Context Navigation

init.py

リビジョン 3, 69.2 KB (コミッタ: kohda, 14 年前)
Install Unix tools http://hannonlab.cshl.edu/galaxy_unix_tools/galaxy.html

行番号
1	"""A high-speed, production ready, thread pooled, generic WSGI server.
2
3	Simplest example on how to use this module directly
4	(without using CherryPy's application machinery):
5
6	from cherrypy import wsgiserver
7
8	def my_crazy_app(environ, start_response):
9	status = '200 OK'
10	response_headers = [('Content-type','text/plain')]
11	start_response(status, response_headers)
12	return ['Hello world!\n']
13
14	server = wsgiserver.CherryPyWSGIServer(
15	('0.0.0.0', 8070), my_crazy_app,
16	server_name='www.cherrypy.example')
17
18	The CherryPy WSGI server can serve as many WSGI applications
19	as you want in one instance by using a WSGIPathInfoDispatcher:
20
21	d = WSGIPathInfoDispatcher({'/': my_crazy_app, '/blog': my_blog_app})
22	server = wsgiserver.CherryPyWSGIServer(('0.0.0.0', 80), d)
23
24	Want SSL support? Just set these attributes:
25
26	server.ssl_certificate = <filename>
27	server.ssl_private_key = <filename>
28
29	if __name__ == '__main__':
30	try:
31	server.start()
32	except KeyboardInterrupt:
33	server.stop()
34
35	This won't call the CherryPy engine (application side) at all, only the
36	WSGI server, which is independant from the rest of CherryPy. Don't
37	let the name "CherryPyWSGIServer" throw you; the name merely reflects
38	its origin, not its coupling.
39
40	For those of you wanting to understand internals of this module, here's the
41	basic call flow. The server's listening thread runs a very tight loop,
42	sticking incoming connections onto a Queue:
43
44	server = CherryPyWSGIServer(...)
45	server.start()
46	while True:
47	tick()
48	# This blocks until a request comes in:
49	child = socket.accept()
50	conn = HTTPConnection(child, ...)
51	server.requests.put(conn)
52
53	Worker threads are kept in a pool and poll the Queue, popping off and then
54	handling each connection in turn. Each connection can consist of an arbitrary
55	number of requests and their responses, so we run a nested loop:
56
57	while True:
58	conn = server.requests.get()
59	conn.communicate()
60	-> while True:
61	req = HTTPRequest(...)
62	req.parse_request()
63	-> # Read the Request-Line, e.g. "GET /page HTTP/1.1"
64	req.rfile.readline()
65	req.read_headers()
66	req.respond()
67	-> response = wsgi_app(...)
68	try:
69	for chunk in response:
70	if chunk:
71	req.write(chunk)
72	finally:
73	if hasattr(response, "close"):
74	response.close()
75	if req.close_connection:
76	return
77	"""
78
79
80	import base64
81	import os
82	import Queue
83	import re
84	quoted_slash = re.compile("(?i)%2F")
85	import rfc822
86	import socket
87	try:
88	import cStringIO as StringIO
89	except ImportError:
90	import StringIO
91
92	_fileobject_uses_str_type = isinstance(socket._fileobject(None)._rbuf, basestring)
93
94	import sys
95	import threading
96	import time
97	import traceback
98	from urllib import unquote
99	from urlparse import urlparse
100	import warnings
101
102	try:
103	from OpenSSL import SSL
104	from OpenSSL import crypto
105	except ImportError:
106	SSL = None
107
108	import errno
109
110	def plat_specific_errors(*errnames):
111	"""Return error numbers for all errors in errnames on this platform.
112
113	The 'errno' module contains different global constants depending on
114	the specific platform (OS). This function will return the list of
115	numeric values for a given list of potential names.
116	"""
117	errno_names = dir(errno)
118	nums = [getattr(errno, k) for k in errnames if k in errno_names]
119	# de-dupe the list
120	return dict.fromkeys(nums).keys()
121
122	socket_error_eintr = plat_specific_errors("EINTR", "WSAEINTR")
123
124	socket_errors_to_ignore = plat_specific_errors(
125	"EPIPE",
126	"EBADF", "WSAEBADF",
127	"ENOTSOCK", "WSAENOTSOCK",
128	"ETIMEDOUT", "WSAETIMEDOUT",
129	"ECONNREFUSED", "WSAECONNREFUSED",
130	"ECONNRESET", "WSAECONNRESET",
131	"ECONNABORTED", "WSAECONNABORTED",
132	"ENETRESET", "WSAENETRESET",
133	"EHOSTDOWN", "EHOSTUNREACH",
134	)
135	socket_errors_to_ignore.append("timed out")
136
137	socket_errors_nonblocking = plat_specific_errors(
138	'EAGAIN', 'EWOULDBLOCK', 'WSAEWOULDBLOCK')
139
140	comma_separated_headers = ['ACCEPT', 'ACCEPT-CHARSET', 'ACCEPT-ENCODING',
141	'ACCEPT-LANGUAGE', 'ACCEPT-RANGES', 'ALLOW', 'CACHE-CONTROL',
142	'CONNECTION', 'CONTENT-ENCODING', 'CONTENT-LANGUAGE', 'EXPECT',
143	'IF-MATCH', 'IF-NONE-MATCH', 'PRAGMA', 'PROXY-AUTHENTICATE', 'TE',
144	'TRAILER', 'TRANSFER-ENCODING', 'UPGRADE', 'VARY', 'VIA', 'WARNING',
145	'WWW-AUTHENTICATE']
146
147
148	class WSGIPathInfoDispatcher(object):
149	"""A WSGI dispatcher for dispatch based on the PATH_INFO.
150
151	apps: a dict or list of (path_prefix, app) pairs.
152	"""
153
154	def __init__(self, apps):
155	try:
156	apps = apps.items()
157	except AttributeError:
158	pass
159
160	# Sort the apps by len(path), descending
161	apps.sort()
162	apps.reverse()
163
164	# The path_prefix strings must start, but not end, with a slash.
165	# Use "" instead of "/".
166	self.apps = [(p.rstrip("/"), a) for p, a in apps]
167
168	def __call__(self, environ, start_response):
169	path = environ["PATH_INFO"] or "/"
170	for p, app in self.apps:
171	# The apps list should be sorted by length, descending.
