Checkpoint

svn path=/scripts/http-client.py; revision=843

3 files changed, 58 insertions, 117 deletions

diff --git a/scripts/http-client.py b/scripts/http-client.py
index 02af3659..ed1019fa 100644
--- a/scripts/http-client.py
+++ b/scripts/http-client.py
@@ -1,40 +1,6 @@
 # $Id$
 
-import httplib, tlslite.api
+import rpki.https
 
-certChain = []
-for file in ("biz-certs/Dave-EE.cer", "biz-certs/Dave-CA.cer"):
-  f = open(file, "r")
-  x509 = tlslite.api.X509()
-  x509.parse(f.read())
-  f.close()
-  certChain.append(x509)
-certChain = tlslite.api.X509CertChain(certChain)
-
-f = open("biz-certs/Dave-EE.key", "r")
-privateKey = tlslite.api.parsePEMKey(f.read(), private=True)
-f.close()
-
-x509TrustList = []
-for file in ("biz-certs/Alice-Root.cer", "biz-certs/Bob-Root.cer", "biz-certs/Carol-Root.cer"):
-  f = open(file, "r")
-  x509 = tlslite.api.X509()
-  x509.parse(f.read())
-  f.close()
-  x509TrustList.append(x509)
-
-https = tlslite.api.HTTPTLSConnection(host="localhost", port=4433, certChain=certChain, privateKey=privateKey, x509TrustList=x509TrustList)
-
-https.connect()
-https.request("POST", "/", "This is a test.  This is only a test.  Had this been real you would now be really confused.\n", {"Content-Type":"application/wombat"})
-response = https.getresponse()
-
-for h in response.getheaders():
-  print "%s: %s" % h
-print
-if response.status == httplib.OK:
-  print "OK"
-else:
-  print "Ouch"
-print
-print response.read()
+certInfo = rpki.https.CertInfo("Dave")
+print rpki.https.client(certInfo=certInfo, msg="This is a test.  This is only a test.  Had this been real you would now be really confused.\n")
diff --git a/scripts/http-server.py b/scripts/http-server.py
index 4417bf84..8c302b9b 100644
--- a/scripts/http-server.py
+++ b/scripts/http-server.py
@@ -1,54 +1,26 @@
 # $Id$
 
-import BaseHTTPServer, tlslite.api
-
-class requestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
-
-  def do_POST(self):
-    echo = ""
-    for h in self.headers:
-      echo += "%s: %s\n" % (h, self.headers[h])
-    self.query_string = self.rfile.read(int(self.headers["Content-Length"]))
-    echo += self.query_string
-
-    if False:
-      f = open("http-server.log", "a")
-      f.write(echo)
-      f.close()
-
-    self.send_response(200)
-    self.send_header("Content-Type", "application/x-wombat")
-    self.end_headers()
-
-    self.wfile.write(echo)
-
-certChain = []
-for file in ("biz-certs/Carol-EE.cer", "biz-certs/Carol-CA.cer"):
-  f = open(file, "r")
-  x509 = tlslite.api.X509()
-  x509.parse(f.read())
+import rpki.https, tlslite.api
+
+if False:
+  certInfo = rpki.https.CertInfo("Carol")
+else:
+  certInfo = rpki.https.CertInfo()
+
+  certChain = []
+  for file in ("biz-certs/Carol-EE.cer", "biz-certs/Carol-CA.cer"):
+    f = open(file, "r")
+    x509 = tlslite.api.X509()
+    x509.parse(f.read())
+    f.close()
+    certChain.append(x509)
+  certInfo.certChain = tlslite.api.X509CertChain(certChain)
+
+  f = open("biz-certs/Carol-EE.key", "r")
+  certInfo.privateKey = tlslite.api.parsePEMKey(f.read(), private=True)
   f.close()
-  certChain.append(x509)
-certChain = tlslite.api.X509CertChain(certChain)
-
-f = open("biz-certs/Carol-EE.key", "r")
-privateKey = tlslite.api.parsePEMKey(f.read(), private=True)
-f.close()
-
-sessionCache = tlslite.api.SessionCache()
-
-class httpServer(tlslite.api.TLSSocketServerMixIn, BaseHTTPServer.HTTPServer):
 
-  def handshake(self, tlsConnection):
-    try:
-      tlsConnection.handshakeServer(certChain=certChain,
-                                    privateKey=privateKey,
-                                    sessionCache=sessionCache)
-      tlsConnection.ignoreAbruptClose = True
-      return True
-    except tlslite.api.TLSError, error:
-      print "TLS handshake failure:", str(error)
-      return False
+def handler(self, query):
+  return 200, "I got:\n" + query
 
