Package rpki.https

Classes

class  caller
class  http_client
class  http_listener
class  http_message
class  http_queue
class  http_request
class  http_response
class  http_server
class  http_stream

Functions

def build_https_ta_cache
def client
def log_method
def server

Variables

dictionary client_queues = {}
 Map of (host, port) tuples to http_queue objects.
 debug_http = False
 Verbose chatter about HTTP streams.
 debug_tls_certs = False
 Verbose chatter about TLS certificates.
tuple default_client_timeout = rpki.sundial.timedelta(minutes = 15)
 Default HTTP client connection timeout.
tuple default_http_version = (1, 0)
 Preferred HTTP version.
tuple default_server_timeout = rpki.sundial.timedelta(minutes = 20)
 Default HTTP server connection timeouts.
string rpki_content_type = "application/x-rpki"
 HTTP content type used for all RPKI messages.
tuple supported_address_families = (socket.AF_INET, socket.AF_INET6)
 IP address families to support.
 want_persistent_client = False
 Whether we want persistent HTTP client streams, when server also supports them.
 want_persistent_server = False
 Whether we want persistent HTTP server streams, when client also supports them.

Detailed Description

HTTPS utilities, both client and server.

$Id: https.py 3191 2010-04-12 23:07:16Z sra $

Copyright (C) 2009-2010  Internet Systems Consortium ("ISC")

Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.

Portions copyright (C) 2007--2008  American Registry for Internet Numbers ("ARIN")

Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS.  IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.

Function Documentation

def rpki.https.build_https_ta_cache (   certs  ) 
Package up a collection of certificates into a form suitable for use
as a dynamic HTTPS trust anchor set.  Precise format of this
collection is an internal conspiracy within the rpki.https module;
at one point it was a POW.X509Store object, at the moment it's a
Python set, what it will be tomorow is nobody else's business.

Definition at line 1094 of file https.py.

def rpki.https.client (   msg,
  client_key,
  client_cert,
  server_ta,
  url,
  callback,
  errback 
)
Open client HTTPS connection, send a message, set up callbacks to
handle response.

Definition at line 1034 of file https.py.

def rpki.https.log_method (   self,
  msg,
  logger = rpki.log.debug 
)
Logging method used in several different classes.

Definition at line 235 of file https.py.

def rpki.https.server (   handlers,
  server_key,
  server_cert,
  port,
  host = "",
  client_ta = (),
  dynamic_https_trust_anchor = None,
  address_families = supported_address_families 
)
Run an HTTPS server and wait (forever) for connections.

Definition at line 1079 of file https.py.


Variable Documentation

Map of (host, port) tuples to http_queue objects.

Definition at line 1032 of file https.py.

Verbose chatter about HTTP streams.

Definition at line 45 of file https.py.

Verbose chatter about TLS certificates.

Definition at line 49 of file https.py.

Default HTTP client connection timeout.

Definition at line 61 of file https.py.

Preferred HTTP version.

Definition at line 72 of file https.py.

Default HTTP server connection timeouts.

Given our druthers, we'd prefer that the client close the connection, as this avoids the problem of client starting to reuse connection just as server closes it, so this should be longer than the client timeout.

Definition at line 68 of file https.py.

rpki::https::rpki_content_type = "application/x-rpki"

HTTP content type used for all RPKI messages.

Definition at line 41 of file https.py.

tuple rpki::https::supported_address_families = (socket.AF_INET, socket.AF_INET6)

IP address families to support.

Almost all the code is in place for IPv6, the missing bits are DNS support that would let us figure out which address family to request, and configuration support to let us figure out which protocols are supported on the local machine. For now, leave code in place but disabled.

Address families on which to listen; first entry is also the default for opening new connections.

Definition at line 85 of file https.py.

Whether we want persistent HTTP client streams, when server also supports them.

Definition at line 53 of file https.py.

Whether we want persistent HTTP server streams, when client also supports them.

Definition at line 57 of file https.py.

 All Classes Namespaces Files Functions Variables
Generated on Wed May 12 19:43:49 2010 for RPKI Engine by  doxygen 1.6.3