summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNarayan Desai <desai@mcs.anl.gov>2006-06-12 15:11:57 +0000
committerNarayan Desai <desai@mcs.anl.gov>2006-06-12 15:11:57 +0000
commit9675e9ba7f55a236c1e6c12bbebbeffb0d323ad9 (patch)
tree61cbac78029e61b9cbef3b76fbed1d0b8bf6dd9d
parenta56114f22e093d61e7b9948cee858069cefcbf7a (diff)
downloadbcfg2-9675e9ba7f55a236c1e6c12bbebbeffb0d323ad9.tar.gz
bcfg2-9675e9ba7f55a236c1e6c12bbebbeffb0d323ad9.tar.bz2
bcfg2-9675e9ba7f55a236c1e6c12bbebbeffb0d323ad9.zip
* Fix fatal server setup error
* Back out SSL code (for now) git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@1876 ce84e21b-d406-0410-9b95-82705330c041
-rw-r--r--src/lib/Client/Proxy.py23
-rw-r--r--src/lib/Server/Component.py22
-rwxr-xr-xsrc/sbin/bcfg2-server3
3 files changed, 31 insertions, 17 deletions
diff --git a/src/lib/Client/Proxy.py b/src/lib/Client/Proxy.py
index 9c2837817..d8e1dea19 100644
--- a/src/lib/Client/Proxy.py
+++ b/src/lib/Client/Proxy.py
@@ -15,7 +15,7 @@ class poSSLFile:
def __init__(self, sock, master):
self.sock = sock
self.master = master
- self.read = self.sock.read
+ #self.read = self.sock.read
self.master.count += 1
def close(self):
@@ -24,6 +24,7 @@ class poSSLFile:
self.sock.close()
def readline(self):
+ print "in readline"
data = ''
char = self.read(1)
while char != '\n':
@@ -33,14 +34,18 @@ class poSSLFile:
return data
def read(self, size=None):
- print "in read"
+ print "in read", size
if size:
data = ''
while not data:
try:
data = self.sock.read(size)
- except ZeroReturnError:
- print "caught ssl error; retrying"
+ except OpenSSL.SSL.ZeroReturnError:
+ break
+ return data
+ else:
+ print "no size"
+ data = self.sock.read()
return data
class pSockMaster:
@@ -56,7 +61,7 @@ class pSockMaster:
self.count -= 1
if not self.count:
self._connection.close()
-
+
class PHTTPSConnection(httplib.HTTPSConnection):
"This class allows communication via SSL."
@@ -76,10 +81,14 @@ class PHTTPSConnection(httplib.HTTPSConnection):
self._sock.connect((self.host, self.port))
self.sock = pSockMaster(self._sock)
+ def send(self, msg):
+ print "sending message %s" % (msg)
+ self._sock.sendall(msg)
+
class PHTTPS(httplib.HTTPS):
_connection_class = PHTTPSConnection
-class SafeTransport(xmlrpclib.Transport):
+class OSSafeTransport(xmlrpclib.Transport):
"""Handles an HTTPS transaction to an XML-RPC server."""
def make_connection(self, host):
# create a HTTPS connection object from a host descriptor
@@ -136,7 +145,7 @@ class SafeProxy:
else:
address = self.__get_location(component)
try:
- self.proxy = xmlrpclib.ServerProxy(address, transport=SafeTransport())
+ self.proxy = xmlrpclib.ServerProxy(address, transport=xmlrpclib.SafeTransport())
except IOError, io_error:
self.log.error("Invalid server URL %s: %s" % (address, io_error))
raise CobaltComponentError
diff --git a/src/lib/Server/Component.py b/src/lib/Server/Component.py
index e88b5cabe..f57dd7ccc 100644
--- a/src/lib/Server/Component.py
+++ b/src/lib/Server/Component.py
@@ -24,6 +24,8 @@ class CobaltXMLRPCRequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler):
# get arguments
data = self.rfile.read(int(self.headers["content-length"]))
response = self.server._cobalt_marshalled_dispatch(data, self.client_address)
+ except OpenSSL.SSL.SysCallError:
+ log.error("Client %s unexpectedly closed connection" % (self.client_address[0]))
except: # This should only happen if the module is buggy
# internal error, report as HTTP server error
log.error("Unexcepted handler failure in do_POST", exc_info=1)
@@ -51,9 +53,10 @@ class SSLServer(BaseHTTPServer.HTTPServer):
def __init__(self, address, keyfile, handler):
SocketServer.BaseServer.__init__(self, address, handler)
ctxt = OpenSSL.SSL.Context(OpenSSL.SSL.SSLv23_METHOD)
- ctxt.use_privatekey_file ('/tmp/keys/server.pkey')
- ctxt.use_certificate_file('/tmp/keys/server.cert')
- ctxt.load_verify_locations('/tmp/keys/CA.cert')
+ print keyfile
+ ctxt.use_privatekey_file (keyfile)
+ ctxt.use_certificate_file(keyfile)
+ #ctxt.load_verify_locations('/tmp/keys/CA.cert')
ctxt.set_verify(OpenSSL.SSL.VERIFY_PEER, self.verify_cb)
self.socket = OpenSSL.SSL.Connection(ctxt,
socket.socket(self.address_family, self.socket_type))
@@ -77,11 +80,12 @@ class SSLServer(BaseHTTPServer.HTTPServer):
try:
self.process_request(request, client_address)
except Exception, err:
- print err, type(err)
- try:
- if err[0][0][0] == 'SSL routines':
+ if isinstance(err, OpenSSL.SSL.Error):
+ if isinstance(err, OpenSSL.SSL.SysCallError):
+ log.error("Client %s unexpectedly closed connection" % (client_address[0]))
+ else:
log.error("%s from %s" % (err[0][0][2], client_address[0]))
- except:
+ else:
log.error("Unknown socket I/O failure from %s" % (client_address[0]), exc_info=1)
self.close_request(request)
@@ -120,8 +124,8 @@ class Component(SSLServer,
else:
location = (socket.gethostname(), 0)
try:
- #keyfile = self.cfile.get('communication', 'key')
- keyfile = '/tmp/keys/server.pkey'
+ keyfile = self.cfile.get('communication', 'key')
+ #keyfile = '/tmp/keys/server.pkey'
except ConfigParser.NoOptionError:
print "No key specified in cobalt.conf"
raise SystemExit, 1
diff --git a/src/sbin/bcfg2-server b/src/sbin/bcfg2-server
index daa79d090..142ed766d 100755
--- a/src/sbin/bcfg2-server
+++ b/src/sbin/bcfg2-server
@@ -51,7 +51,8 @@ class Bcfg2Serv(Bcfg2.Server.Component.Component):
Bcfg2.Server.Component.Component.__init__(self, setup)
self.shut = False
except Bcfg2.Server.Component.ComponentInitError:
- self.shut = True
+ logger.critical("Failed to setup server")
+ raise SystemExit, 1
# set shutdown handlers for sigint and sigterm
signal.signal(signal.SIGINT, self.start_shutdown)