import string,cgi,time,socket,os from os import curdir, sep from CGIHTTPServer import CGIHTTPRequestHandler from BaseHTTPServer import HTTPServer from SocketServer import BaseServer from OpenSSL import SSL class CGIHTTPSServer(HTTPServer): def __pinit__(self, server_address, HandlerClass): BaseServer.__init__(self, server_address, HandlerClass) context = SSL.Context(SSL.SSLv23_METHOD) context.set_options(SSL.OP_NO_SSLv2) # Do not allow SSLv2 cgi_directories = '/cgi-bin' dir = os.curdir certdir = os.path.join(dir, "certs") server_key = os.path.join(certdir, 'server/server.key') server_cert = os.path.join(certdir, 'server/server.pem') context.use_privatekey_file (server_key) context.use_certificate_file(server_cert) context.set_verify(SSL.VERIFY_PEER|SSL.VERIFY_FAIL_IF_NO_PEER_CERT, self.verify_cb) # Demand a certificate context.load_verify_locations(os.path.join(certdir, 'ca/ca.pem')) self.socket = SSL.Connection(context, socket.socket(self.address_family, self.socket_type)) self.server_bind() self.server_activate() def verify_cb(self, conn, cert, errnum, depth, ok): # This obviously has to be updated print 'Got certificate: %s' % cert.get_subject() return ok class CGIHTTPSRequestHandler(CGIHTTPRequestHandler): def setup(self): self.connection = self.request self.rfile = socket._fileobject(self.request, "rb", self.rbufsize) self.wfile = socket._fileobject(self.request, "wb", self.wbufsize) def do_hGET(self): try: print "Got GET-request" f = open(curdir + sep + self.path) self.send_response(200) self.send_header('Content-type', 'text/html') self.end_headers() self.wfile.write(f.read()) f.close() return except IOError: self.send_error(404,'File Not Found: %s' % self.path) def main(): try: server_address = ('127.0.0.1', 2443) httpd = CGIHTTPSServer(server_address, CGIHTTPSRequestHandler) sa = httpd.socket.getsockname() print "Serving HTTPS on", sa[0], "port", sa[1], "..." httpd.serve_forever() except KeyboardInterrupt: print '^C received, shutting down server' httpd.socket.close() if __name__ == '__main__': main()