diff options
| -rw-r--r-- | rpki/config.py | 5 | ||||
| -rw-r--r-- | rpki/http.py | 29 | ||||
| -rw-r--r-- | rpki/left_right.py | 9 | ||||
| -rw-r--r-- | rpki/rootd.py | 2 | ||||
| -rw-r--r-- | rpki/rpkid.py | 3 | ||||
| -rw-r--r-- | rpki/up_down.py | 11 |
6 files changed, 38 insertions, 21 deletions
diff --git a/rpki/config.py b/rpki/config.py index b8d25896..077f9350 100644 --- a/rpki/config.py +++ b/rpki/config.py @@ -314,3 +314,8 @@ class parser(object): pass except: logger.warning("insecure-debug-only-rsa-key-db configured but initialization failed, check for corrupted database file") + + try: + rpki.up_down.content_type = self.get("up_down_content_type") + except ConfigParser.NoOptionError: + pass diff --git a/rpki/http.py b/rpki/http.py index e41b0080..3cebec81 100644 --- a/rpki/http.py +++ b/rpki/http.py @@ -38,9 +38,10 @@ import rpki.POW logger = logging.getLogger(__name__) -## @var rpki_content_type -# HTTP content type used for all RPKI messages. -rpki_content_type = "application/x-rpki" +## @var default_content_type +# HTTP content type used for RPKI messages. +# Can be overriden on a per-client or per-server basis. +default_content_type = "application/x-rpki" ## @var want_persistent_client # Whether we want persistent HTTP client streams, when server also supports them. @@ -511,6 +512,7 @@ class http_server(http_stream): def __init__(self, sock, handlers): self.handlers = handlers + self.received_content_type = None http_stream.__init__(self, sock = sock) self.expect_close = not want_persistent_server self.logger.debug("Starting") @@ -529,10 +531,10 @@ class http_server(http_stream): Helper method to search self.handlers. """ - for s, h in self.handlers: - if path.startswith(s): - return h - return None + for h in self.handlers: + if path.startswith(h[0]): + return h[1], h[2] if len(h) > 2 else (default_content_type,) + return None, None def handle_message(self): """ @@ -545,12 +547,13 @@ class http_server(http_stream): self.logger.debug("Received request %r", self.msg) if not self.msg.persistent: self.expect_close = True - handler = self.find_handler(self.msg.path) + handler, allowed_content_types = self.find_handler(self.msg.path) + self.received_content_type = self.msg.headers["Content-Type"] error = None if self.msg.cmd != "POST": error = 501, "No handler for method %s" % self.msg.cmd - elif self.msg.headers["Content-Type"] != rpki_content_type: - error = 415, "No handler for Content-Type %s" % self.headers["Content-Type"] + elif self.received_content_type not in allowed_content_types: + error = 415, "No handler for Content-Type %s" % self.received_content_type elif handler is None: error = 404, "No handler for URL %s" % self.msg.path if error is None: @@ -590,7 +593,7 @@ class http_server(http_stream): if code >= 400: self.expect_close = True msg = http_response(code = code, reason = reason, body = body, - Content_Type = rpki_content_type, + Content_Type = self.received_content_type, Connection = "Close" if self.expect_close else "Keep-Alive") self.push(msg.format()) if self.expect_close: @@ -982,7 +985,7 @@ class http_queue(object): # Map of (host, port) tuples to http_queue objects. client_queues = {} -def client(msg, url, callback, errback): +def client(msg, url, callback, errback, content_type = default_content_type): """ Open client HTTP connection, send a message, set up callbacks to handle response. @@ -1007,7 +1010,7 @@ def client(msg, url, callback, errback): callback = callback, errback = errback, Host = u.hostname, - Content_Type = rpki_content_type) + Content_Type = content_type) hostport = (u.hostname or "localhost", u.port or default_tcp_port) diff --git a/rpki/left_right.py b/rpki/left_right.py index ed344a0a..55f893b8 100644 --- a/rpki/left_right.py +++ b/rpki/left_right.py @@ -956,10 +956,11 @@ class parent_elt(data_elt): cb(r_msg) rpki.http.client( - msg = q_der, - url = self.peer_contact_uri, - callback = unwrap, - errback = eb) + msg = q_der, + url = self.peer_contact_uri, + callback = unwrap, + errback = eb, + content_type = rpki.up_down.content_type) class child_elt(data_elt): """ diff --git a/rpki/rootd.py b/rpki/rootd.py index 8f08e0dd..c9e409db 100644 --- a/rpki/rootd.py +++ b/rpki/rootd.py @@ -454,4 +454,4 @@ class main(object): rpki.http_simple.server(host = self.http_server_host, port = self.http_server_port, - handlers = self.handler) + handlers = (("/", self.up_down_handler, rpki.up_down.allowed_content_types),)) diff --git a/rpki/rpkid.py b/rpki/rpkid.py index cc7fbc5b..267a95b1 100644 --- a/rpki/rpkid.py +++ b/rpki/rpkid.py @@ -137,10 +137,9 @@ class main(object): host = self.http_server_host, port = self.http_server_port, handlers = (("/left-right", self.left_right_handler), - ("/up-down/", self.up_down_handler), + ("/up-down/", self.up_down_handler, rpki.up_down.allowed_content_types), ("/cronjob", self.cronjob_handler))) - def start_cron(self): """ Start clock for rpkid's internal cron process. diff --git a/rpki/up_down.py b/rpki/up_down.py index 7b392640..839c60f6 100644 --- a/rpki/up_down.py +++ b/rpki/up_down.py @@ -35,11 +35,20 @@ from lxml.etree import Element, SubElement, tostring as ElementToString logger = logging.getLogger(__name__) - xmlns = rpki.relaxng.up_down.xmlns nsmap = rpki.relaxng.up_down.nsmap version = "1" +## @var content_type +# MIME content type to use when sending up-down queries. +#content_type = "application/rpki-updown" +content_type = "application/x-rpki" + +## @var allowed_content_types +# MIME content types which we consider acceptable for incoming up-down +# queries. +allowed_content_types = ("application/rpki-updown", "application/x-rpki") + tag_certificate = xmlns + "certificate" tag_class = xmlns + "class" tag_description = xmlns + "description" |