import string,cgi,time,socket,os from os import curdir, sep import CGIHTTPServer import BaseHTTPServer import SocketServer from OpenSSL import SSL import sys #For processing path (used in translate_path) import urlparse import posixpath import urllib # Define some useful variables cgi_root = '/home/morten/eclipse-workspace/bachelorprojekt/cgi-bin' document_root = '/home/morten/eclipse-workspace/bachelorprojekt' cert_root = '/home/morten/eclipse-workspace/bachelorprojekt/MiG-certificates' cgi_root_alias = '/cgi-bin' class CGIHTTPSServer(SocketServer.ForkingMixIn, BaseHTTPServer.HTTPServer): def __init__(self, server_address, HandlerClass): SocketServer.BaseServer.__init__(self, server_address, HandlerClass) context = SSL.Context(SSL.SSLv23_METHOD) # Do not allow SSLv2 context.set_options(SSL.OP_NO_SSLv2) # Set up server certificate and key #server_key = os.path.join(cert_root, 'server.key') #server_cert = os.path.join(cert_root, 'server.crt') server_key = cert_root + '/server.key' server_cert = cert_root + '/server.crt' context.use_privatekey_file (server_key) context.use_certificate_file(server_cert) ca_cert = os.path.join(cert_root, 'cacert.pem') # Demand a certificate context.set_verify(SSL.VERIFY_PEER|SSL.VERIFY_FAIL_IF_NO_PEER_CERT, self.verify_cb) context.load_verify_locations(ca_cert) self.socket = SSL.Connection(context, socket.socket(self.address_family, self.socket_type)) self.server_bind() self.server_activate() def verify_cb(self, conn, cert, errnum, depth, ok): # This obviously has to be updated print 'Got certificate: %s' % cert.get_subject() return ok class CGIHTTPSRequestHandler(CGIHTTPServer.CGIHTTPRequestHandler): def setup(self): #self.cgi_directories = ["/cgi-bin"] self.cgi_directories = [cgi_root_alias] self.have_fork = False self.connection = self.request self.rfile = socket._fileobject(self.request, "rb", self.rbufsize) self.wfile = socket._fileobject(self.request, "wb", self.wbufsize) def logmsg(self, msg): print "[CGIHTTPSRequestHandler] %s" % (msg) def do_hGET(self): try: print "Got GET-request" f = open(www_root + sep + self.path) self.send_response(200) self.send_header('Content-type', 'text/html') self.end_headers() self.wfile.write(f.read()) f.close() return except IOError: self.send_error(404,'File Not Found: %s' % self.path) def translate_path(self, path): """Translate a /-separated PATH to the local filename syntax. Components that mean special things to the local file system (e.g. drive or directory names) are ignored. (XXX They should probably be diagnosed.) """ # abandon query parameters path = urlparse.urlparse(path)[2] self.logmsg( "Incomming path-request: " + path ) tmp = path.split(self.cgi_directories[0]) if len(tmp) > 1 and tmp[0]=='': self.logmsg("CGI-request, setting correct cgi-bin directory") path = tmp[1] path = cgi_root + path self.logmsg("New CGI-dir is: "+path) #return server_root + path return path path = posixpath.normpath(urllib.unquote(path)) words = path.split('/') words = filter(None, words) #path = os.getcwd() path = document_root for word in words: drive, word = os.path.splitdrive(word) head, word = os.path.split(word) if word in (os.curdir, os.pardir): continue path = os.path.join(path, word) self.logmsg( "Final path:") self.logmsg(path ) return path def main(): try: server_address = ('', 3079) httpd = CGIHTTPSServer(server_address, CGIHTTPSRequestHandler) sa = httpd.socket.getsockname() print "Serving HTTPS on", sa[0], "port", sa[1], "..." httpd.serve_forever() except KeyboardInterrupt: print '^C received, shutting down server' httpd.socket.close() if __name__ == '__main__': main()