""" PyOpenSSL-based BaseHTTPServer. Instructions to generate a self-signed certificate: chmod go-rwx secret; cd secret/ # no-one else must see these files openssl genrsa -out server.key 1024 # generate server private key openssl req -new -key server.key -out server.csr # get a certificate request openssl x509 -req -days 365 -in server.csr \ -signkey server.key -out server.crt # sign your own certificate """ import socket#, thread from SocketServer import BaseServer from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler from OpenSSL import SSL class SecureHTTPServer(HTTPServer): def __init__(self, server_address, HandlerClass): BaseServer.__init__(self, server_address, HandlerClass) ctx = SSL.Context(SSL.SSLv23_METHOD) ctx.use_privatekey_file (self.server_key_file) ctx.use_certificate_file(self.certificate_file) self.socket = SSL.Connection(ctx, socket.socket(self.address_family, self.socket_type)) self.server_bind() self.server_activate() class SecureHTTPRequestHandler(BaseHTTPRequestHandler): def setup(self): self.connection = self.request #lock = thread.allocate_lock() self.rfile = ReadFileWrapper(self.connection)#, lock) self.wfile = WriteFileWrapper(self.connection)#, lock) class ReadFileWrapper: def __init__(self, sock):#, lock): self.sock = sock #self.lock = lock self.buf = '' def readline(self): inbuf = self.buf while '\n' not in inbuf: #self.lock.acquire() #try: t = self.sock.recv(2048) #finally: # self.lock.release() if not t: length = len(inbuf) break inbuf += t else: length = inbuf.index('\n') + 1 self.buf = inbuf[length:] return inbuf[:length] def close(self): pass class WriteFileWrapper: def __init__(self, sock):#, lock): self.sock = sock #self.lock = lock self.closed = False def write(self, data): while data: #self.lock.acquire() #try: count = self.sock.send(data) #finally: # self.lock.release() data = data[count:] def flush(self): pass def close(self): self.closed = True #self.lock.acquire() #try: self.sock.close() #finally: # self.lock.release()