172	if path.startswith(p + "/") or path == p:
173	environ = environ.copy()
174	environ["SCRIPT_NAME"] = environ["SCRIPT_NAME"] + p
175	environ["PATH_INFO"] = path[len(p):]
176	return app(environ, start_response)
177
178	start_response('404 Not Found', [('Content-Type', 'text/plain'),
179	('Content-Length', '0')])
180	return ['']
181
182
183	class MaxSizeExceeded(Exception):
184	pass
185
186	class SizeCheckWrapper(object):
187	"""Wraps a file-like object, raising MaxSizeExceeded if too large."""
188
189	def __init__(self, rfile, maxlen):
190	self.rfile = rfile
191	self.maxlen = maxlen
192	self.bytes_read = 0
193
194	def _check_length(self):
195	if self.maxlen and self.bytes_read > self.maxlen:
196	raise MaxSizeExceeded()
197
198	def read(self, size=None):
199	data = self.rfile.read(size)
200	self.bytes_read += len(data)
201	self._check_length()
202	return data
203
204	def readline(self, size=None):
205	if size is not None:
206	data = self.rfile.readline(size)
207	self.bytes_read += len(data)
208	self._check_length()
209	return data
210
211	# User didn't specify a size ...
212	# We read the line in chunks to make sure it's not a 100MB line !
213	res = []
214	while True:
215	data = self.rfile.readline(256)
216	self.bytes_read += len(data)
217	self._check_length()
218	res.append(data)
219	# See http://www.cherrypy.org/ticket/421
220	if len(data) < 256 or data[-1:] == "\n":
221	return ''.join(res)
222
223	def readlines(self, sizehint=0):
224	# Shamelessly stolen from StringIO
225	total = 0
226	lines = []
227	line = self.readline()
228	while line:
229	lines.append(line)
230	total += len(line)
231	if 0 < sizehint <= total:
232	break
233	line = self.readline()
234	return lines
235
236	def close(self):
237	self.rfile.close()
238
239	def __iter__(self):
240	return self
241
242	def next(self):
243	data = self.rfile.next()
244	self.bytes_read += len(data)
245	self._check_length()
246	return data
247
248
249	class HTTPRequest(object):
250	"""An HTTP Request (and response).
251
252	A single HTTP connection may consist of multiple request/response pairs.
253
254	send: the 'send' method from the connection's socket object.
255	wsgi_app: the WSGI application to call.
256	environ: a partial WSGI environ (server and connection entries).
257	The caller MUST set the following entries:
258	* All wsgi.* entries, including .input
259	* SERVER_NAME and SERVER_PORT
260	* Any SSL_* entries
261	* Any custom entries like REMOTE_ADDR and REMOTE_PORT
262	* SERVER_SOFTWARE: the value to write in the "Server" response header.
263	* ACTUAL_SERVER_PROTOCOL: the value to write in the Status-Line of
264	the response. From RFC 2145: "An HTTP server SHOULD send a
265	response version equal to the highest version for which the
266	server is at least conditionally compliant, and whose major
267	version is less than or equal to the one received in the
268	request. An HTTP server MUST NOT send a version for which
269	it is not at least conditionally compliant."
270
271	outheaders: a list of header tuples to write in the response.
272	ready: when True, the request has been parsed and is ready to begin
273	generating the response. When False, signals the calling Connection
274	that the response should not be generated and the connection should
275	close.
276	close_connection: signals the calling Connection that the request
277	should close. This does not imply an error! The client and/or
278	server may each request that the connection be closed.
279	chunked_write: if True, output will be encoded with the "chunked"
280	transfer-coding. This value is set automatically inside
281	send_headers.
282	"""
283
284	max_request_header_size = 0
285	max_request_body_size = 0
286
287	def __init__(self, wfile, environ, wsgi_app):
288	self.rfile = environ['wsgi.input']
289	self.wfile = wfile
290	self.environ = environ.copy()
291	self.wsgi_app = wsgi_app
292
293	self.ready = False
294	self.started_response = False
295	self.status = ""
296	self.outheaders = []
297	self.sent_headers = False
298	self.close_connection = False
299	self.chunked_write = False
300
301	def parse_request(self):
302	"""Parse the next HTTP request start-line and message-headers."""
303	self.rfile.maxlen = self.max_request_header_size
304	self.rfile.bytes_read = 0
305
306	try:
307	self._parse_request()
308	except MaxSizeExceeded:
309	self.simple_response("413 Request Entity Too Large")
310	return
311
312	def _parse_request(self):
313	# HTTP/1.1 connections are persistent by default. If a client
314	# requests a page, then idles (leaves the connection open),
315	# then rfile.readline() will raise socket.error("timed out").
316	# Note that it does this based on the value given to settimeout(),
317	# and doesn't need the client to request or acknowledge the close
318	# (although your TCP stack might suffer for it: cf Apache's history
319	# with FIN_WAIT_2).
320	request_line = self.rfile.readline()
321	if not request_line:
322	# Force self.ready = False so the connection will close.
323	self.ready = False
324	return
325
326	if request_line == "\r\n":
327	# RFC 2616 sec 4.1: "...if the server is reading the protocol
328	# stream at the beginning of a message and receives a CRLF
329	# first, it should ignore the CRLF."
330	# But only ignore one leading line! else we enable a DoS.
331	request_line = self.rfile.readline()
332	if not request_line:
333	self.ready = False
334	return
335
336	environ = self.environ
337
338	try:
339	method, path, req_protocol = request_line.strip().split(" ", 2)
340	except ValueError:
341	self.simple_response(400, "Malformed Request-Line")
342	return
343
344	environ["REQUEST_METHOD"] = method
345
346	# path may be an abs_path (including "http://host.domain.tld");
347	scheme, location, path, params, qs, frag = urlparse(path)
348
349	if frag:
350	self.simple_response("400 Bad Request",
351	"Illegal #fragment in Request-URI.")
352	return
353
354	if scheme:
355	environ["wsgi.url_scheme"] = scheme
356	if params:
357	path = path + ";" + params
358
359	environ["SCRIPT_NAME"] = ""
360
361	# Unquote the path+params (e.g. "/this%20path" -> "this path").
362	# http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html#sec5.1.2
363	#
364	# But note that "...a URI must be separated into its components
365	# before the escaped characters within those components can be
366	# safely decoded." http://www.ietf.org/rfc/rfc2396.txt, sec 2.4.2
367	atoms = [unquote(x) for x in quoted_slash.split(path)]
368	path = "%2F".join(atoms)
369	environ["PATH_INFO"] = path
370
371	# Note that, like wsgiref and most other WSGI servers,
372	# we unquote the path but not the query string.
