "end":end})
result = urlopen(baseurl + "ct/v1/get-entries?" + params).read()
return json.loads(result)
+ except urllib2.URLError:
+ result = pyopenssl_https_get(baseurl + "ct/v1/get-entries?" + params)
+ return json.loads(result)
except urllib2.HTTPError, e:
print "ERROR:", e.read()
sys.exit(1)