iro.hg: comparison iro/xmlrpc/SecureXMLRPCServer.py

equal deleted inserted replaced

-:4cf5e664c847
+:3406d3bf05d4
-"""
-SecureXMLRPCServer module using pyOpenSSL 0.5
-Written 0907.2002
-by Michal Wallace
-http://www.sabren.net/
-This acts exactly like SimpleXMLRPCServer
-from the standard python library, but
-uses secure connections. The technique
-and classes should work for any SocketServer
-style server. However, the code has not
-been extensively tested.
-This code is in the public domain.
-It is provided AS-IS WITH NO WARRANTY WHATSOEVER.
-"""
-import SocketServer
-import os, socket
-import SimpleXMLRPCServer
-from OpenSSL import SSL
-class SSLWrapper:
-"""
-This whole class exists just to filter out a parameter
-passed in to the shutdown() method in SimpleXMLRPC.doPOST()
-"""
-def __init__(self, conn):
-"""
-Connection is not yet a new-style class,
-so I'm making a proxy instead of subclassing.
-"""
-self.__dict__["conn"] = conn
-def __getattr__(self,name):
-return getattr(self.__dict__["conn"], name)
-def __setattr__(self,name, value):
-setattr(self.__dict__["conn"], name, value)
-def shutdown(self, how=1):
-"""
-SimpleXMLRpcServer.doPOST calls shutdown(1),
-and Connection.shutdown() doesn't take
-an argument. So we just discard the argument.
-"""
-self.__dict__["conn"].shutdown()
-def accept(self):
-"""
-This is the other part of the shutdown() workaround.
-Since servers create new sockets, we have to infect
-them with our magic. :)
-"""
-c, a = self.__dict__["conn"].accept()
-return (SSLWrapper(c), a)
-class SecureTCPServer(SocketServer.TCPServer):
-"""
-Just like TCPServer, but use a socket.
-This really ought to let you specify the key and certificate files.
-"""
-def __init__(self, server_address, RequestHandlerClass,certificate,privatekey):
-SocketServer.BaseServer.__init__(self, server_address, RequestHandlerClass)
-## Same as normal, but make it secure:
-ctx = SSL.Context(SSL.SSLv23_METHOD)
-ctx.set_options(SSL.OP_NO_SSLv2)
-ctx.use_privatekey_file (privatekey)
-ctx.use_certificate_file(certificate)
-self.socket = SSLWrapper(SSL.Connection(ctx, socket.socket(self.address_family,
-self.socket_type)))
-self.server_bind()
-self.server_activate()
-class SecureXMLRPCRequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler):
-def setup(self):
-"""
-We need to use socket._fileobject Because SSL.Connection
-doesn't have a 'dup'. Not exactly sure WHY this is, but
-this is backed up by comments in socket.py and SSL/connection.c
-"""
-self.connection = self.request # for doPOST
-self.rfile = socket._fileobject(self.request, "rb", self.rbufsize)
-self.wfile = socket._fileobject(self.request, "wb", self.wbufsize)
-class SecureXMLRPCServer(SimpleXMLRPCServer.SimpleXMLRPCServer, SecureTCPServer):
-def __init__(self, addr,
-requestHandler=SecureXMLRPCRequestHandler,
-certificate="server.cert",privatekey="server.pem",
-logRequests=1):
-"""
-This is the exact same code as SimpleXMLRPCServer.__init__
-except it calls SecureTCPServer.__init__ instead of plain
-old TCPServer.__init__
-"""
-self.funcs = {}
-self.logRequests = logRequests
-self.instance = None
-SimpleXMLRPCServer.SimpleXMLRPCDispatcher.__init__(self,False,None)
-SecureTCPServer.__init__(self, addr, requestHandler,certificate=certificate,privatekey=privatekey)
-def test():
-server = SecureXMLRPCServer.SecureXMLRPCServer(("localhost", 8000),requestHandler=SecureXMLRPCRequestHandler,certificate="./certs/test.cert.pem",privatekey="./certs/test.key.pem")
-server.register_introspection_functions()
-server.register_function(lambda x: x*x, 'square')
-server.serve_forever()
-if __name__ == '__main__':
-test()

branch	devel
changeset 240	3406d3bf05d4
parent 239	4cf5e664c847
child 241	546316b0b09c