373	environ["QUERY_STRING"] = qs
374
375	# Compare request and server HTTP protocol versions, in case our
376	# server does not support the requested protocol. Limit our output
377	# to min(req, server). We want the following output:
378	# request server actual written supported response
379	# protocol protocol response protocol feature set
380	# a 1.0 1.0 1.0 1.0
381	# b 1.0 1.1 1.1 1.0
382	# c 1.1 1.0 1.0 1.0
383	# d 1.1 1.1 1.1 1.1
384	# Notice that, in (b), the response will be "HTTP/1.1" even though
385	# the client only understands 1.0. RFC 2616 10.5.6 says we should
386	# only return 505 if the _major_ version is different.
387	rp = int(req_protocol[5]), int(req_protocol[7])
388	server_protocol = environ["ACTUAL_SERVER_PROTOCOL"]
389	sp = int(server_protocol[5]), int(server_protocol[7])
390	if sp[0] != rp[0]:
391	self.simple_response("505 HTTP Version Not Supported")
392	return
393	# Bah. "SERVER_PROTOCOL" is actually the REQUEST protocol.
394	environ["SERVER_PROTOCOL"] = req_protocol
395	self.response_protocol = "HTTP/%s.%s" % min(rp, sp)
396
397	# If the Request-URI was an absoluteURI, use its location atom.
398	if location:
399	environ["SERVER_NAME"] = location
400
401	# then all the http headers
402	try:
403	self.read_headers()
404	except ValueError, ex:
405	self.simple_response("400 Bad Request", repr(ex.args))
406	return
407
408	mrbs = self.max_request_body_size
409	if mrbs and int(environ.get("CONTENT_LENGTH", 0)) > mrbs:
410	self.simple_response("413 Request Entity Too Large")
411	return
412
413	# Persistent connection support
414	if self.response_protocol == "HTTP/1.1":
415	# Both server and client are HTTP/1.1
416	if environ.get("HTTP_CONNECTION", "") == "close":
417	self.close_connection = True
418	else:
419	# Either the server or client (or both) are HTTP/1.0
420	if environ.get("HTTP_CONNECTION", "") != "Keep-Alive":
421	self.close_connection = True
422
423	# Transfer-Encoding support
424	te = None
425	if self.response_protocol == "HTTP/1.1":
426	te = environ.get("HTTP_TRANSFER_ENCODING")
427	if te:
428	te = [x.strip().lower() for x in te.split(",") if x.strip()]
429
430	self.chunked_read = False
431
432	if te:
433	for enc in te:
434	if enc == "chunked":
435	self.chunked_read = True
436	else:
437	# Note that, even if we see "chunked", we must reject
438	# if there is an extension we don't recognize.
439	self.simple_response("501 Unimplemented")
440	self.close_connection = True
441	return
442
443	# From PEP 333:
444	# "Servers and gateways that implement HTTP 1.1 must provide
445	# transparent support for HTTP 1.1's "expect/continue" mechanism.
446	# This may be done in any of several ways:
447	# 1. Respond to requests containing an Expect: 100-continue request
448	# with an immediate "100 Continue" response, and proceed normally.
449	# 2. Proceed with the request normally, but provide the application
450	# with a wsgi.input stream that will send the "100 Continue"
451	# response if/when the application first attempts to read from
452	# the input stream. The read request must then remain blocked
453	# until the client responds.
454	# 3. Wait until the client decides that the server does not support
455	# expect/continue, and sends the request body on its own.
456	# (This is suboptimal, and is not recommended.)
457	#
458	# We used to do 3, but are now doing 1. Maybe we'll do 2 someday,
459	# but it seems like it would be a big slowdown for such a rare case.
460	if environ.get("HTTP_EXPECT", "") == "100-continue":
461	self.simple_response(100)
462
463	self.ready = True
464
465	def read_headers(self):
466	"""Read header lines from the incoming stream."""
467	environ = self.environ
468
469	while True:
470	line = self.rfile.readline()
471	if not line:
472	# No more data--illegal end of headers
473	raise ValueError("Illegal end of headers.")
474
475	if line == '\r\n':
476	# Normal end of headers
477	break
478
479	if line[0] in ' \t':
480	# It's a continuation line.
481	v = line.strip()
482	else:
483	k, v = line.split(":", 1)
484	k, v = k.strip().upper(), v.strip()
485	envname = "HTTP_" + k.replace("-", "_")
486
487	if k in comma_separated_headers:
488	existing = environ.get(envname)
489	if existing:
490	v = ", ".join((existing, v))
491	environ[envname] = v
492
493	ct = environ.pop("HTTP_CONTENT_TYPE", None)
494	if ct is not None:
495	environ["CONTENT_TYPE"] = ct
496	cl = environ.pop("HTTP_CONTENT_LENGTH", None)
497	if cl is not None:
498	environ["CONTENT_LENGTH"] = cl
499
500	def decode_chunked(self):
501	"""Decode the 'chunked' transfer coding."""
502	cl = 0
503	data = StringIO.StringIO()
504	while True:
505	line = self.rfile.readline().strip().split(";", 1)
506	chunk_size = int(line.pop(0), 16)
507	if chunk_size <= 0:
508	break
509	## if line: chunk_extension = line[0]
510	cl += chunk_size
511	data.write(self.rfile.read(chunk_size))
512	crlf = self.rfile.read(2)
513	if crlf != "\r\n":
514	self.simple_response("400 Bad Request",
515	"Bad chunked transfer coding "
516	"(expected '\\r\\n', got %r)" % crlf)
517	return
518
519	# Grab any trailer headers
520	self.read_headers()
521
522	data.seek(0)
523	self.environ["wsgi.input"] = data
524	self.environ["CONTENT_LENGTH"] = str(cl) or ""
525	return True
526
527	def respond(self):
528	"""Call the appropriate WSGI app and write its iterable output."""
529	# Set rfile.maxlen to ensure we don't read past Content-Length.
530	# This will also be used to read the entire request body if errors
531	# are raised before the app can read the body.
532	if self.chunked_read:
533	# If chunked, Content-Length will be 0.
