From 80d5efc93dff54fb5e7daa96daf75e1b664cd3a0 Mon Sep 17 00:00:00 2001
From: Stefan Hellander <stefan@scaleoutsystems.com>
Date: Wed, 15 Nov 2023 14:34:41 +0100
Subject: [PATCH 1/3] Fixes problem with download of ssl cert when using python
 3.9

---
 fedn/fedn/network/clients/client.py | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/fedn/fedn/network/clients/client.py b/fedn/fedn/network/clients/client.py
index b003136e8..191f918a7 100644
--- a/fedn/fedn/network/clients/client.py
+++ b/fedn/fedn/network/clients/client.py
@@ -4,6 +4,7 @@
 import os
 import queue
 import re
+import socket
 import ssl
 import sys
 import tempfile
@@ -15,7 +16,9 @@
 from io import BytesIO
 
 import grpc
+from cryptography.hazmat.primitives.serialization import Encoding
 from google.protobuf.json_format import MessageToJson
+from OpenSSL import SSL
 
 import fedn.common.net.grpc.fedn_pb2 as fedn
 import fedn.common.net.grpc.fedn_pb2_grpc as rpc
@@ -149,6 +152,20 @@ def _add_grpc_metadata(self, key, value):
         # Set metadata using tuple concatenation
         self.metadata += ((key, value),)
 
+    def _get_ssl_certificate(self, domain, port=443):
+        context = SSL.Context(SSL.SSLv23_METHOD)
+        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+        sock.connect((domain, port))
+        ssl_sock = SSL.Connection(context, sock)
+        ssl_sock.set_tlsext_host_name(domain.encode())
+        ssl_sock.set_connect_state()
+        ssl_sock.do_handshake()
+        cert = ssl_sock.get_peer_certificate()
+        ssl_sock.close()
+        sock.close()
+        cert = cert.to_cryptography().public_bytes(Encoding.PEM).decode()
+        return cert
+
     def _connect(self, client_config):
         """Connect to assigned combiner.
 
@@ -186,7 +203,7 @@ def _connect(self, client_config):
         elif self.config['secure']:
             secure = True
             print("CLIENT: using CA certificate for GRPC channel")
-            cert = ssl.get_server_certificate((host, port))
+            cert = self._get_ssl_certificate(host, port=port)
 
             credentials = grpc.ssl_channel_credentials(cert.encode('utf-8'))
             if self.config['token']:

From 6e58f98a790a113bafbb484d19d2291cfae144b2 Mon Sep 17 00:00:00 2001
From: Stefan Hellander <stefan@scaleoutsystems.com>
Date: Wed, 15 Nov 2023 14:37:56 +0100
Subject: [PATCH 2/3] Removed unused import of ssl.

---
 fedn/fedn/network/clients/client.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/fedn/fedn/network/clients/client.py b/fedn/fedn/network/clients/client.py
index 191f918a7..e27616925 100644
--- a/fedn/fedn/network/clients/client.py
+++ b/fedn/fedn/network/clients/client.py
@@ -5,7 +5,6 @@
 import queue
 import re
 import socket
-import ssl
 import sys
 import tempfile
 import threading

From 2c1bf98546cfd3ece5a1c139b07eb2e231512167 Mon Sep 17 00:00:00 2001
From: Stefan Hellander <stefan@scaleoutsystems.com>
Date: Wed, 15 Nov 2023 15:20:56 +0100
Subject: [PATCH 3/3] Bumped versions of grpcio and grpcio-tools. Removed
 support for Python 3.7, added support for 3.11, 3.12

---
 fedn/setup.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/fedn/setup.py b/fedn/setup.py
index 62888ce09..2de738f4d 100644
--- a/fedn/setup.py
+++ b/fedn/setup.py
@@ -8,15 +8,15 @@
     author_email='contact@scaleoutsystems.com',
     url='https://www.scaleoutsystems.com',
     py_modules=['fedn'],
-    python_requires='>=3.7,<3.11',
+    python_requires='>=3.8,<=3.12',
     install_requires=[
         "PyYAML>=5.4",
         "requests",
         "urllib3>=1.26.4",
         "minio",
         "python-slugify",
-        "grpcio~=1.48.0",
-        "grpcio-tools",
+        "grpcio~=1.59.0",
+        "grpcio-tools~=1.59.0",
         "numpy>=1.21.6",
         "protobuf",
         "pymongo",