diff options
| -rw-r--r-- | ca/tests/testpoke.py | 3 | ||||
| -rw-r--r-- | rpki/config.py | 5 | ||||
| -rw-r--r-- | rpki/http.py | 29 | ||||
| -rw-r--r-- | rpki/left_right.py | 9 | ||||
| -rw-r--r-- | rpki/rootd.py | 2 | ||||
| -rw-r--r-- | rpki/rpkid.py | 3 | ||||
| -rw-r--r-- | rpki/up_down.py | 10 |
7 files changed, 40 insertions, 21 deletions
diff --git a/ca/tests/testpoke.py b/ca/tests/testpoke.py index efa068c9..c28ed397 100644 --- a/ca/tests/testpoke.py +++ b/ca/tests/testpoke.py @@ -105,7 +105,8 @@ def query_up_down(q_pdu): msg = q_der, url = yaml_data["posturl"], callback = done, - errback = fail) + errback = fail, + content_type = rpki.up_down.content_type) def do_list(): query_up_down(rpki.up_down.list_pdu()) diff --git a/rpki/config.py b/rpki/config.py index f38427c4..253e56cf 100644 --- a/rpki/config.py +++ b/rpki/config.py @@ -304,3 +304,8 @@ class parser(object): pass except: logger.warning("insecure-debug-only-rsa-key-db configured but initialization failed, check for corrupted database file") + + try: + rpki.up_down.content_type = self.get("up_down_content_type") + except ConfigParser.NoOptionError: + pass diff --git a/rpki/http.py b/rpki/http.py index 546dd310..71239c7f 100644 --- a/rpki/http.py +++ b/rpki/http.py @@ -38,9 +38,10 @@ import rpki.POW logger = logging.getLogger(__name__) -## @var rpki_content_type -# HTTP content type used for all RPKI messages. -rpki_content_type = "application/x-rpki" +## @var default_content_type +# HTTP content type used for RPKI messages. +# Can be overriden on a per-client or per-server basis. +default_content_type = "application/x-rpki" ## @var want_persistent_client # Whether we want persistent HTTP client streams, when server also supports them. @@ -487,6 +488,7 @@ class http_server(http_stream): def __init__(self, sock, handlers): self.handlers = handlers + self.received_content_type = None http_stream.__init__(self, sock = sock) self.expect_close = not want_persistent_server self.logger.debug("Starting") @@ -503,10 +505,10 @@ class http_server(http_stream): """ Helper method to search self.handlers. """ - for s, h in self.handlers: - if path.startswith(s): - return h - return None + for h in self.handlers: + if path.startswith(h[0]): + return h[1], h[2] if len(h) > 2 else (default_content_type,) + return None, None def handle_message(self): """ @@ -518,12 +520,13 @@ class http_server(http_stream): self.logger.debug("Received request %r", self.msg) if not self.msg.persistent: self.expect_close = True - handler = self.find_handler(self.msg.path) + handler, allowed_content_types = self.find_handler(self.msg.path) + self.received_content_type = self.msg.headers["Content-Type"] error = None if self.msg.cmd != "POST": error = 501, "No handler for method %s" % self.msg.cmd - elif self.msg.headers["Content-Type"] != rpki_content_type: - error = 415, "No handler for Content-Type %s" % self.headers["Content-Type"] + elif self.received_content_type not in allowed_content_types: + error = 415, "No handler for Content-Type %s" % self.received_content_type elif handler is None: error = 404, "No handler for URL %s" % self.msg.path if error is None: @@ -560,7 +563,7 @@ class http_server(http_stream): if code >= 400: self.expect_close = True msg = http_response(code = code, reason = reason, body = body, - Content_Type = rpki_content_type, + Content_Type = self.received_content_type, Connection = "Close" if self.expect_close else "Keep-Alive") self.push(msg.format()) if self.expect_close: @@ -936,7 +939,7 @@ class http_queue(object): # Map of (host, port) tuples to http_queue objects. client_queues = {} -def client(msg, url, callback, errback): +def client(msg, url, callback, errback, content_type = default_content_type): """ Open client HTTP connection, send a message, set up callbacks to handle response. @@ -961,7 +964,7 @@ def client(msg, url, callback, errback): callback = callback, errback = errback, Host = u.hostname, - Content_Type = rpki_content_type) + Content_Type = content_type) hostport = (u.hostname or "localhost", u.port or default_tcp_port) diff --git a/rpki/left_right.py b/rpki/left_right.py index 68ead08f..c8b6d19b 100644 --- a/rpki/left_right.py +++ b/rpki/left_right.py @@ -821,10 +821,11 @@ class parent_elt(data_elt): cb(r_msg) rpki.http.client( - msg = q_der, - url = self.peer_contact_uri, - callback = unwrap, - errback = eb) + msg = q_der, + url = self.peer_contact_uri, + callback = unwrap, + errback = eb, + content_type = rpki.up_down.content_type) class child_elt(data_elt): """ diff --git a/rpki/rootd.py b/rpki/rootd.py index fb445213..78a71bba 100644 --- a/rpki/rootd.py +++ b/rpki/rootd.py @@ -385,4 +385,4 @@ class main(object): rpki.http.server(host = self.http_server_host, port = self.http_server_port, - handlers = self.up_down_handler) + handlers = (("/", self.up_down_handler, rpki.up_down.allowed_content_types),)) diff --git a/rpki/rpkid.py b/rpki/rpkid.py index 36ee2ea9..628209af 100644 --- a/rpki/rpkid.py +++ b/rpki/rpkid.py @@ -145,10 +145,9 @@ class main(object): host = self.http_server_host, port = self.http_server_port, handlers = (("/left-right", self.left_right_handler), - ("/up-down/", self.up_down_handler), + ("/up-down/", self.up_down_handler, rpki.up_down.allowed_content_types), ("/cronjob", self.cronjob_handler))) - def start_cron(self): """ Start clock for rpkid's internal cron process. diff --git a/rpki/up_down.py b/rpki/up_down.py index 73a0ae99..5339e9a7 100644 --- a/rpki/up_down.py +++ b/rpki/up_down.py @@ -36,6 +36,16 @@ logger = logging.getLogger(__name__) xmlns = rpki.relaxng.up_down.xmlns nsmap = rpki.relaxng.up_down.nsmap +## @var content_type +# MIME content type to use when sending up-down queries. +#content_type = "application/rpki-updown" +content_type = "application/x-rpki" + +## @var allowed_content_types +# MIME content types which we consider acceptable for incoming up-down +# queries. +allowed_content_types = ("application/rpki-updown", "application/x-rpki") + class base_elt(object): """ Generic PDU object. |