--- z2s.py Sun Oct 26 17:51:00 2003
+++ /usr/local/home/ngps/pkg/zope261/z2.py Thu Jan 30 22:41:42 2003
@@ -105,21 +105,9 @@
Multiple -w options can be provided to run multiple servers.
- -y port
-
- The SSL Web server (HTTPS) port. This defaults to %(HTTPS_PORT)s. The
- standard port for HTTPS services is 443. If this is a dash
- (e.g. -y -), then HTTPS is disabled.
-
- The number can be preeceeded by an ip address follwed by a colon
- to specify an address to listen on. This allows different servers
- to listen on different addresses.
-
- Multiple -y options can be provided to run multiple servers.
-
-W port
- The "WebDAV source" port. If this is a dash (e.g. -W -), then
+ The "WebDAV source" port. If this is a dash (e.g. -w -), then
"WebDAV source" is disabled. The default is disabled. Note that
this feature is a workaround for the lack of "source-link" support
in standard WebDAV clients.
@@ -130,24 +118,6 @@
Multiple -W options can be provided to run multiple servers.
- -Y port
-
- The "WebDAV source over HTTPS" port. If this is a dash (e.g. -Y -), then
- "WebDAV source over HTTPS" is disabled. The default is disabled. Note that
- this feature is a workaround for the lack of "source-link" support
- in standard WebDAV clients.
-
- The port can be preeceeded by an ip address follwed by a colon
- to specify an address to listen on. This allows different servers
- to listen on different addresses.
-
- Multiple -Y options can be provided to run multiple servers.
-
- -x
-
- If present, this option causes Zope to run in X.509 certificate-based
- authentication mode.
-
-C
--force-http-connection-close
@@ -316,15 +286,9 @@
# Port for HTTP Server. The standard port for HTTP services is 80.
HTTP_PORT=8080
-# Port for HTTPS Server. The standard port for HTTPS services is 443.
-HTTPS_PORT=8443
-
# HTTP enivornment settings.
HTTP_ENV={}
-# HTTPS enivornment settings.
-HTTPS_ENV={}
-
# Should we close all HTTP connections, ignoring the (usually absent)
# 'Connection:' header?
FORCE_HTTP_CONNECTION_CLOSE=0
@@ -333,13 +297,6 @@
# standard port for this handler, which is disabled by default.
WEBDAV_SOURCE_PORT=[]
-# Port for the special "WebDAV source view over SSL" HTTP handler. There is no
-# standard port for this handler, which is disabled by default.
-WEBDAV_SSL_SOURCE_PORT=[]
-
-# Should we use client X.509 certificate-based authentication?
-X509_REMOTE_USER=None
-
## FTP configuration
# Port for the FTP Server. The standard port for FTP services is 21.
@@ -429,7 +386,7 @@
opts, args = getopt.getopt(sys.argv[1:],
- 'hz:Z:t:i:a:d:u:w:W:y:Y:x:f:p:m:Sl:2DP:rF:L:XM:C',
+ 'hz:Z:t:i:a:d:u:w:W:f:p:m:Sl:2DP:rF:L:XM:C',
['icp=', 'force-http-connection-close'
])
@@ -486,19 +443,10 @@
MONITOR_PORT=server_info(MONITOR_PORT, v)
elif o=='-w':
HTTP_PORT=server_info(HTTP_PORT, v)
- elif o=='-y':
- HTTPS_PORT=server_info(HTTPS_PORT, v)
elif o=='-C' or o=='--force-http-connection-close':
FORCE_HTTP_CONNECTION_CLOSE=1
elif o=='-W':
WEBDAV_SOURCE_PORT=server_info(WEBDAV_SOURCE_PORT, v)
- elif o=='-Y':
- WEBDAV_SSL_SOURCE_PORT=server_info(WEBDAV_SSL_SOURCE_PORT, v)
- elif o=='-x':
- if v in ('-', '0', ''):
- X509_REMOTE_USER=None
- else:
- X509_REMOTE_USER=1
elif o=='-f':
FTP_PORT=server_info(FTP_PORT, v)
elif o=='-P':
@@ -653,60 +601,14 @@
from ZServer import resolver, logger, asyncore
from ZServer import zhttp_server, zhttp_handler
- from ZServer import zhttps_server, zhttps0_handler, zhttps_handler
from ZServer.WebDAVSrcHandler import WebDAVSrcHandler
from ZServer import PCGIServer,FTPServer,FCGIServer
from ZServer import secure_monitor_server
- from M2Crypto import SSL, Rand
-
## ZServer startup
##
- ## In X509_REMOTE_USER mode, we log the client cert's subject DN.
