import traceback
import threading
from Queue import Queue
+import xmlrpclib
import SocketServer
import BaseHTTPServer
import SimpleXMLRPCServer
from sfa.util.cache import Cache
from sfa.trust.certificate import Certificate
from sfa.trust.trustedroots import TrustedRoots
-#can we get rid of that ?
-from sfa.plc.api import PlcSfaApi
+
+# don't hard code an api class anymore here
+from sfa.generic import Generic
##
# Verification callback for pyOpenSSL. We do our own checking of keys because
# and ignore them
# XXX SMBAKER: I don't know what this error is, but it's being returned
+ # xxx thierry: this most likely means the cert has a validity range in the future
# by newer pl nodes.
if err == 9:
#print " X509_V_ERR_CERT_NOT_YET_VALID"
#print " X509_V_ERR_CERT_UNTRUSTED"
return 1
- print " error", err, "in verify_callback"
+ # ignore X509_V_ERR_CERT_SIGNATURE_FAILURE
+ if err == 7:
+ return 1
+
+ logger.debug(" error %s in verify_callback"%err)
return 0
try:
peer_cert = Certificate()
peer_cert.load_from_pyopenssl_x509(self.connection.get_peer_certificate())
- self.api = PlcSfaApi(peer_cert = peer_cert,
- interface = self.server.interface,
- key_file = self.server.key_file,
- cert_file = self.server.cert_file,
- cache = self.cache)
+ generic=Generic.the_flavour()
+ self.api = generic.make_api (peer_cert = peer_cert,
+ interface = self.server.interface,
+ key_file = self.server.key_file,
+ cert_file = self.server.cert_file,
+ cache = self.cache)
+ #logger.info("SecureXMLRpcRequestHandler.do_POST:")
+ #logger.info("interface=%s"%self.server.interface)
+ #logger.info("key_file=%s"%self.server.key_file)
+ #logger.info("api=%s"%self.api)
+ #logger.info("server=%s"%self.server)
+ #logger.info("handler=%s"%self)
# get arguments
request = self.rfile.read(int(self.headers["content-length"]))
remote_addr = (remote_ip, remote_port) = self.connection.getpeername()
self.api.remote_addr = remote_addr
response = self.api.handle(remote_addr, request, self.server.method_map)
- except Exception, fault:
+ except Exception as fault:
# This should only happen if the module is buggy
# internal error, report as HTTP server error
logger.log_exc("server.do_POST")
#self.send_response(500)
#self.end_headers()
- # got a valid response
- self.send_response(200)
- self.send_header("Content-type", "text/xml")
- self.send_header("Content-length", str(len(response)))
- self.end_headers()
- self.wfile.write(response)
-
- # shut down the connection
- self.wfile.flush()
- self.connection.shutdown() # Modified here!
+ # avoid session/connection leaks : do this no matter what
+ finally:
+ self.send_response(200)
+ self.send_header("Content-type", "text/xml")
+ self.send_header("Content-length", str(len(response)))
+ self.end_headers()
+ self.wfile.write(response)
+ self.wfile.flush()
+ # close db connection
+ self.api.close_dbsession()
+ # shut down the connection
+ self.connection.shutdown() # Modified here!
##
# Taken from the web (XXX find reference). Implements an HTTPS xmlrpc server
class SecureXMLRPCServer(BaseHTTPServer.HTTPServer,SimpleXMLRPCServer.SimpleXMLRPCDispatcher):
+
def __init__(self, server_address, HandlerClass, key_file, cert_file, logRequests=True):
- """Secure XML-RPC server.
+ """
+ Secure XML-RPC server.
It it very similar to SimpleXMLRPCServer but it uses HTTPS for transporting XML data.
"""
- logger.debug("SecureXMLRPCServer.__init__, server_address=%s, cert_file=%s"%(server_address,cert_file))
+ logger.debug("SecureXMLRPCServer.__init__, server_address=%s, "
+ "cert_file=%s, key_file=%s"%(server_address,cert_file,key_file))
self.logRequests = logRequests
self.interface = None
self.key_file = key_file
git://git.onelab.eu / sfa.git / blobdiff