def __init__(self, req):
""" init with http request object """
# FIXME: should rename some things:
# self.bodyFd --> self.body or self.data or ?
# self.caChain --> self.caCert
self.req = req
# turn wsgi.input object into a SmartIO instance so it can be read
# more than once
if 'wsgi.input' in self.req.headers_in:
smartFd = SmartIO(max_mem_size=CFG.MAX_MEM_FILE_SIZE)
smartFd.write(self.req.headers_in['wsgi.input'].read())
self.req.headers_in['wsgi.input'] = smartFd
self.responseContext = ResponseContext()
self.uri = None # ''
# Common settings for both the proxy and the redirect
# broker and redirect immediately alter these for their own purposes
self.caChain = CFG.CA_CHAIN
self.httpProxy = CFG.HTTP_PROXY
self.httpProxyUsername = CFG.HTTP_PROXY_USERNAME
self.httpProxyPassword = CFG.HTTP_PROXY_PASSWORD
if not self.httpProxyUsername:
self.httpProxyPassword = ''
self.rhnParent = CFG.RHN_PARENT or ''
self.rhnParent = rhnLib.parseUrl(self.rhnParent)[1].split(':')[0]
CFG.set('RHN_PARENT', self.rhnParent)
def __getXmlrpcServer():
""" get an xmlrpc server object
"""
log_debug(3)
# build the URL
url = CFG.RHN_PARENT or ''
url = parseUrl(url)[1].split(':')[0]
url = 'https://' + url + '/XMLRPC'
log_debug(3, 'server url: %s' % url)
if CFG.HTTP_PROXY:
serverObj = rpclib.Server(url,
proxy=CFG.HTTP_PROXY,
username=CFG.HTTP_PROXY_USERNAME,
password=CFG.HTTP_PROXY_PASSWORD)
else:
serverObj = rpclib.Server(url)
if CFG.CA_CHAIN:
if not os.access(CFG.CA_CHAIN, os.R_OK):
log_error(
'ERROR: missing or cannot access (for ca_chain): %s' %
CFG.CA_CHAIN)
raise rhnFault(
1000,
_("SUSE Manager Proxy error (file access issues). "
"Please contact your system administrator. "
"Please refer to SUSE Manager Proxy logs."))
serverObj.add_trusted_cert(CFG.CA_CHAIN)
serverObj.add_header('X-RHN-Client-Version', 2)
return serverObj
def _parse_url(url):
""" Returns scheme, host, port, path, query. """
scheme, netloc, path, _params, query, _frag = rhnLib.parseUrl(url)
host, port = urllib.splitnport(netloc)
if (port <= 0):
port = None
return scheme, host, port, path, query
def setURL(self, path='/APP'):
# overloaded for uploadlib.py
if not CFG.RHN_PARENT:
self.die(-1, "rhn_parent not set in the configuration file")
self.url = CFG.RHN_PARENT
scheme = 'https://'
self.url = CFG.RHN_PARENT or ''
self.url = parseUrl(self.url)[1].split(':')[0]
self.url = scheme + self.url + path
def setURL(self, path='/APP'):
# overloaded for uploadlib.py
if not CFG.RHN_PARENT:
self.die(-1, "rhn_parent not set in the configuration file")
self.url = CFG.RHN_PARENT
scheme = 'http://'
if not self.options.no_ssl and CFG.USE_SSL:
# i.e., --no-ssl overrides the USE_SSL config variable.
scheme = 'https://'
self.url = CFG.RHN_PARENT or ''
self.url = parseUrl(self.url)[1].split(':')[0]
self.url = scheme + self.url + path
def __init__(self, req):
SharedHandler.__init__(self, req)
# Initialize variables
self.componentType = 'proxy.broker'
self.cachedClientInfo = None # headers - session token
self.authChannels = None
self.clientServerId = None
self.rhnParentXMLRPC = None
self.authToken = None
self.fullRequestURL = None
hostname = ''
# should *always* exist and be my ip address
my_ip_addr = req.headers_in['SERVER_ADDR']
if 'Host' in req.headers_in:
# the client has provided a host header
try:
# When a client with python 2.4 (RHEL 5) uses SSL
# the host header is in the 'hostname:port' form
# (In python 2.6 RFE #1472176 changed this and 'hostname'
# is used). We need to use the 'hostname' part in any case
# or we create bogus 'hostname:port' DNS queries
host_header = req.headers_in['Host'].split(':')[0]
if host_header != my_ip_addr and \
socket.gethostbyname(host_header) == my_ip_addr:
# if host header is valid (i.e. not just an /etc/hosts
# entry on the client or the hostname of some other
# machine (say a load balancer)) then use it
hostname = host_header
except (socket.gaierror, socket.error, socket.herror,
socket.timeout):
# hostname probably didn't exist, fine
pass
if not hostname:
# okay, that didn't work, let's do a reverse dns lookup on my
# ip address
try:
hostname = socket.gethostbyaddr(my_ip_addr)[0]
except (socket.gaierror, socket.error, socket.herror,
socket.timeout):
# unknown host, we don't have a hostname?
pass
if not hostname:
# this shouldn't happen
# socket.gethostname is a punt. Shouldn't need to do it.
hostname = socket.gethostname()
log_debug(
-1, 'WARNING: no hostname in the incoming headers; '
'punting: %s' % hostname)
hostname = parseUrl(hostname)[1].split(':')[0]
self.proxyAuth = proxy.rhnProxyAuth.get_proxy_auth(hostname)
self._initConnectionVariables(req)
def schemeAndUrl(self, url):
""" http[s]://BLAHBLAHBLAH/ACKACK --> http[s]://BLAHBLAHBLAH """
if not url:
url = CFG.RHN_PARENT # the default
# just make the url complete.
hostname = rhnLib.parseUrl(url or '')[1]
hostname = hostname.split(':')[0] # just in case
if self.sslYN:
url = 'https://' + hostname
else:
url = 'http://' + hostname
return url
def testParseUrl(self):
self.assertEqual(('', '', '', '', '', ''), rhnLib.parseUrl(''))
self.assertEqual(('', 'somehostname', '', '', '', ''),
rhnLib.parseUrl('somehostname'))
self.assertEqual(('http', 'somehostname', '', '', '', ''),
rhnLib.parseUrl('http://somehostname'))
self.assertEqual(('https', 'somehostname', '', '', '', ''),
rhnLib.parseUrl('https://somehostname'))
self.assertEqual(('https', 'somehostname:123', '', '', '', ''),
rhnLib.parseUrl('https://somehostname:123'))
self.assertEqual(('https', 'somehostname:123', '/ABCDE', '', '', ''),
rhnLib.parseUrl('https://somehostname:123/ABCDE'))