- if X509_REMOTE_USER:
-
- import base64, string, time
-
- def log (self, bytes):
- user_agent=self.get_header('user-agent')
- if not user_agent: user_agent=''
- referer=self.get_header('referer')
- if not referer: referer=''
-
- get_peer_cert = getattr(self.channel, 'get_peer_cert', None)
- if get_peer_cert is not None:
- name = str(get_peer_cert().get_subject())
- else:
- name = 'Anonymous'
- auth=self.get_header('Authorization')
- if auth is not None:
- if string.lower(auth[:6]) == 'basic ':
- try: decoded=base64.decodestring(auth[6:])
- except base64.binascii.Error: decoded=''
- t = string.split(decoded, ':', 1)
- if len(t) < 2:
- name = 'Unknown (bad auth string)'
- else:
- name = t[0]
-
- self.channel.server.logger.log (
- self.channel.addr[0],
- ' - %s [%s] "%s" %d %d "%s" "%s"\n' % (
- name,
- self.log_date_string (time.time()),
- self.request,
- self.reply_code,
- bytes,
- referer,
- user_agent
- )
- )
-
- from ZServer.medusa import http_server
- http_server.http_request.log = log
-
# Resolver and Logger, used by other servers
if DNS_IP:
rs = resolver.caching_resolver(DNS_IP)
@@ -766,51 +668,11 @@
# from another web server to ZServer, and would like the CGI
# environment to reflect the CGI environment of the other web
# server.
- try:
- del HTTP_ENV['HTTPS']
- except KeyError:
- pass
zh = zhttp_handler(MODULE, '', HTTP_ENV)
if FORCE_HTTP_CONNECTION_CLOSE:
zh._force_connection_close = 1
hs.install_handler(zh)
- # HTTPS Server
- if HTTPS_PORT:
- ssl_ctx = SSL.Context('sslv23')
- ssl_ctx.load_cert_chain('%s/server.pem' % INSTANCE_HOME)
- ssl_ctx.load_verify_locations('%s/ca.pem' % INSTANCE_HOME)
- ssl_ctx.load_client_CA('%s/ca.pem' % INSTANCE_HOME)
- #ssl_ctx.set_allow_unknown_ca(1)
- ssl_ctx.set_session_id_ctx(MODULE)
- ssl_ctx.set_tmp_dh('%s/dh1024.pem' % INSTANCE_HOME)
- if X509_REMOTE_USER:
- ssl_ctx.set_verify(SSL.verify_peer|SSL.verify_fail_if_no_peer_cert, 10)
- #ssl_ctx.set_verify(SSL.verify_peer, 10)
- else:
- ssl_ctx.set_verify(SSL.verify_none, 10)
- if type(HTTPS_PORT) is type(0): HTTPS_PORT=((IP_ADDRESS, HTTPS_PORT),)
-
- for address, port in HTTPS_PORT:
- hss = zhttps_server(
- ip=address,
- port=port,
- ssl_ctx=ssl_ctx,
- resolver=rs,
- logger_object=lg)
-
- try:
- del HTTPS_ENV['HTTP']
- except KeyError:
- pass
- HTTPS_ENV['HTTPS']='ON'
-
- if X509_REMOTE_USER:
- zsh = zhttps_handler(MODULE, '', HTTPS_ENV)
- else:
- zsh = zhttps0_handler(MODULE, '', HTTPS_ENV)
- hss.install_handler(zsh)
-
# WebDAV source Server (runs HTTP, but munges request to return
# 'manage_FTPget').
if WEBDAV_SOURCE_PORT:
@@ -854,34 +716,6 @@
else:
sys.WEBDAV_SOURCE_PORT_CLIENTS = None
- # WebDAV-over-SSL source Server (runs HTTPS, but munges request to return
- # 'manage_FTPget').
- if WEBDAV_SSL_SOURCE_PORT:
- ssl_ctx = SSL.Context('sslv23')
- ssl_ctx.load_cert_chain('%s/server.pem' % INSTANCE_HOME)
- ssl_ctx.load_verify_locations('%s/ca.pem' % INSTANCE_HOME)
- ssl_ctx.load_client_CA('%s/ca.pem' % INSTANCE_HOME)
- ssl_ctx.set_verify(SSL.verify_none, 10)
- ssl_ctx.set_session_id_ctx(MODULE)
- ssl_ctx.set_tmp_dh('%s/dh1024.pem' % INSTANCE_HOME)
- if type(WEBDAV_SSL_SOURCE_PORT) is type(0):
- WEBDAV_SSL_SOURCE_PORT=((IP_ADDRESS, WEBDAV_SSL_SOURCE_PORT),)
- for address, port in WEBDAV_SSL_SOURCE_PORT:
- hss = zhttps_server(
- ip=address,
- port=port,
- ssl_ctx=ssl_ctx,
- resolver=rs,
- logger_object=lg)
-
- try:
- del HTTPS_ENV['HTTP']
- except KeyError:
- pass
- HTTPS_ENV['HTTPS']='ON'
-
- zsh = WebDAVSrcHandler(MODULE, '', HTTPS_ENV)
- hss.install_handler(zsh)
# FTP Server
if FTP_PORT:
@@ -1072,8 +906,6 @@
sys.exit(0)
# Start Medusa, Ye Hass!
-Rand.load_file('%s/randpool.dat' % INSTANCE_HOME, -1)
sys.ZServerExitCode=0
asyncore.loop()
-Rand.save_file('%s/randpool.dat' % INSTANCE_HOME)
sys.exit(sys.ZServerExitCode)
distrib
>
Fedora
>
13
>
i386
>
media
>
os
>
by-pkgid
>
b19df05292ea6fc997c221dbeca1120c
>
files
>
170
