Use pyOpenSSL instead of M2Crypto for X509 validation (!32) · Merge requests · IGWN Computing and Software / DQSegDB / DQSegDB Client

Duncan Macleod requested to merge github/fork/duncanmmacleod/openssl into master Feb 17, 2017

This PR modifies dqsegdb.urifunctions to use pyOpenSSL instead of M2Crypto when validating the X509 proxy.

This has been tested on python-2.7 via

ligolw_segment_query_dqsegdb --ping --segment-url https://segments.ligo.org

Included in this PR is a slight modification to urifunctions.findCredential to just raise a RuntimeError if the certificates cannot be found, rather than the custom RFCproxyUsage() message.

This adds a new dependency on pyOpenSSL, which is reflected in changes to .travis.yml, setup.py, and requirements.txt, but I'm not sure if this needs to be captured somewhere else as well for .deb or .rpm packaging.

Use pyOpenSSL instead of M2Crypto for X509 validation

Merge request reports