Skip to content

Instantly share code, notes, and snippets.

@monstermunchkin

monstermunchkin/SecureXMLRPCServer.py

Created July 22, 2011 19:29
Show Gist options
  • Save monstermunchkin/1100226 to your computer and use it in GitHub Desktop.
Save monstermunchkin/1100226 to your computer and use it in GitHub Desktop.
Download ZIP
SSL / TLS XML-RPC Server in Python
Raw
SecureXMLRPCServer.py
import socketserver
import ssl
import xmlrpc.server
try:
import fcntl
except ImportError:
fcntl = None
class SecureXMLRPCServer(socketserver.TCPServer,
xmlrpc.server.SimpleXMLRPCDispatcher):
allow_reuse_address = True
def __init__(self, addr, certfile, keyfile=None,
requestHandler=xmlrpc.server.SimpleXMLRPCRequestHandler,
logRequests=True, allow_none=False, encoding=None,
bind_and_activate=True, ssl_version=ssl.PROTOCOL_TLSv1):
self.logRequests = logRequests
# create an SSL context
self.context = ssl.SSLContext(ssl_version)
self.context.load_cert_chain(certfile=certfile, keyfile=keyfile)
xmlrpc.server.SimpleXMLRPCDispatcher.__init__(self, allow_none,
encoding)
# call TCPServer constructor
socketserver.TCPServer.__init__(self, addr, requestHandler,
bind_and_activate)
if fcntl is not None and hasattr(fcntl, 'FD_CLOEXEC'):
flags = fcntl.fcntl(self.fileno(), fcntl.F_GETFD)
flags |= fcntl.FD_CLOEXEC
fcntl.fcntl(self.fileno(), fcntl.F_SETFD, flags)
def get_request(self):
newsocket, fromaddr = self.socket.accept()
# create an server-side SSL socket
sslsocket = self.context.wrap_socket(newsocket, server_side=True)
return sslsocket, fromaddr
@mschewe
Copy link

mschewe commented Jul 23, 2011

Was bastelst du denn?

@monstermunchkin
Copy link
Author

Noch nichts. Ich sorge nur für ein bisschen mehr Sicherheit.

@lucaswiman
Copy link

This was very helpful. Note that depending on how your certificate is split into files, you may need to add the following lines:

self.context.load_default_certs()
self.context.load_verify_locations(ca_bundle)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment