from sfa.util.cache import Cache
from sfa.trust.certificate import Certificate
from sfa.trust.trustedroots import TrustedRoots
+from sfa.util.py23 import xmlrpc_client
# don't hard code an api class anymore here
from sfa.generic import Generic
# and ignore them
# XXX SMBAKER: I don't know what this error is, but it's being returned
+ # xxx thierry: this most likely means the cert has a validity range in the future
# by newer pl nodes.
if err == 9:
#print " X509_V_ERR_CERT_NOT_YET_VALID"
#print " X509_V_ERR_CERT_UNTRUSTED"
return 1
- print " error", err, "in verify_callback"
+ # ignore X509_V_ERR_CERT_SIGNATURE_FAILURE
+ if err == 7:
+ return 1
+
+ logger.debug(" error %s in verify_callback"%err)
return 0
remote_addr = (remote_ip, remote_port) = self.connection.getpeername()
self.api.remote_addr = remote_addr
response = self.api.handle(remote_addr, request, self.server.method_map)
- except Exception, fault:
+ except Exception as fault:
# This should only happen if the module is buggy
# internal error, report as HTTP server error
logger.log_exc("server.do_POST")
#self.send_response(500)
#self.end_headers()
- # got a valid response
- self.send_response(200)
- self.send_header("Content-type", "text/xml")
- self.send_header("Content-length", str(len(response)))
- self.end_headers()
- self.wfile.write(response)
-
- # shut down the connection
- self.wfile.flush()
- self.connection.shutdown() # Modified here!
+ # avoid session/connection leaks : do this no matter what
+ finally:
+ self.send_response(200)
+ self.send_header("Content-type", "text/xml")
+ self.send_header("Content-length", str(len(response)))
+ self.end_headers()
+ self.wfile.write(response)
+ self.wfile.flush()
+ # close db connection
+ self.api.close_dbsession()
+ # shut down the connection
+ self.connection.shutdown() # Modified here!
##
# Taken from the web (XXX find reference). Implements an HTTPS xmlrpc server
class SecureXMLRPCServer(BaseHTTPServer.HTTPServer,SimpleXMLRPCServer.SimpleXMLRPCDispatcher):
def __init__(self, server_address, HandlerClass, key_file, cert_file, logRequests=True):
- """Secure XML-RPC server.
+ """
+ Secure XML-RPC server.
It it very similar to SimpleXMLRPCServer but it uses HTTPS for transporting XML data.
"""
- logger.debug("SecureXMLRPCServer.__init__, server_address=%s, cert_file=%s"%(server_address,cert_file))
+ logger.debug("SecureXMLRPCServer.__init__, server_address=%s, "
+ "cert_file=%s, key_file=%s"%(server_address,cert_file,key_file))
self.logRequests = logRequests
self.interface = None
self.key_file = key_file
# can't use format_exc() as it is not available in jython yet
# (even in trunk).
type, value, tb = sys.exc_info()
- raise xmlrpclib.Fault(1,''.join(traceback.format_exception(type, value, tb)))
+ raise xmlrpc_client.Fault(1,''.join(traceback.format_exception(type, value, tb)))
# override this one from the python 2.7 code
# originally defined in class TCPServer