Package rpki.https
Detailed Description
HTTPS utilities, both client and server.
$Id: https.py 3191 2010-04-12 23:07:16Z sra $
Copyright (C) 2009-2010 Internet Systems Consortium ("ISC")
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN")
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
Function Documentation
def rpki.https.build_https_ta_cache |
( |
|
certs |
) |
|
Package up a collection of certificates into a form suitable for use
as a dynamic HTTPS trust anchor set. Precise format of this
collection is an internal conspiracy within the rpki.https module;
at one point it was a POW.X509Store object, at the moment it's a
Python set, what it will be tomorow is nobody else's business.
Definition at line 1094 of file https.py.
def rpki.https.client |
( |
|
msg, |
|
|
|
client_key, |
|
|
|
client_cert, |
|
|
|
server_ta, |
|
|
|
url, |
|
|
|
callback, |
|
|
|
errback | |
|
) |
| | |
Open client HTTPS connection, send a message, set up callbacks to
handle response.
Definition at line 1034 of file https.py.
Logging method used in several different classes.
Definition at line 235 of file https.py.
def rpki.https.server |
( |
|
handlers, |
|
|
|
server_key, |
|
|
|
server_cert, |
|
|
|
port, |
|
|
|
host = "" , |
|
|
|
client_ta = () , |
|
|
|
dynamic_https_trust_anchor = None , |
|
|
|
address_families = supported_address_families | |
|
) |
| | |
Run an HTTPS server and wait (forever) for connections.
Definition at line 1079 of file https.py.
Variable Documentation
Verbose chatter about HTTP streams.
Definition at line 45 of file https.py.
Verbose chatter about TLS certificates.
Definition at line 49 of file https.py.
Default HTTP client connection timeout.
Definition at line 61 of file https.py.
Preferred HTTP version.
Definition at line 72 of file https.py.
Default HTTP server connection timeouts.
Given our druthers, we'd prefer that the client close the connection, as this avoids the problem of client starting to reuse connection just as server closes it, so this should be longer than the client timeout.
Definition at line 68 of file https.py.
HTTP content type used for all RPKI messages.
Definition at line 41 of file https.py.
IP address families to support.
Almost all the code is in place for IPv6, the missing bits are DNS support that would let us figure out which address family to request, and configuration support to let us figure out which protocols are supported on the local machine. For now, leave code in place but disabled.
Address families on which to listen; first entry is also the default for opening new connections.
Definition at line 85 of file https.py.
Whether we want persistent HTTP client streams, when server also supports them.
Definition at line 53 of file https.py.
Whether we want persistent HTTP server streams, when client also supports them.
Definition at line 57 of file https.py.