python2-xynehttpserver

2014-10-12 23:16 UTC
  • Xyne

Metadata

Description:

Python BaseHTTPServer classes extended with authentication, SSL, and threading.

Latest Version:

2012.12.24.2

Architecture:

  • any

Dependencies:

  • python2

Conflicts:

  • python-xynehttpserver

Arch Repositories:

  • [xyne-any]
  • [xyne-i686]
  • [xyne-x86_64]

AUR ID:

65027

Tags:

Deprecation Notice

This module is deprecated. The code has been refactored into the ThreadedHTTPSServer module of python3-threaded_servers. Use that module instead as this will will disappear eventually.

About

python2-xynehttpserver provides the backend for the following projects:

Modules

  • XyneHTTPServer - extends BaseHTTPServer.HTTPServer and BaseHTTPServer.BaseHTTPRequestHandler
    • HTTP authentication
    • SSL support (HTTPS)
    • threaded request handling
    • miscellaneous convenience functions

Certificate Generation

Here are some references for creating self-signed certificates:

Generate a key and self-signed certificate for the server:

openssl req -newkey rsa:1024 -x509 -nodes -days 365 -keyout server.pem -out server.pem

Generate a certificate for the client using the server certificate created above (replace "My Certificate" with the name that you want to use):

openssl pkcs12 -export -out client.pfx -in server.pem -name "My Certificate"

This PKCS#12 certificate can then be used by clients to authenticate themselves when connecting to the server. For example, to import it in Firefox, "Edit" -> "Preferences" -> "Advanced" -> "View Certificate" -> "Your Certificates" -> "Import".

Convert the PKCS#12 certificate to "pem" format:

openssl pkcs12 -in client.pfx -out client.pem -nodes

Quickproxy

Quickproxy is a simple HTTP proxy server that can be used with clients that do not support HTTP Digest Authentication or HTTPS connections (with client certificates). Simply start the server with the necessary options to authenticate on the remote server and then connect to it via HTTP.

I have posted it here for now but I will eventually package it.

Note that this server is only meant to be used on localhost or within a restricted LAN. It should never be made public as it would effectively act as a backdoor into the remote server.

Features

  • HTTP Digest Authentication
  • HTTPS support including client certificates

Caveats

  • the remote server's certificate is not verified
  • HTTP Authentication does not work with HTTPS client certificates
  • The "POST" method is not supported.

Agenda

  • rewrite in Python 3 - see what's left to do after that
  • determine why HTTP Authentication doesn't work with HTTPS client certificates and fix if possible
  • add support for "POST", including multipart forms (i.e. file uploads)
  • add possibly missing features for proxy functionality
Contact
echo xyne.archlinux.ca | sed 's/\./@/'
Feeds
Blog News
Validation
XHTML 1.0 Strict CSS level 3 Atom 1.0