pyAMF客戶端在哪裏（代碼中的哪個點）接受SSL證書？

Question

我已經設置了偵聽SSL端口的服務器。我能夠連接到它，並有適當的憑據我可以訪問服務（回波服務在下面的例子中）

下面的代碼工作正常，但我不明白客戶端接受證書

服務器：

import os.path 
import logging 
import cherrypy 
from pyamf.remoting.gateway.wsgi import WSGIGateway 

logging.basicConfig(
    level=logging.DEBUG, 
    format='%(asctime)s %(levelname)-5.5s [%(name)s] %(message)s' 
) 

def auth(username, password): 
    users = {"user": "pwd"} 
    if (users.has_key(username) and users[username] == password): 
      return True 
    return False 

def echo(data): 
    return data 

class Root(object): 
    @cherrypy.expose 
    def index(self): 
      return "This is your main website" 

gateway = WSGIGateway({'myservice.echo': echo,}, logger=logging, debug=True, authenticator=auth) 

localDir = os.path.abspath(os.path.dirname(__file__)) 
CA = os.path.join(localDir, 'new.cert.cert') 
KEY = os.path.join(localDir, 'new.cert.key') 
global_conf = {'global': {'server.socket_port': 8443, 
         'environment': 'production', 
         'log.screen': True, 
         'server.ssl_certificate': CA, 
         'server.ssl_private_key': KEY}} 

cherrypy.tree.graft(gateway, '/gateway/') 
cherrypy.quickstart(Root(), config=global_conf) 

客戶：

import logging 
from pyamf.remoting.client import RemotingService 

logging.basicConfig(
    level=logging.DEBUG, 
    format='%(asctime)s %(levelname)-5.5s [%(name)s] %(message)s' 
) 

client = RemotingService('https://localhost:8443/gateway', logger=logging) 
client.setCredentials('user', 'pwd') 

service = client.getService('myservice') 
print service.echo('Echo this') 

現在，當我運行它，它運行行，客戶端日誌低於：

2010-01-18 00:50:56,323 INFO [root] Connecting to https://localhost:8443/gateway 
2010-01-18 00:50:56,323 DEBUG [root] Referer: None 
2010-01-18 00:50:56,323 DEBUG [root] User-Agent: PyAMF/0.5.1 
2010-01-18 00:50:56,323 DEBUG [root] Adding request myservice.echo('Echo this',) 
2010-01-18 00:50:56,324 DEBUG [root] Executing single request: /1 
2010-01-18 00:50:56,324 DEBUG [root] AMF version: 0 
2010-01-18 00:50:56,324 DEBUG [root] Client type: 0 
2010-01-18 00:50:56,326 DEBUG [root] Sending POST request to /gateway 
2010-01-18 00:50:56,412 DEBUG [root] Waiting for response... 
2010-01-18 00:50:56,467 DEBUG [root] Got response status: 200 
2010-01-18 00:50:56,467 DEBUG [root] Content-Type: application/x-amf 
2010-01-18 00:50:56,467 DEBUG [root] Content-Length: 41 
2010-01-18 00:50:56,467 DEBUG [root] Server: PyAMF/0.5.1 Python/2.5.2 
2010-01-18 00:50:56,467 DEBUG [root] Read 41 bytes for the response 
2010-01-18 00:50:56,468 DEBUG [root] Response: <Envelope amfVersion=0 clientType=0> 
(u'/1', <Response status=/onResult>u'Echo this'</Response>) 
</Envelope> 
2010-01-18 00:50:56,468 DEBUG [root] Removing request: /1 
Echo this 

線2010-01-18 00：50：56467 DEBUG [根]讀爲響應41個字節看起來可疑，由於響應太短（證書是〜1K），我希望證書傳輸在調試日誌中。

問題：客戶端在哪個時間接受證書？它將在哪裏被默認存儲？哪個配置參數設置了默認位置？

Answer 1

PyAMF在底層使用httplib來提供遠程請求。當通過https://連接時，使用httplib.HTTPSConnection作爲connection屬性到RemotingService。

它在文檔中指出（參考HTTPSConnection）：

注：這並不做任何證書驗證

所以，在回答你的問題的證書基本上是忽略不計，即使您向connection提供key_file/cert_file參數。

實際忽略完成時connect方法被調用 - 當請求實際上是到網關製成..

[根]發送POST請求/網關

的Read 41 bytes for the response是未加密的http響應長度。

此答案可能不包含所有您需要的信息，但應該通過某種方式來解釋您所看到的行爲。