fix: align socket.io tls verification

This commit is contained in:
2025-10-17 21:48:18 -06:00
parent 751c58d2b9
commit 0b391609ae

View File

@@ -533,21 +533,22 @@ class AgentHttpClient:
return {"Authorization": f"Bearer {self.access_token}"}
return {}
def websocket_kwargs(self) -> Dict[str, Any]:
kwargs: Dict[str, Any] = {}
verify = getattr(self.session, "verify", True)
if isinstance(verify, str) and os.path.isfile(verify):
try:
ctx = ssl.create_default_context(cafile=verify)
kwargs["ssl"] = ctx
except Exception:
pass
elif verify is False:
try:
kwargs["ssl"] = ssl._create_unverified_context()
except Exception:
pass
return kwargs
def configure_socketio(self, client: "socketio.AsyncClient") -> None:
"""Align the Socket.IO engine's TLS verification with the REST client."""
try:
verify = getattr(self.session, "verify", True)
engine = getattr(client, "eio", None)
if engine is None:
return
# python-engineio accepts bool, path, or ssl.SSLContext for ssl_verify
if isinstance(verify, str) and os.path.isfile(verify):
engine.ssl_verify = verify
elif verify is False:
engine.ssl_verify = False
else:
engine.ssl_verify = True
except Exception:
pass
# ------------------------------------------------------------------
# Enrollment & token management
@@ -2036,15 +2037,14 @@ async def connect_loop():
while True:
try:
client.ensure_authenticated()
client.configure_socketio(sio)
url = client.websocket_base_url()
print(f"[INFO] Connecting Agent to {url}...")
_log_agent(f'Connecting to {url}...')
ws_kwargs = client.websocket_kwargs()
await sio.connect(
url,
transports=['websocket'],
headers=client.auth_headers(),
**ws_kwargs,
)
break
except Exception as e: