sslxmlrpcserver.py

xen虚拟机源代码安装包

#============================================================================
# This library is free software; you can redistribute it and/or
# modify it under the terms of version 2.1 of the GNU Lesser General Public
# License as published by the Free Software Foundation.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#============================================================================
# Copyright (C) 2007 XenSource Inc.
#============================================================================


"""
HTTPS wrapper for an XML-RPC server interface.  Requires PyOpenSSL (Debian
package python-pyopenssl).
"""

import socket

from OpenSSL import SSL

from xen.util.xmlrpclib2 import XMLRPCRequestHandler, TCPXMLRPCServer


class SSLXMLRPCRequestHandler(XMLRPCRequestHandler):
    def setup(self):
        self.connection = self.request
        self.rfile = socket._fileobject(self.request, "rb", self.rbufsize)
        self.wfile = socket._fileobject(self.request, "wb", self.wbufsize)

#
# Taken from pyOpenSSL-0.6 examples (public-domain)
#

class SSLWrapper:
    """
    """
    def __init__(self, conn):
        """
        Connection is not yet a new-style class,
        so I'm making a proxy instead of subclassing.
        """
        self.__dict__["conn"] = conn
    def __getattr__(self, name):
        return getattr(self.__dict__["conn"], name)
    def __setattr__(self, name, value):
        setattr(self.__dict__["conn"], name, value)

    def close(self):
        self.shutdown()
        return self.__dict__["conn"].close()

    def shutdown(self, how=1):
        """
        SimpleXMLRpcServer.doPOST calls shutdown(1),
        and Connection.shutdown() doesn't take
        an argument. So we just discard the argument.
        """
        # Block until the shutdown is complete
        self.__dict__["conn"].shutdown()
        self.__dict__["conn"].shutdown()

    def accept(self):
        """
        This is the other part of the shutdown() workaround.
        Since servers create new sockets, we have to infect
        them with our magic. :)
        """
        c, a = self.__dict__["conn"].accept()
        return (SSLWrapper(c), a)

#
# End of pyOpenSSL-0.6 example code.
#

class SSLXMLRPCServer(TCPXMLRPCServer):
    def __init__(self, addr, allowed, xenapi, logRequests = 1,
                 ssl_key_file = None, ssl_cert_file = None):

        TCPXMLRPCServer.__init__(self, addr, allowed, xenapi,
                                 SSLXMLRPCRequestHandler, logRequests)

        if not ssl_key_file or not ssl_cert_file:
            raise ValueError("SSLXMLRPCServer requires ssl_key_file "
                             "and ssl_cert_file to be set.")

        # make a SSL socket
        ctx = SSL.Context(SSL.SSLv23_METHOD)
        ctx.set_options(SSL.OP_NO_SSLv2)
        ctx.use_privatekey_file (ssl_key_file)
        ctx.use_certificate_file(ssl_cert_file)
        self.socket = SSLWrapper(SSL.Connection(ctx,
                                 socket.socket(self.address_family,
                                               self.socket_type)))
        self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
        self.server_bind()
        self.server_activate()