Changeset Navigation

← Previous Changeset
Next Changeset →

Changeset 1440

Timestamp:

11/18/06 17:59:28

Author:

fumanchu

Message:

Fix for #601. New SSL entries in WSGI environ (plus test suite fix under ssl).

Files:

trunk/cherrypy/_cpwsgiserver.py (modified) (5 diffs)
trunk/cherrypy/test/test_virtualhost.py (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/cherrypy/_cpwsgiserver.py

r1439	r1440
22	22	try:
23	23	from OpenSSL import SSL
	24	from OpenSSL import crypto
24	25	except ImportError:
25	26	SSL = None
…	…
435	436	else:
436	437	# Assume it's an HTTPS socket wrapper
437		~~self.environ["wsgi.url_scheme"] = "https"~~
438	438	self.rfile = SSL_fileobject(sock, "r", self.rbufsize)
439	439	self.wfile = SSL_fileobject(sock, "w", self.wbufsize)
	440	self.environ["wsgi.url_scheme"] = "https"
	441	self.environ["HTTPS"] = "on"
	442	sslenv = getattr(server, "ssl_environ")
	443	if sslenv:
	444	self.environ.update(sslenv)
440	445
441	446	self.environ.update({"wsgi.input": self.rfile,
…	…
612	617	if SSL is None:
613	618	raise ImportError("You must install pyOpenSSL to use HTTPS.")
	619
614	620	# See http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/442473
615	621	ctx = SSL.Context(SSL.SSLv23_METHOD)
…	…
617	623	ctx.use_certificate_file(self.ssl_certificate)
618	624	self.socket = SSLConnection(ctx, self.socket)
	625	self.populate_ssl_environ()
619	626	self.socket.bind(self.bind_addr)
620	627
…	…
759	766	except AssertionError:
760	767	pass
761
	768
	769	def populate_ssl_environ(self):
	770	"""Create WSGI environ entries to be merged into each request."""
	771	cert = open(self.ssl_certificate).read()
	772	cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert)
	773	self.ssl_environ = {
	774	# pyOpenSSL doesn't provide access to any of these AFAICT
	775	## 'SSL_PROTOCOL': 'SSLv2',
	776	## SSL_CIPHER string The cipher specification name
	777	## SSL_VERSION_INTERFACE string The mod_ssl program version
	778	## SSL_VERSION_LIBRARY string The OpenSSL program version
	779	}
	780
	781	# Server certificate attributes
	782	self.ssl_environ.update({
	783	'SSL_SERVER_M_VERSION': cert.get_version(),
	784	'SSL_SERVER_M_SERIAL': cert.get_serial_number(),
	785	## 'SSL_SERVER_V_START': Validity of server's certificate (start time),
	786	## 'SSL_SERVER_V_END': Validity of server's certificate (end time),
	787	})
	788
	789	for prefix, dn in [("I", cert.get_issuer()),
	790	("S", cert.get_subject())]:
	791	# X509Name objects don't seem to have a way to get the
	792	# complete DN string. Use str() and slice it instead.
	793	dn = str(dn)[18:-2]
	794
	795	wsgikey = 'SSL_SERVER_%s_DN' % prefix
	796	self.ssl_environ[wsgikey] = dn
	797
	798	for atom in dn.split("/"):
	799	if atom:
	800	key, value = atom.split("=", 1)
	801	wsgikey = 'SSL_SERVER_%s_DN_%s' % (prefix, key)
	802	self.ssl_environ[wsgikey] = value
	803

trunk/cherrypy/test/test_virtualhost.py

r1431	r1440
80	80	# Test that cherrypy.url uses the browser url, not the virtual url
81	81	self.getPage("/url", [('Host', 'www.mydom2.com')])
82		self.assertBody("~~http://www.mydom2.com/nextpage"~~)
	82	self.assertBody("%s://www.mydom2.com/nextpage" % self.scheme)
83	83
84	84

Changeset Navigation

Changeset 1440

Legend:

trunk/cherrypy/_cpwsgiserver.py

trunk/cherrypy/test/test_virtualhost.py

Download in other formats: