"""This server extends BaseHTTPServer and SimpleHTTPServer thusly:
1. One thread per connection.
2. Generates directory listings.
In addition, it has the following properties:
1. Works over HTTPS only.
2. Displays SSL handshaking and SSL session info.
3. Performs SSL renegotiation when a magic url is requested.
TODO:
1. Cache stat() of directory entries.
2. Fancy directory indexing.
3. Interface ZPublisher.
Copyright (c) 1999-2003 Ng Pheng Siong. All rights reserved.
"""
import os, sys
from SimpleHTTPServer import SimpleHTTPRequestHandler
from M2Crypto import Rand, SSL
from M2Crypto.SSL.SSLServer import ThreadingSSLServer
try:
from cStringIO import StringIO
except ImportError:
from StringIO import StringIO
def mkdirlist(path, url):
dirlist = os.listdir(path)
dirlist.sort()
f = StringIO()
f.write("Index listing for %s\r\n" % (url,))
f.write("Index listing for %s
\r\n" % (url,))
f.write("\r\n")
for d in dirlist:
if os.path.isdir(os.path.join(path, d)):
d2 = d + "/"
else:
d2 = d
if url == "/":
f.write('%s
\r\n' % (d, d2))
else:
f.write('%s
\r\n' % (url, d, d2))
f.write("\r\n\r\n")
f.reset()
return f
class HTTP_Handler(SimpleHTTPRequestHandler):
server_version = "https_srv/0.1"
reneg = 0
# Cribbed from SimpleHTTPRequestHander to add the ".der" entry,
# which facilitates installing your own certificates into browsers.
extensions_map = {
"": "text/plain", # Default, *must* be present
".html": "text/html",
".htm": "text/html",
".gif": "image/gif",
".jpg": "image/jpeg",
".jpeg": "image/jpeg",
".der": "application/x-x509-ca-cert",
}
def send_head(self):
if self.path[1:8] == "_reneg_":
self.reneg = 1
self.path = self.path[8:]
path = self.translate_path(self.path)
if os.path.isdir(path):
f = mkdirlist(path, self.path)
filetype = "text/html"
else:
try:
f = open(path, "rb")
filetype = self.guess_type(path)
except IOError:
self.send_error(404, "File not found")
return None
self.send_response(200)
self.send_header("Content-type", filetype)
self.end_headers()
return f
def do_GET(self):
# sess = self.request.get_session()
# self.log_message('\n%s', sess.as_text())
f = self.send_head()
if self.reneg:
self.reneg = 0
self.request.renegotiate()
sess = self.request.get_session()
self.log_message("\n%s", sess.as_text())
if f:
self.copyfile(f, self.wfile)
f.close()
def do_HEAD(self):
# sess = self.request.get_session()
# self.log_message('\n%s', sess.as_text())
f = self.send_head()
if f:
f.close()
class HTTPS_Server(ThreadingSSLServer):
def __init__(self, server_addr, handler, ssl_ctx):
ThreadingSSLServer.__init__(self, server_addr, handler, ssl_ctx)
self.server_name = server_addr[0]
self.server_port = server_addr[1]
def finish(self):
self.request.set_shutdown(SSL.SSL_RECEIVED_SHUTDOWN | SSL.SSL_SENT_SHUTDOWN)
self.request.close()
def init_context(protocol, certfile, cafile, verify, verify_depth=10):
ctx = SSL.Context(protocol)
ctx.load_cert(certfile)
ctx.load_client_ca(cafile)
ctx.load_verify_info(cafile)
ctx.set_verify(verify, verify_depth)
ctx.set_allow_unknown_ca(1)
ctx.set_session_id_ctx("https_srv")
ctx.set_info_callback()
return ctx
if __name__ == "__main__":
from M2Crypto import threading as m2threading
m2threading.init()
if len(sys.argv) < 2:
wdir = "."
else:
wdir = sys.argv[1]
Rand.load_file("../randpool.dat", -1)
ctx = init_context("sslv23", "server.pem", "ca.pem", SSL.verify_none)
# SSL.verify_peer | SSL.verify_fail_if_no_peer_cert)
ctx.set_tmp_dh("dh1024.pem")
os.chdir(wdir)
httpsd = HTTPS_Server(("", 19443), HTTP_Handler, ctx)
httpsd.serve_forever()
Rand.save_file("../randpool.dat")
m2threading.cleanup()