534	self.rfile.maxlen = self.max_request_body_size
535	else:
536	cl = int(self.environ.get("CONTENT_LENGTH", 0))
537	if self.max_request_body_size:
538	self.rfile.maxlen = min(cl, self.max_request_body_size)
539	else:
540	self.rfile.maxlen = cl
541	self.rfile.bytes_read = 0
542
543	try:
544	self._respond()
545	except MaxSizeExceeded:
546	if not self.sent_headers:
547	self.simple_response("413 Request Entity Too Large")
548	return
549
550	def _respond(self):
551	if self.chunked_read:
552	if not self.decode_chunked():
553	self.close_connection = True
554	return
555
556	response = self.wsgi_app(self.environ, self.start_response)
557	try:
558	for chunk in response:
559	# "The start_response callable must not actually transmit
560	# the response headers. Instead, it must store them for the
561	# server or gateway to transmit only after the first
562	# iteration of the application return value that yields
563	# a NON-EMPTY string, or upon the application's first
564	# invocation of the write() callable." (PEP 333)
565	if chunk:
566	self.write(chunk)
567	finally:
568	if hasattr(response, "close"):
569	response.close()
570
571	if (self.ready and not self.sent_headers):
572	self.sent_headers = True
573	self.send_headers()
574	if self.chunked_write:
575	self.wfile.sendall("0\r\n\r\n")
576
577	def simple_response(self, status, msg=""):
578	"""Write a simple response back to the client."""
579	status = str(status)
580	buf = ["%s %s\r\n" % (self.environ['ACTUAL_SERVER_PROTOCOL'], status),
581	"Content-Length: %s\r\n" % len(msg),
582	"Content-Type: text/plain\r\n"]
583
584	if status[:3] == "413" and self.response_protocol == 'HTTP/1.1':
585	# Request Entity Too Large
586	self.close_connection = True
587	buf.append("Connection: close\r\n")
588
589	buf.append("\r\n")
590	if msg:
591	buf.append(msg)
592
593	try:
594	self.wfile.sendall("".join(buf))
595	except socket.error, x:
596	if x.args[0] not in socket_errors_to_ignore:
597	raise
598
599	def start_response(self, status, headers, exc_info = None):
600	"""WSGI callable to begin the HTTP response."""
601	# "The application may call start_response more than once,
602	# if and only if the exc_info argument is provided."
603	if self.started_response and not exc_info:
604	raise AssertionError("WSGI start_response called a second "
605	"time with no exc_info.")
606
607	# "if exc_info is provided, and the HTTP headers have already been
608	# sent, start_response must raise an error, and should raise the
609	# exc_info tuple."
610	if self.sent_headers:
611	try:
612	raise exc_info[0], exc_info[1], exc_info[2]
613	finally:
614	exc_info = None
615
616	self.started_response = True
617	self.status = status
618	self.outheaders.extend(headers)
619	return self.write
620
621	def write(self, chunk):
622	"""WSGI callable to write unbuffered data to the client.
623
624	This method is also used internally by start_response (to write
625	data from the iterable returned by the WSGI application).
626	"""
627	if not self.started_response:
628	raise AssertionError("WSGI write called before start_response.")
629
630	if not self.sent_headers:
631	self.sent_headers = True
632	self.send_headers()
633
634	if self.chunked_write and chunk:
635	buf = [hex(len(chunk))[2:], "\r\n", chunk, "\r\n"]
636	self.wfile.sendall("".join(buf))
637	else:
638	self.wfile.sendall(chunk)
639
640	def send_headers(self):
641	"""Assert, process, and send the HTTP response message-headers."""
642	hkeys = [key.lower() for key, value in self.outheaders]
643	status = int(self.status[:3])
644
645	if status == 413:
646	# Request Entity Too Large. Close conn to avoid garbage.
647	self.close_connection = True
648	elif "content-length" not in hkeys:
649	# "All 1xx (informational), 204 (no content),
650	# and 304 (not modified) responses MUST NOT
651	# include a message-body." So no point chunking.
652	if status < 200 or status in (204, 205, 304):
653	pass
654	else:
655	if (self.response_protocol == 'HTTP/1.1'
656	and self.environ["REQUEST_METHOD"] != 'HEAD'):
657	# Use the chunked transfer-coding
658	self.chunked_write = True
659	self.outheaders.append(("Transfer-Encoding", "chunked"))
660	else:
661	# Closing the conn is the only way to determine len.
662	self.close_connection = True
663
664	if "connection" not in hkeys:
665	if self.response_protocol == 'HTTP/1.1':
666	# Both server and client are HTTP/1.1 or better
667	if self.close_connection:
668	self.outheaders.append(("Connection", "close"))
669	else:
670	# Server and/or client are HTTP/1.0
671	if not self.close_connection:
672	self.outheaders.append(("Connection", "Keep-Alive"))
673
674	if (not self.close_connection) and (not self.chunked_read):
675	# Read any remaining request body data on the socket.
676	# "If an origin server receives a request that does not include an
677	# Expect request-header field with the "100-continue" expectation,
678	# the request includes a request body, and the server responds
679	# with a final status code before reading the entire request body
680	# from the transport connection, then the server SHOULD NOT close
681	# the transport connection until it has read the entire request,
682	# or until the client closes the connection. Otherwise, the client
683	# might not reliably receive the response message. However, this
684	# requirement is not be construed as preventing a server from
685	# defending itself against denial-of-service attacks, or from
686	# badly broken client implementations."
687	size = self.rfile.maxlen - self.rfile.bytes_read
688	if size > 0:
689	self.rfile.read(size)
690
691	if "date" not in hkeys:
692	self.outheaders.append(("Date", rfc822.formatdate()))
693
694	if "server" not in hkeys:
695	self.outheaders.append(("Server", self.environ['SERVER_SOFTWARE']))
696
697	buf = [self.environ['ACTUAL_SERVER_PROTOCOL'], " ", self.status, "\r\n"]
698	try:
699	buf += [k + ": " + v + "\r\n" for k, v in self.outheaders]
700	except TypeError:
701	if not isinstance(k, str):
702	raise TypeError("WSGI response header key %r is not a string.")
703	if not isinstance(v, str):
704	raise TypeError("WSGI response header value %r is not a string.")
705	else:
706	raise
707	buf.append("\r\n")
708	self.wfile.sendall("".join(buf))
709
710
711	class NoSSLError(Exception):
712	"""Exception raised when a client speaks HTTP to an HTTPS socket."""
713	pass
714
715
716	class FatalSSLAlert(Exception):
717	"""Exception raised when the SSL implementation signals a fatal alert."""
718	pass
719
720
721	if not _fileobject_uses_str_type:
722	class CP_fileobject(socket._fileobject):
723	"""Faux file object attached to a socket object."""
724
725	def sendall(self, data):
726	"""Sendall for non-blocking sockets."""
727	while data:
728	try:
729	bytes_sent = self.send(data)
730	data = data[bytes_sent:]
731	except socket.error, e:
732	if e.args[0] not in socket_errors_nonblocking:
733	raise
734
735	def send(self, data):
736	return self._sock.send(data)
737
738	def flush(self):
739	if self._wbuf:
740	buffer = "".join(self._wbuf)
741	self._wbuf = []
742	self.sendall(buffer)
743
744	def recv(self, size):
745	while True:
746	try:
747	return self._sock.recv(size)
748	except socket.error, e:
749	if (e.args[0] not in socket_errors_nonblocking
750	and e.args[0] not in socket_error_eintr):
751	raise
752
753	def read(self, size=-1):
754	# Use max, disallow tiny reads in a loop as they are very inefficient.
755	# We never leave read() with any leftover data from a new recv() call
756	# in our internal buffer.
757	rbufsize = max(self._rbufsize, self.default_bufsize)
758	# Our use of StringIO rather than lists of string objects returned by
759	# recv() minimizes memory usage and fragmentation that occurs when
760	# rbufsize is large compared to the typical return value of recv().
761	buf = self._rbuf
762	buf.seek(0, 2) # seek end
763	if size < 0:
764	# Read until EOF
765	self._rbuf = StringIO.StringIO() # reset _rbuf. we consume it via buf.
766	while True:
767	data = self.recv(rbufsize)
768	if not data:
769	break
770	buf.write(data)
771	return buf.getvalue()
772	else:
773	# Read until size bytes or EOF seen, whichever comes first
774	buf_len = buf.tell()
775	if buf_len >= size:
776	# Already have size bytes in our buffer? Extract and return.
777	buf.seek(0)
778	rv = buf.read(size)
779	self._rbuf = StringIO.StringIO()
780	self._rbuf.write(buf.read())
781	return rv
782
783	self._rbuf = StringIO.StringIO() # reset _rbuf. we consume it via buf.
784	while True:
785	left = size - buf_len
786	# recv() will malloc the amount of memory given as its
787	# parameter even though it often returns much less data
788	# than that. The returned data string is short lived
789	# as we copy it into a StringIO and free it. This avoids
790	# fragmentation issues on many platforms.
791	data = self.recv(left)
792	if not data:
793	break
794	n = len(data)
795	if n == size and not buf_len:
796	# Shortcut. Avoid buffer data copies when:
797	# - We have no data in our buffer.
798	# AND
799	# - Our call to recv returned exactly the
800	# number of bytes we were asked to read.
801	return data
802	if n == left:
803	buf.write(data)
804	del data # explicit free
805	break
806	assert n <= left, "recv(%d) returned %d bytes" % (left, n)
807	buf.write(data)
808	buf_len += n
809	del data # explicit free
810	#assert buf_len == buf.tell()
811	return buf.getvalue()
812
813	def readline(self, size=-1):
814	buf = self._rbuf
815	buf.seek(0, 2) # seek end
816	if buf.tell() > 0:
817	# check if we already have it in our buffer
818	buf.seek(0)
819	bline = buf.readline(size)
820	if bline.endswith('\n') or len(bline) == size:
821	self._rbuf = StringIO.StringIO()
822	self._rbuf.write(buf.read())
823	return bline
824	del bline
825	if size < 0:
826	# Read until \n or EOF, whichever comes first
827	if self._rbufsize <= 1:
828	# Speed up unbuffered case
829	buf.seek(0)
830	buffers = [buf.read()]
831	self._rbuf = StringIO.StringIO() # reset _rbuf. we consume it via buf.
832	data = None
833	recv = self.recv
834	while data != "\n":
835	data = recv(1)
836	if not data:
837	break
838	buffers.append(data)
839	return "".join(buffers)
840
841	buf.seek(0, 2) # seek end
842	self._rbuf = StringIO.StringIO() # reset _rbuf. we consume it via buf.
843	while True:
844	data = self.recv(self._rbufsize)
845	if not data:
846	break
847	nl = data.find('\n')
848	if nl >= 0:
849	nl += 1
850	buf.write(data[:nl])
851	self._rbuf.write(data[nl:])
852	del data
853	break
854	buf.write(data)
855	return buf.getvalue()
856	else:
857	# Read until size bytes or \n or EOF seen, whichever comes first
858	buf.seek(0, 2) # seek end
859	buf_len = buf.tell()
860	if buf_len >= size:
861	buf.seek(0)
862	rv = buf.read(size)
863	self._rbuf = StringIO.StringIO()
864	self._rbuf.write(buf.read())
865	return rv
866	self._rbuf = StringIO.StringIO() # reset _rbuf. we consume it via buf.
867	while True:
868	data = self.recv(self._rbufsize)
869	if not data:
870	break
871	left = size - buf_len
872	# did we just receive a newline?
873	nl = data.find('\n', 0, left)
874	if nl >= 0:
875	nl += 1
876	# save the excess data to _rbuf
877	self._rbuf.write(data[nl:])
878	if buf_len:
879	buf.write(data[:nl])
880	break
881	else:
882	# Shortcut. Avoid data copy through buf when returning
883	# a substring of our first recv().
884	return data[:nl]
885	n = len(data)
886	if n == size and not buf_len:
887	# Shortcut. Avoid data copy through buf when
888	# returning exactly all of our first recv().
889	return data
890	if n >= left:
891	buf.write(data[:left])
892	self._rbuf.write(data[left:])
893	break
894	buf.write(data)
895	buf_len += n
896	#assert buf_len == buf.tell()
897	return buf.getvalue()
898
899	else:
900	class CP_fileobject(socket._fileobject):
901	"""Faux file object attached to a socket object."""
902
903	def sendall(self, data):
904	"""Sendall for non-blocking sockets."""
905	while data:
906	try:
907	bytes_sent = self.send(data)
908	data = data[bytes_sent:]
909	except socket.error, e:
910	if e.args[0] not in socket_errors_nonblocking:
911	raise
912
913	def send(self, data):
914	return self._sock.send(data)
915
916	def flush(self):
917	if self._wbuf:
918	buffer = "".join(self._wbuf)
919	self._wbuf = []
920	self.sendall(buffer)
921
922	def recv(self, size):
923	while True:
924	try:
925	return self._sock.recv(size)
926	except socket.error, e:
927	if (e.args[0] not in socket_errors_nonblocking
928	and e.args[0] not in socket_error_eintr):
929	raise
930
931	def read(self, size=-1):
932	if size < 0:
933	# Read until EOF
934	buffers = [self._rbuf]
935	self._rbuf = ""
936	if self._rbufsize <= 1:
937	recv_size = self.default_bufsize
938	else:
939	recv_size = self._rbufsize
940
941	while True:
942	data = self.recv(recv_size)
943	if not data:
944	break
945	buffers.append(data)
946	return "".join(buffers)
947	else:
948	# Read until size bytes or EOF seen, whichever comes first
949	data = self._rbuf
950	buf_len = len(data)
951	if buf_len >= size:
952	self._rbuf = data[size:]
953	return data[:size]
954	buffers = []
955	if data:
956	buffers.append(data)
957	self._rbuf = ""
958	while True:
959	left = size - buf_len
960	recv_size = max(self._rbufsize, left)
961	data = self.recv(recv_size)
962	if not data:
963	break
964	buffers.append(data)
965	n = len(data)
966	if n >= left:
967	self._rbuf = data[left:]
968	buffers[-1] = data[:left]
969	break
970	buf_len += n
971	return "".join(buffers)
972
973	def readline(self, size=-1):
974	data = self._rbuf
975	if size < 0:
976	# Read until \n or EOF, whichever comes first
977	if self._rbufsize <= 1:
978	# Speed up unbuffered case
979	assert data == ""
980	buffers = []
981	while data != "\n":
982	data = self.recv(1)
983	if not data:
984	break
985	buffers.append(data)
986	return "".join(buffers)
987	nl = data.find('\n')
988	if nl >= 0:
989	nl += 1
990	self._rbuf = data[nl:]
991	return data[:nl]
992	buffers = []
993	if data:
994	buffers.append(data)
995	self._rbuf = ""
996	while True:
997	data = self.recv(self._rbufsize)
998	if not data:
999	break
1000	buffers.append(data)
1001	nl = data.find('\n')
1002	if nl >= 0:
1003	nl += 1
1004	self._rbuf = data[nl:]
1005	buffers[-1] = data[:nl]
1006	break
1007	return "".join(buffers)
1008	else:
1009	# Read until size bytes or \n or EOF seen, whichever comes first
1010	nl = data.find('\n', 0, size)
1011	if nl >= 0:
1012	nl += 1
1013	self._rbuf = data[nl:]
1014	return data[:nl]
1015	buf_len = len(data)
1016	if buf_len >= size:
1017	self._rbuf = data[size:]
1018	return data[:size]
1019	buffers = []
1020	if data:
1021	buffers.append(data)
1022	self._rbuf = ""
1023	while True:
1024	data = self.recv(self._rbufsize)
1025	if not data:
1026	break
1027	buffers.append(data)
1028	left = size - buf_len
1029	nl = data.find('\n', 0, left)
1030	if nl >= 0:
1031	nl += 1
1032	self._rbuf = data[nl:]
1033	buffers[-1] = data[:nl]
1034	break
1035	n = len(data)
1036	if n >= left:
1037	self._rbuf = data[left:]
1038	buffers[-1] = data[:left]
1039	break
1040	buf_len += n
1041	return "".join(buffers)
1042
1043
1044	class SSL_fileobject(CP_fileobject):
1045	"""SSL file object attached to a socket object."""
1046
1047	ssl_timeout = 3
1048	ssl_retry = .01
1049
1050	def _safe_call(self, is_reader, call, args, *kwargs):
1051	"""Wrap the given call with SSL error-trapping.
1052
1053	is_reader: if False EOF errors will be raised. If True, EOF errors
1054	will return "" (to emulate normal sockets).
1055	"""
1056	start = time.time()
1057	while True:
1058	try:
1059	return call(args, *kwargs)
1060	except SSL.WantReadError:
1061	# Sleep and try again. This is dangerous, because it means
1062	# the rest of the stack has no way of differentiating
1063	# between a "new handshake" error and "client dropped".
1064	# Note this isn't an endless loop: there's a timeout below.
1065	time.sleep(self.ssl_retry)
1066	except SSL.WantWriteError:
1067	time.sleep(self.ssl_retry)
1068	except SSL.SysCallError, e:
1069	if is_reader and e.args == (-1, 'Unexpected EOF'):
1070	return ""
1071
1072	errnum = e.args[0]
1073	if is_reader and errnum in socket_errors_to_ignore:
1074	return ""
1075	raise socket.error(errnum)
1076	except SSL.Error, e:
1077	if is_reader and e.args == (-1, 'Unexpected EOF'):
1078	return ""
1079
1080	thirdarg = None
1081	try:
1082	thirdarg = e.args[0][0][2]
1083	except IndexError:
1084	pass
1085
1086	if thirdarg == 'http request':
1087	# The client is talking HTTP to an HTTPS server.
1088	raise NoSSLError()
1089	raise FatalSSLAlert(*e.args)
1090	except:
1091	raise
1092
1093	if time.time() - start > self.ssl_timeout:
1094	raise socket.timeout("timed out")
1095
1096	def recv(self, args, *kwargs):
1097	buf = []
1098	r = super(SSL_fileobject, self).recv
1099	while True:
1100	data = self._safe_call(True, r, args, *kwargs)
1101	buf.append(data)
1102	p = self._sock.pending()
1103	if not p:
1104	return "".join(buf)
1105
1106	def sendall(self, args, *kwargs):
1107	return self._safe_call(False, super(SSL_fileobject, self).sendall, args, *kwargs)
1108
1109	def send(self, args, *kwargs):
1110	return self._safe_call(False, super(SSL_fileobject, self).send, args, *kwargs)
1111
1112
1113	class HTTPConnection(object):
1114	"""An HTTP connection (active socket).
1115
1116	socket: the raw socket object (usually TCP) for this connection.
1117	wsgi_app: the WSGI application for this server/connection.
1118	environ: a WSGI environ template. This will be copied for each request.
1119
1120	rfile: a fileobject for reading from the socket.
1121	send: a function for writing (+ flush) to the socket.
1122	"""
1123
1124	rbufsize = -1
1125	RequestHandlerClass = HTTPRequest
1126	environ = {"wsgi.version": (1, 0),
1127	"wsgi.url_scheme": "http",
1128	"wsgi.multithread": True,
1129	"wsgi.multiprocess": False,
1130	"wsgi.run_once": False,
1131	"wsgi.errors": sys.stderr,
1132	}
1133
1134	def __init__(self, sock, wsgi_app, environ):
1135	self.socket = sock
1136	self.wsgi_app = wsgi_app
1137
1138	# Copy the class environ into self.
1139	self.environ = self.environ.copy()
1140	self.environ.update(environ)
1141
1142	if SSL and isinstance(sock, SSL.ConnectionType):
1143	timeout = sock.gettimeout()
1144	self.rfile = SSL_fileobject(sock, "rb", self.rbufsize)
1145	self.rfile.ssl_timeout = timeout
1146	self.wfile = SSL_fileobject(sock, "wb", -1)
1147	self.wfile.ssl_timeout = timeout
1148	else:
1149	self.rfile = CP_fileobject(sock, "rb", self.rbufsize)
1150	self.wfile = CP_fileobject(sock, "wb", -1)
1151
1152	# Wrap wsgi.input but not HTTPConnection.rfile itself.
1153	# We're also not setting maxlen yet; we'll do that separately
1154	# for headers and body for each iteration of self.communicate
1155	# (if maxlen is 0 the wrapper doesn't check length).
1156	self.environ["wsgi.input"] = SizeCheckWrapper(self.rfile, 0)
1157
1158	def communicate(self):
1159	"""Read each request and respond appropriately."""
1160	try:
1161	while True:
1162	# (re)set req to None so that if something goes wrong in
1163	# the RequestHandlerClass constructor, the error doesn't
1164	# get written to the previous request.
1165	req = None
1166	req = self.RequestHandlerClass(self.wfile, self.environ,
1167	self.wsgi_app)
1168
1169	# This order of operations should guarantee correct pipelining.
1170	req.parse_request()
1171	if not req.ready:
1172	return
1173
1174	req.respond()
1175	if req.close_connection:
1176	return
1177
1178	except socket.error, e:
1179	errnum = e.args[0]
1180	if errnum == 'timed out':
1181	if req and not req.sent_headers:
1182	req.simple_response("408 Request Timeout")
1183	elif errnum not in socket_errors_to_ignore:
1184	if req and not req.sent_headers:
1185	req.simple_response("500 Internal Server Error",
1186	format_exc())
1187	return
1188	except (KeyboardInterrupt, SystemExit):
1189	raise
1190	except FatalSSLAlert, e:
1191	# Close the connection.
1192	return
1193	except NoSSLError:
1194	# Unwrap our wfile
1195	req.wfile = CP_fileobject(self.socket, "wb", -1)
1196	if req and not req.sent_headers:
1197	req.simple_response("400 Bad Request",
1198	"The client sent a plain HTTP request, but "
1199	"this server only speaks HTTPS on this port.")
1200	except Exception, e:
1201	if req and not req.sent_headers:
1202	req.simple_response("500 Internal Server Error", format_exc())
1203
1204	def close(self):
1205	"""Close the socket underlying this connection."""
1206	self.rfile.close()
1207
1208	# Python's socket module does NOT call close on the kernel socket
1209	# when you call socket.close(). We do so manually here because we
1210	# want this server to send a FIN TCP segment immediately. Note this
1211	# must be called before calling socket.close(), because the latter
1212	# drops its reference to the kernel socket.
1213	self.socket._sock.close()
1214
1215	self.socket.close()
1216
1217
1218	def format_exc(limit=None):
1219	"""Like print_exc() but return a string. Backport for Python 2.3."""
1220	try:
1221	etype, value, tb = sys.exc_info()
1222	return ''.join(traceback.format_exception(etype, value, tb, limit))
1223	finally:
1224	etype = value = tb = None
1225
1226
1227	_SHUTDOWNREQUEST = None
1228
1229	class WorkerThread(threading.Thread):
1230	"""Thread which continuously polls a Queue for Connection objects.
1231
1232	server: the HTTP Server which spawned this thread, and which owns the
1233	Queue and is placing active connections into it.
1234	ready: a simple flag for the calling server to know when this thread
1235	has begun polling the Queue.
1236
1237	Due to the timing issues of polling a Queue, a WorkerThread does not
1238	check its own 'ready' flag after it has started. To stop the thread,
1239	it is necessary to stick a _SHUTDOWNREQUEST object onto the Queue
1240	(one for each running WorkerThread).
1241	"""
1242
1243	conn = None
1244
1245	def __init__(self, server):
1246	self.ready = False
1247	self.server = server
1248	threading.Thread.__init__(self)
1249
1250	def run(self):
1251	try:
1252	self.ready = True
1253	while True:
1254	conn = self.server.requests.get()
1255	if conn is _SHUTDOWNREQUEST:
1256	return
1257
1258	self.conn = conn
1259	try:
1260	conn.communicate()
1261	finally:
1262	conn.close()
1263	self.conn = None
1264	except (KeyboardInterrupt, SystemExit), exc:
1265	self.server.interrupt = exc
1266
1267
1268	class ThreadPool(object):
1269	"""A Request Queue for the CherryPyWSGIServer which pools threads.
1270
1271	ThreadPool objects must provide min, get(), put(obj), start()
1272	and stop(timeout) attributes.
1273	"""
1274
1275	def __init__(self, server, min=10, max=-1):
1276	self.server = server
1277	self.min = min
1278	self.max = max
1279	self._threads = []
1280	self._queue = Queue.Queue()
1281	self.get = self._queue.get
1282
1283	def start(self):
1284	"""Start the pool of threads."""
1285	for i in xrange(self.min):
1286	self._threads.append(WorkerThread(self.server))
1287	for worker in self._threads:
1288	worker.setName("CP WSGIServer " + worker.getName())
1289	worker.start()
1290	for worker in self._threads:
1291	while not worker.ready:
1292	time.sleep(.1)
1293
1294	def _get_idle(self):
1295	"""Number of worker threads which are idle. Read-only."""
1296	return len([t for t in self._threads if t.conn is None])
1297	idle = property(_get_idle, doc=_get_idle.__doc__)
1298
1299	def put(self, obj):
1300	self._queue.put(obj)
1301	if obj is _SHUTDOWNREQUEST:
1302	return
1303
1304	def grow(self, amount):
1305	"""Spawn new worker threads (not above self.max)."""
1306	for i in xrange(amount):
1307	if self.max > 0 and len(self._threads) >= self.max:
1308	break
1309	worker = WorkerThread(self.server)
1310	worker.setName("CP WSGIServer " + worker.getName())
1311	self._threads.append(worker)
1312	worker.start()
1313
1314	def shrink(self, amount):
1315	"""Kill off worker threads (not below self.min)."""
