[X2Go-Commits] [pyhoca-gui] 03/03: Provide cmdline option --broker-cacertfile. Enable https:// connections with SSL certificates that have been self-signed against a non-public root-CA certificate file.

[git-admin at x2go.org]

This is an automated email from the git hooks/post-receive script.

x2go pushed a commit to branch master
in repository pyhoca-gui.

commit aa3e4e9e9fb9e6b58b0650e3f273816a070b44a9
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date:   Wed Mar 19 14:55:19 2014 +0100

    Provide cmdline option --broker-cacertfile. Enable https:// connections with SSL certificates that have been self-signed against a non-public root-CA certificate file.
---
 debian/changelog         |    3 +++
 man/man1/pyhoca-gui.1    |    4 ++++
 pyhoca/wxgui/defaults.py |    1 +
 pyhoca/wxgui/frontend.py |    4 ++++
 pyhoca/wxgui/launcher.py |    1 +
 5 files changed, 13 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index a1f6272..d37f807 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -30,6 +30,9 @@ pyhoca-gui (0.5.0.0-0x2go1) UNRELEASED; urgency=low
     - Re-order cmdline sections (man page, defaults.py).
     - Optimize menu rendering. Reduce accessing session profile data as best
       as is possible.
+    - Provide cmdline option --broker-cacertfile. Enable https:// connections
+      with SSL certificates that have been self-signed against a non-public
+      root-CA certificate file.
     - Update English / German translation.
 
  -- Mike Gabriel <mike.gabriel at das-netzwerkteam.de>  Wed, 08 Jan 2014 21:28:37 +0100
diff --git a/man/man1/pyhoca-gui.1 b/man/man1/pyhoca-gui.1
index 44fac9c..85522c1 100644
--- a/man/man1/pyhoca-gui.1
+++ b/man/man1/pyhoca-gui.1
@@ -155,6 +155,10 @@ forbidden.
 Provide a human readable name for the session broker. This name overrides the default broker name ("X2Go Session Broker")
 in the application's menus and notification bubbles.
 .TP
+\*(T<\fB\-\-broker\-cacertfile CACERT_FILE\fR\*(T>
+For https:// brokers with SSL certificates that have been signed against a self-signed root-CA, use this
+command line option to point to the self-signed root-CA certificate file.
+.TP
 \*(T<\fB\-\-broker\-autoconnect\fR\*(T>
 If this command line option is given the session broker authentication dialog will appear on application startup.
 
diff --git a/pyhoca/wxgui/defaults.py b/pyhoca/wxgui/defaults.py
index cc56778..c0ccb5e 100644
--- a/pyhoca/wxgui/defaults.py
+++ b/pyhoca/wxgui/defaults.py
@@ -72,6 +72,7 @@ default_options = {
   'broker_url': '',
   'broker_password': '',
   'broker_name': 'X2Go Session Broker',
+  'broker_cacertfile': '',
   'broker_autoconnect': False,
 
   # branding
diff --git a/pyhoca/wxgui/frontend.py b/pyhoca/wxgui/frontend.py
index b927b83..51e57af 100644
--- a/pyhoca/wxgui/frontend.py
+++ b/pyhoca/wxgui/frontend.py
@@ -228,6 +228,10 @@ class PyHocaGUI(wx.App, x2go.X2GoClient):
         if self.args.broker_name:
             self.broker_name = self.args.broker_name
 
+        self.broker_cacertfile = os.path.expanduser(self.args.broker_cacertfile)
+        if self.broker_cacertfile and os.path.exists(self.broker_cacertfile):
+            os.environ['REQUESTS_CA_BUNDLE'] = self.broker_cacertfile
+
         try:
             if self.args.logon_window_position:
                 self.logon_window_position_x = int(self.args.logon_window_position.split('x')[0])
diff --git a/pyhoca/wxgui/launcher.py b/pyhoca/wxgui/launcher.py
index 9030ddd..c3b9761 100644
--- a/pyhoca/wxgui/launcher.py
+++ b/pyhoca/wxgui/launcher.py
@@ -258,6 +258,7 @@ VERSION: %s
             {'args':['-B','--broker-url'], 'default': _default_options['broker_url'], 'help': 'retrieve session profiles via an X2Go Session Broker under the given URL', },
             {'args':['--broker-password'], 'default': _default_options['broker_password'], 'help': 'password for authenticating against the X2Go Session Broker', },
             {'args':['--broker-name'], 'default': _default_options['broker_name'], 'help': 'tweak the wording of \'X2Go Session Broker\'', },
+            {'args':['--broker-cacertfile'], 'default': _default_options['broker_cacertfile'], 'help': 'for https:// brokers with SSL certificates that have been signed against a self-signed root-CA, use this command line option to point to the self-signed root-CA certificate file', },
             {'args':['--broker-autoconnect'], 'default': _default_options['broker_autoconnect'], 'action': 'store_true', 'help': 'trigger broker authentication directly after application startup', },
         ]
 

--
Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/pyhoca-gui.git