source: fedd/federation/server.py @ e48d8eb

Last change on this file since e48d8eb was 6bedbdba, checked in by Ted Faber <faber@…>, 13 years ago

Split topdl and fedid out to different packages. Add differential
installs

  • Property mode set to 100755
File size: 8.3 KB
RevLine 
[0a20ef8]1#!/usr/local/bin/python
2
3import sys
4
5from BaseHTTPServer import BaseHTTPRequestHandler
6
7from ZSI import Fault, ParseException, FaultFromNotUnderstood, \
8    FaultFromZSIException, FaultFromException, ParsedSoap, SoapWriter
9
10from M2Crypto import SSL
11from M2Crypto.SSL.SSLServer import ThreadingSSLServer
12import xmlrpclib
13
[6bedbdba]14from deter import fedid
[8d5394e]15
16# ZSI uses a deprecated multifile interface.  This shuts the warning system up.
17from warnings import filterwarnings
18filterwarnings("ignore", ".*multifile.*", DeprecationWarning, "ZSI")
19
[9556f2a]20try:
21    from fedd_services import ns0
22except ImportError:
23    from fedd_server import ns0
24
[0a20ef8]25from service_error import *
26
[81a7f3f]27import os.path
28
[0a20ef8]29import logging
[46a0f7a]30import traceback
[0a20ef8]31
32# The SSL server here is based on the implementation described at
33# http://www.xml.com/pub/a/ws/2004/01/20/salz.html
34
35# Turn off the matching of hostname to certificate ID
36SSL.Connection.clientPostConnectionCheck = None
37
[ec4fb42]38class server(ThreadingSSLServer):
[0a20ef8]39    """
40    Interface the fedd services to the XMLRPC and SOAP interfaces
41    """
[46a0f7a]42    def __init__(self, ME, handler, ssl_ctx, impl, debug=False):
[0a20ef8]43        """
44        Create an SSL server that handles the transport in handler using the
45        credentials in ssl_ctx, and interfacing to the implementation of fedd
46        services in fedd.  ME is the host port pair on which to bind.
47        """
48        ThreadingSSLServer.__init__(self, ME, handler, ssl_ctx)
49        self.impl = impl
50        self.soap_methods = impl.soap_services
51        self.xmlrpc_methods = impl.xmlrpc_services
[81a7f3f]52        self.get_handler = impl.get_handler
[0a20ef8]53        self.log = logging.getLogger("fedd")
[46a0f7a]54        if debug: self.handle_error = self.handle_error_debug
55        else: self.handle_error = self.handle_error_standard
[0a20ef8]56
[8072c18]57    def handle_error_debug(self, request=None, client_address=None):
[46a0f7a]58        print '-'*40
59        traceback.print_exc()
60        print '-'*40
61
62
[8072c18]63    def handle_error_standard(self, request=None, address=None):
[0a20ef8]64        """
65        The default SSLServer prints a stack trace here.  This is a little
66        friendlier.
67        """
68        if request or address:
69            self.log.warn("[fedd] Error on incoming connection: %s %s" % \
[8072c18]70                    (request or "", address or ""))
[0a20ef8]71        else:
72            self.log.warn("[fedd] Error on incoming connection " + \
73                    "(Likely SSL error)")
74
[ec4fb42]75class soap_handler(BaseHTTPRequestHandler):
[0a20ef8]76    """
77    Standard connection between SOAP and the fedd services in impl.
78
79    Much of this is boilerplate from
80    http://www.xml.com/pub/a/ws/2004/01/20/salz.html
81    """
82    server_version = "ZSI/2.0 fedd/0.1 " + BaseHTTPRequestHandler.server_version
83
84    def send_xml(self, text, code=200):
85        """Send an XML document as reply"""
86        self.send_response(code)
87        self.send_header('Content-type', 'text/xml; charset="utf-8"')
88        self.send_header('Content-Length', str(len(text)))
89        self.end_headers()
90        self.wfile.write(text)
91        self.wfile.flush()
92        self.request.socket.close()
93
94    def send_fault(self, f, code=500):
95        """Send a SOAP encoded fault as reply"""
96        self.send_xml(f.AsSOAP(processContents="lax"), code)
97
98    def check_headers(self, ps):
99        """Send a fault for any required envelope headers"""
100        for (uri, localname) in ps.WhatMustIUnderstand():
101            self.send_fault(FaultFromNotUnderstood(uri, lname, 'fedd'))
102            return False
103        return  True
104
105    def check_method(self, ps):
106        """Confirm that this class implements the namespace and SOAP method"""
107        root = ps.body_root
108        if root.namespaceURI not in self.server.impl.soap_namespaces:
109            self.send_fault(Fault(Fault.Client, 
110                'Unknown namespace "%s"' % root.namespaceURI))
111            return False
112
113        if getattr(root, 'localName', None) == None:
114            self.send_fault(Fault(Fault.Client, 'No method"'))
115            return False
116        return True
117
118    def do_POST(self):
119        """Treat an HTTP POST request as a SOAP service call"""
120        try:
121            cl = int(self.headers['content-length'])
122            data = self.rfile.read(cl)
123            ps = ParsedSoap(data)
124        except ParseException, e:
125            self.send_fault(Fault(Fault.Client, str(e)))
126            return
127        except Exception, e:
128            self.send_fault(FaultFromException(e, 0, sys.exc_info()[2]))
129            return
130        if not self.check_headers(ps): return
131        if not self.check_method(ps): return
132        try:
133            resp = self.soap_dispatch(ps.body_root.localName, ps,
134                    fedid(cert=self.request.get_peer_cert()))
135        except Fault, f:
136            self.send_fault(f)
137            resp = None
[e83f2f2]138
[0a20ef8]139        if resp != None:
140            sw = SoapWriter()
141            sw.serialize(resp)
142            self.send_xml(str(sw))
143
[81a7f3f]144    def do_GET(self):
145        """
146        If a get handler is registered, use that to retrieve data.
147        """
148        if self.server.get_handler:
149            code = 200
150            fid = fedid(cert=self.request.get_peer_cert())
151            fname, type = self.server.get_handler(self.path, fid)
[6c57fe9]152            if fname:
153                try:
154                    f = open(fname, "rb")
155                    size = os.path.getsize(fname)
[d3c8759]156                except EnvironmentError, e:
[6c57fe9]157                    code = 404
158                    size = 0
159            else:
[81a7f3f]160                code = 404
161                size = 0
162        else:
163            code = 404
164            size = 0
165
166        self.send_response(code)
167        if code == 200:
168            if type:
169                self.send_header('Content-type', type)
170            self.send_header('Content-Length', size)
171            self.end_headers()
172            bytes = f.read(4096)
173            while len(bytes):
174                self.wfile.write(bytes)
175                bytes = f.read(4096)
176            self.wfile.flush()
177        self.request.socket.close()
178
179
[0a20ef8]180    def log_request(self, code=0, size=0):
181        """
182        Log request to the fedd logger
183        """
184        self.server.log.info("Successful SOAP request code %d" % code)
185
186    def soap_dispatch(self, method, req, fid):
187        """
188        The connection to the implementation, using the  method maps
189
190        The implementation provides a mapping from SOAP method name to the
191        method in the implementation that provides the service.
192        """
193        if self.server.soap_methods.has_key(method):
194            try:
195                return self.server.soap_methods[method](req, fid)
196            except service_error, e:
197                de = ns0.faultType_Def(
198                        (ns0.faultType_Def.schema,
199                            "FeddFaultBody")).pyclass()
200                de._code=e.code
201                de._errstr=e.code_string()
202                de._desc=e.desc
[e83f2f2]203                for p in e.proof:
204                    dp = ns0.proofType_Def(ns0.proofType_Def.schema, 
205                            "proof").pyclass()
206                    dp._prover = p.prover
207                    dp._principal = p.principal
208                    dp._attribute = p.attribute
209                    dp._credential = p.creds_to_certs()
210                    if de._proof: de._proof.append(dp)
211                    else: de._proof = [dp]
[0a20ef8]212                if  e.is_server_error():
213                    raise Fault(Fault.Server, e.code_string(), detail=de)
214                else:
215                    raise Fault(Fault.Client, e.code_string(), detail=de)
216        else:
217            raise Fault(Fault.Client, "Unknown method: %s" % method)
218
219
[ec4fb42]220class xmlrpc_handler(BaseHTTPRequestHandler):
[0a20ef8]221    """
222    Standard connection between XMLRPC and the fedd services in impl.
223
224    Much of this is boilerplate from
225    http://www.xml.com/pub/a/ws/2004/01/20/salz.html
226    """
227    server_version = "ZSI/2.0 fedd/0.1 " + BaseHTTPRequestHandler.server_version
228
229    def send_xml(self, text, code=200):
230        """Send an XML document as reply"""
231        self.send_response(code)
232        self.send_header('Content-type', 'text/xml; charset="utf-8"')
233        self.send_header('Content-Length', str(len(text)))
234        self.end_headers()
235        self.wfile.write(text)
236        self.wfile.flush()
237        # Make sure to close the socket when we're done
238        self.request.socket.close()
239
240    def do_POST(self):
241        """Treat an HTTP POST request as an XMLRPC service call"""
242        # NB: XMLRPC faults are not HTTP errors, so the code is always 200,
243        # unless an HTTP error occurs, which we don't handle.
244
245        resp = None
246        data = None
247        method = None
248        cl = int(self.headers['content-length'])
249        data = self.rfile.read(cl)
250
251        try:
252            params, method = xmlrpclib.loads(data)
253        except xmlrpclib.ResponseError:
254            data = xmlrpclib.dumps(xmlrpclib.Fault("Client", 
255                "Malformed request"), methodresponse=True)
256
257        if method != None:
258            try:
259                resp = self.xmlrpc_dispatch(method, params,
260                            fedid(cert=self.request.get_peer_cert()))
261                data = xmlrpclib.dumps((resp,), encoding='UTF-8', 
262                        methodresponse=True)
263            except xmlrpclib.Fault, f:
264                data = xmlrpclib.dumps(f, methodresponse=True)
265                resp = None
266
267        self.send_xml(data)
268
269    def log_request(self, code=0, size=0):
270        """
271        Log request to the fedd logger
272        """
273        self.server.log.info("Successful XMLRPC request code %d" % code)
274
275
276    def xmlrpc_dispatch(self, method, req, fid):
277        """
278        The connection to the implementation, using the  method maps
279
280        The implementation provides a mapping from XMLRPC method name to the
281        method in the implementation that provides the service.
282        """
283        if self.server.xmlrpc_methods.has_key(method):
284            try:
285                return self.server.xmlrpc_methods[method](req, fid)
286            except service_error, e:
287                raise xmlrpclib.Fault(e.code_string(), e.desc)
288        else:
289            raise xmlrpclib.Fault(100, "Unknown method: %s" % method)
Note: See TracBrowser for help on using the repository browser.