update TLS in CSD backend

011d1f54 · Michal Hažlinský · f45651d7 · 011d1f54 · 011d1f54 · 011d1f54
Commit 011d1f54 authored 3 years ago by Michal Hažlinský
--- a/opennsa/backends/junoscsd.py
+++ b/opennsa/backends/junoscsd.py
@@ -23,6 +23,9 @@ from twisted.python import log
 from twisted.web.error import Error as WebError
 from twisted.internet.ssl import ClientContextFactory
+from opennsa.opennsaTlsContext import opennsaTlsContext
+from opennsa.config import Config
 from opennsa import constants as cnt, config
 from opennsa.backends.common import genericbackend
@@ -161,9 +164,9 @@ def _extractErrorMessage(failure):
        return failure.getErrorMessage()
-class WebClientContextFactory(ClientContextFactory):
+class WebClientContextFactory(opennsaTlsContext):
    def getContext(self):
-        return ClientContextFactory.getContext(self)
+        return opennsaTlsContext.getContext(self)
 class CSDConnectionManager:
@@ -224,7 +227,7 @@ class CSDConnectionManager:
    def setupLink(self, connection_id, source_target, dest_target, bandwidth):
        payload = createCSDPayload(connection_id, source_target, dest_target, self.csd_service_def, self.csd_customer_id, self.space_routers, self.csd_descriptions)
        headers = self._createHeaders()
-        contextFactory = WebClientContextFactory()
+        contextFactory = WebClientContextFactory(config.DEFAULT_CERTIFICATE_DIR, None)
        def linkUp(data):
            log.msg('Link %s -> %s up' % (source_target, dest_target), system=LOG_SYSTEM)
@@ -246,7 +249,7 @@ class CSDConnectionManager:
        headers["Accept"] = "*/*"
        headers["Authorization"] = self._createAuthzHeader()
        serviceID = None
-        contextFactory = WebClientContextFactory()
+        contextFactory = WebClientContextFactory(config.DEFAULT_CERTIFICATE_DIR, None)
        def linkDown(data):
            log.msg('Link %s -> %s down' % (source_target, dest_target), system=LOG_SYSTEM)
@@ -261,7 +264,7 @@ class CSDConnectionManager:
            headers = {}
            #headers["Content-Type"] = "application/vnd.net.juniper.space.service-management.service-order+xml;version=2;charset=UTF-8"
            headers["Authorization"] = self._createAuthzHeader()
-            contextFactory = WebClientContextFactory()
+            contextFactory = WebClientContextFactory(config.DEFAULT_CERTIFICATE_DIR, None)
            serviceID = 0
            nsmap={'a': 'services.schema.networkapi.jmp.juniper.net'}
            services = etree.fromstring(data).xpath("/a:Data/a:ServiceResource/a:Service", namespaces=nsmap)

--- a/opennsa/config.py
+++ b/opennsa/config.py
@@ -381,6 +381,7 @@ class Config(object):
        vc[ALLOWED_ADMINS] = [i.strip() for i in allowed_hosts_admins.split(',') if len(i) > 0]
        self._load_backends(vc)
+        return vc
    def _load_certificates(self, vc):
        cfg = self._instance.cfg

--- a/requirements.txt
+++ b/requirements.txt
@@ -3,7 +3,7 @@ twistar>=2.0
 pyOpenSSL>=19.1.0
 junos-eznc
 lxml
-psycopg2>=2.9,<2.10
+psycopg2-binary>=2.9,<2.10
 python-dotenv>=0.19.0
 cryptography>=3.4.8
 python-dateutil>=2.8,<2.9