-httpd = httpServer(("", 4433), requestHandler)
-httpd.serve_forever()
+rpki.https.server(certInfo=certInfo, handler=handler)
diff --git a/scripts/rpki/https.py b/scripts/rpki/https.py
index f63b12ba..7d89fe3e 100644
--- a/scripts/rpki/https.py
+++ b/scripts/rpki/https.py
@@ -14,39 +14,40 @@ rpki_content_type = "application/x-rpki"
 
 class CertInfo(object):
 
-  self.cert-dir = "biz-certs/"
+  cert_dir = "biz-certs/"
 
-  def __init__(self, myname):
+  def __init__(self, myname=None):
 
-    f = open(self.cert-dir + myname + "-EE.key", "r")
-    self.privateKey = tlslite.api.parsePEMKey(f.read(), private=True)
-    f.close()
+    if myname is not None:
 
-    chain = []
-    for file in glob.glob(self.cert-dir + myname + "-*.cer"):
-      f = open(file, "r")
-      x509 = tlslite.api.X509()
-      x509.parse(f.read())
+      f = open(self.cert_dir + myname + "-EE.key", "r")
+      self.privateKey = tlslite.api.parsePEMKey(f.read(), private=True)
       f.close()
-      chain.append(x509)
-    self.certChain = tlslite.api.X509CertChain(chain)
 
-    self.x509TrustList = []
-    for file in glob.glob(self.cert-dir + "*-Root.cer"):
-      if file != self.cert-dir + myname + "-Root.cer":
+      chain = []
+      for file in glob.glob(self.cert_dir + myname + "-*.cer"):
         f = open(file, "r")
         x509 = tlslite.api.X509()
         x509.parse(f.read())
         f.close()
-        x509TrustList.append(x509)
-
-    return {"privateKey"    : privateKey,
-            "certChain"     : certChain,
-            "x509TrustList" : x509TrustList}
-
+        chain.append(x509)
+      self.certChain = tlslite.api.X509CertChain(chain)
+
+      self.x509TrustList = []
+      for file in glob.glob(self.cert_dir + "*-Root.cer"):
+        if file != self.cert_dir + myname + "-Root.cer":
+          f = open(file, "r")
+          x509 = tlslite.api.X509()
+          x509.parse(f.read())
+          f.close()
+          self.x509TrustList.append(x509)
 
 def client(msg, certInfo, host="localhost", port=4433, url="/"):
-  httpc = tlslite.api.HTTPTLSConnection(host, port, privateKey=certInfo.privatekey, certChain=certInfo.certChain, x509TrustList=certInfo.x509TrustList)
+  httpc = tlslite.api.HTTPTLSConnection(host=host,
+                                        port=port,
+                                        certChain=certInfo.certChain,
+                                        privateKey=certInfo.privateKey,
+                                        x509TrustList=certInfo.x509TrustList)
   httpc.connect()
   httpc.request("POST", url, msg, {"Content-Type" : rpki_content_type})
   response = httpc.getresponse()
@@ -68,13 +69,15 @@ class requestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
 
 class httpServer(tlslite.api.TLSSocketServerMixIn, BaseHTTPServer.HTTPServer):
 
-  rpki_certChain = None                 # Must be set
-  rpki_privateKey = None                # Must be set
-  rpki_sessionCache = None              # Must be set
-
+  rpki_certChain = None
+  rpki_privateKey = None
+  rpki_sessionCache = None
+  
   def handshake(self, tlsConnection):
+    assert self.rpki_certChain is not None
+    assert self.rpki_privateKey is not None
+    assert self.rpki_sessionCache is not None
     try:
-      assert sessionCache
       tlsConnection.handshakeServer(certChain=self.rpki_certChain,
                                     privateKey=self.rpki_privateKey,
                                     sessionCache=self.rpki_sessionCache)
@@ -84,7 +87,7 @@ class httpServer(tlslite.api.TLSSocketServerMixIn, BaseHTTPServer.HTTPServer):
       print "TLS handshake failure:", str(error)
       return False
 
-def server(handler=None, port=4433, privateKey=None, certChain=None, **kwargs):
+def server(handler, certInfo, port=4433, host=""):
 
   # BaseHTTPServer.HTTPServer takes a class, not an instance, so
   # binding our handler requires creating a new subclass.  Weird.
@@ -92,9 +95,9 @@ def server(handler=None, port=4433, privateKey=None, certChain=None, **kwargs):
   class boundRequestHandler(requestHandler):
     rpki_handler = handler
 
-  httpd = httpServer(("", 4433), boundRequestHandler)
-  httpd.rpki_privateKey = privateKey
-  httpd.rpki_certChain = certChain
+  httpd = httpServer((host, port), boundRequestHandler)
+  httpd.rpki_privateKey = certInfo.privateKey
+  httpd.rpki_certChain = certInfo.certChain
   httpd.rpki_sessionCache = tlslite.api.SessionCache()
 
   httpd.serve_forever()