fix: align socket.io tls verification

2025-10-26 17:41:58 -06:00 · 2025-10-17 21:48:18 -06:00
parent 751c58d2b9
commit 0b391609ae
1 changed files with 17 additions and 17 deletions
--- a/Data/Agent/agent.py
+++ b/Data/Agent/agent.py
@@ -533,21 +533,22 @@ class AgentHttpClient:
            return {"Authorization": f"Bearer {self.access_token}"}
        return {}
-    def websocket_kwargs(self) -> Dict[str, Any]:
+    def configure_socketio(self, client: "socketio.AsyncClient") -> None:
-        kwargs: Dict[str, Any] = {}
+        """Align the Socket.IO engine's TLS verification with the REST client."""
-        verify = getattr(self.session, "verify", True)
+        try:
-        if isinstance(verify, str) and os.path.isfile(verify):
+            verify = getattr(self.session, "verify", True)
-            try:
+            engine = getattr(client, "eio", None)
-                ctx = ssl.create_default_context(cafile=verify)
+            if engine is None:
-                kwargs["ssl"] = ctx
+                return
-            except Exception:
+            # python-engineio accepts bool, path, or ssl.SSLContext for ssl_verify
-                pass
+            if isinstance(verify, str) and os.path.isfile(verify):
-        elif verify is False:
+                engine.ssl_verify = verify
-            try:
+            elif verify is False:
-                kwargs["ssl"] = ssl._create_unverified_context()
+                engine.ssl_verify = False
-            except Exception:
+            else:
-                pass
+                engine.ssl_verify = True
-        return kwargs
+        except Exception:
            pass
    # ------------------------------------------------------------------
    # Enrollment & token management
@@ -2036,15 +2037,14 @@ async def connect_loop():
    while True:
        try:
            client.ensure_authenticated()
            client.configure_socketio(sio)
            url = client.websocket_base_url()
            print(f"[INFO] Connecting Agent to {url}...")
            _log_agent(f'Connecting to {url}...')
            ws_kwargs = client.websocket_kwargs()
            await sio.connect(
                url,
                transports=['websocket'],
                headers=client.auth_headers(),
                **ws_kwargs,
            )
            break
        except Exception as e: