X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fserver%2Fthreadedserver.py;h=daf40e45d44d009b77a85dff5be255dd50fb876b;hb=a0ef6e7c91c3c8fa376943d28fec8c5c204a78cd;hp=7a9c368bd4e7aa6ed6fc47283e0ee15193bd610f;hpb=14ca7e52f6af8accc0ba6e362e2a674ea4579e7f;p=sfa.git diff --git a/sfa/server/threadedserver.py b/sfa/server/threadedserver.py index 7a9c368b..daf40e45 100644 --- a/sfa/server/threadedserver.py +++ b/sfa/server/threadedserver.py @@ -11,6 +11,7 @@ import socket import traceback import threading from Queue import Queue +import xmlrpclib import SocketServer import BaseHTTPServer import SimpleXMLRPCServer @@ -42,6 +43,7 @@ def verify_callback(conn, x509, err, depth, preverify): # and ignore them # XXX SMBAKER: I don't know what this error is, but it's being returned + # xxx thierry: this most likely means the cert has a validity range in the future # by newer pl nodes. if err == 9: #print " X509_V_ERR_CERT_NOT_YET_VALID" @@ -71,7 +73,11 @@ def verify_callback(conn, x509, err, depth, preverify): #print " X509_V_ERR_CERT_UNTRUSTED" return 1 - print " error", err, "in verify_callback" + # ignore X509_V_ERR_CERT_SIGNATURE_FAILURE + if err == 7: + return 1 + + logger.debug(" error %s in verify_callback"%err) return 0 @@ -113,7 +119,7 @@ class SecureXMLRpcRequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler): remote_addr = (remote_ip, remote_port) = self.connection.getpeername() self.api.remote_addr = remote_addr response = self.api.handle(remote_addr, request, self.server.method_map) - except Exception, fault: + except Exception as fault: # This should only happen if the module is buggy # internal error, report as HTTP server error logger.log_exc("server.do_POST") @@ -121,27 +127,31 @@ class SecureXMLRpcRequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler): #self.send_response(500) #self.end_headers() - # got a valid response - self.send_response(200) - self.send_header("Content-type", "text/xml") - self.send_header("Content-length", str(len(response))) - self.end_headers() - self.wfile.write(response) - - # shut down the connection - self.wfile.flush() - self.connection.shutdown() # Modified here! + # avoid session/connection leaks : do this no matter what + finally: + self.send_response(200) + self.send_header("Content-type", "text/xml") + self.send_header("Content-length", str(len(response))) + self.end_headers() + self.wfile.write(response) + self.wfile.flush() + # close db connection + self.api.close_dbsession() + # shut down the connection + self.connection.shutdown() # Modified here! ## # Taken from the web (XXX find reference). Implements an HTTPS xmlrpc server class SecureXMLRPCServer(BaseHTTPServer.HTTPServer,SimpleXMLRPCServer.SimpleXMLRPCDispatcher): def __init__(self, server_address, HandlerClass, key_file, cert_file, logRequests=True): - """Secure XML-RPC server. + """ + Secure XML-RPC server. It it very similar to SimpleXMLRPCServer but it uses HTTPS for transporting XML data. """ - logger.debug("SecureXMLRPCServer.__init__, server_address=%s, cert_file=%s"%(server_address,cert_file)) + logger.debug("SecureXMLRPCServer.__init__, server_address=%s, " + "cert_file=%s, key_file=%s"%(server_address,cert_file,key_file)) self.logRequests = logRequests self.interface = None self.key_file = key_file