1316	# Grow/shrink the pool if necessary.
1317	# Remove any dead threads from our list
1318	for t in self._threads:
1319	if not t.isAlive():
1320	self._threads.remove(t)
1321	amount -= 1
1322
1323	if amount > 0:
1324	for i in xrange(min(amount, len(self._threads) - self.min)):
1325	# Put a number of shutdown requests on the queue equal
1326	# to 'amount'. Once each of those is processed by a worker,
1327	# that worker will terminate and be culled from our list
1328	# in self.put.
1329	self._queue.put(_SHUTDOWNREQUEST)
1330
1331	def stop(self, timeout=5):
1332	# Must shut down threads here so the code that calls
1333	# this method can know when all threads are stopped.
1334	for worker in self._threads:
1335	self._queue.put(_SHUTDOWNREQUEST)
1336
1337	# Don't join currentThread (when stop is called inside a request).
1338	current = threading.currentThread()
1339	while self._threads:
1340	worker = self._threads.pop()
1341	if worker is not current and worker.isAlive():
1342	try:
1343	if timeout is None or timeout < 0:
1344	worker.join()
1345	else:
1346	worker.join(timeout)
1347	if worker.isAlive():
1348	# We exhausted the timeout.
1349	# Forcibly shut down the socket.
1350	c = worker.conn
1351	if c and not c.rfile.closed:
1352	if SSL and isinstance(c.socket, SSL.ConnectionType):
1353	# pyOpenSSL.socket.shutdown takes no args
1354	c.socket.shutdown()
1355	else:
1356	c.socket.shutdown(socket.SHUT_RD)
1357	worker.join()
1358	except (AssertionError,
1359	# Ignore repeated Ctrl-C.
1360	# See http://www.cherrypy.org/ticket/691.
1361	KeyboardInterrupt), exc1:
1362	pass
1363
1364
1365
1366	class SSLConnection:
1367	"""A thread-safe wrapper for an SSL.Connection.
1368
1369	args: the arguments to create the wrapped SSL.Connection(args).
1370	"""
1371
1372	def __init__(self, *args):
1373	self._ssl_conn = SSL.Connection(*args)
1374	self._lock = threading.RLock()
1375
1376	for f in ('get_context', 'pending', 'send', 'write', 'recv', 'read',
1377	'renegotiate', 'bind', 'listen', 'connect', 'accept',
1378	'setblocking', 'fileno', 'shutdown', 'close', 'get_cipher_list',
1379	'getpeername', 'getsockname', 'getsockopt', 'setsockopt',
1380	'makefile', 'get_app_data', 'set_app_data', 'state_string',
1381	'sock_shutdown', 'get_peer_certificate', 'want_read',
1382	'want_write', 'set_connect_state', 'set_accept_state',
1383	'connect_ex', 'sendall', 'settimeout'):
1384	exec """def %s(self, *args):
1385	self._lock.acquire()
1386	try:
1387	return self._ssl_conn.%s(*args)
1388	finally:
1389	self._lock.release()
1390	""" % (f, f)
1391
1392
1393	try:
1394	import fcntl
1395	except ImportError:
1396	try:
1397	from ctypes import windll, WinError
1398	except ImportError:
1399	def prevent_socket_inheritance(sock):
1400	"""Dummy function, since neither fcntl nor ctypes are available."""
1401	pass
1402	else:
1403	def prevent_socket_inheritance(sock):
1404	"""Mark the given socket fd as non-inheritable (Windows)."""
1405	if not windll.kernel32.SetHandleInformation(sock.fileno(), 1, 0):
1406	raise WinError()
1407	else:
1408	def prevent_socket_inheritance(sock):
1409	"""Mark the given socket fd as non-inheritable (POSIX)."""
1410	fd = sock.fileno()
1411	old_flags = fcntl.fcntl(fd, fcntl.F_GETFD)
1412	fcntl.fcntl(fd, fcntl.F_SETFD, old_flags \| fcntl.FD_CLOEXEC)
1413
1414
1415	class CherryPyWSGIServer(object):
1416	"""An HTTP server for WSGI.
1417
1418	bind_addr: The interface on which to listen for connections.
1419	For TCP sockets, a (host, port) tuple. Host values may be any IPv4
1420	or IPv6 address, or any valid hostname. The string 'localhost' is a
1421	synonym for '127.0.0.1' (or '::1', if your hosts file prefers IPv6).
1422	The string '0.0.0.0' is a special IPv4 entry meaning "any active
1423	interface" (INADDR_ANY), and '::' is the similar IN6ADDR_ANY for
1424	IPv6. The empty string or None are not allowed.
1425
1426	For UNIX sockets, supply the filename as a string.
1427	wsgi_app: the WSGI 'application callable'; multiple WSGI applications
1428	may be passed as (path_prefix, app) pairs.
1429	numthreads: the number of worker threads to create (default 10).
1430	server_name: the string to set for WSGI's SERVER_NAME environ entry.
1431	Defaults to socket.gethostname().
1432	max: the maximum number of queued requests (defaults to -1 = no limit).
1433	request_queue_size: the 'backlog' argument to socket.listen();
1434	specifies the maximum number of queued connections (default 5).
1435	timeout: the timeout in seconds for accepted connections (default 10).
1436
1437	nodelay: if True (the default since 3.1), sets the TCP_NODELAY socket
1438	option.
1439
1440	protocol: the version string to write in the Status-Line of all
1441	HTTP responses. For example, "HTTP/1.1" (the default). This
1442	also limits the supported features used in the response.
1443
1444
1445	SSL/HTTPS
1446	---------
1447	The OpenSSL module must be importable for SSL functionality.
1448	You can obtain it from http://pyopenssl.sourceforge.net/
1449
1450	ssl_certificate: the filename of the server SSL certificate.
1451	ssl_privatekey: the filename of the server's private key file.
1452
1453	If either of these is None (both are None by default), this server
1454	will not use SSL. If both are given and are valid, they will be read
1455	on server start and used in the SSL context for the listening socket.
1456	"""
1457
1458	protocol = "HTTP/1.1"
1459	_bind_addr = "127.0.0.1"
1460	version = "CherryPy/3.1.1"
1461	ready = False
1462	_interrupt = None
1463
1464	nodelay = True
1465
1466	ConnectionClass = HTTPConnection
1467	environ = {}
1468
1469	# Paths to certificate and private key files
1470	ssl_certificate = None
1471	ssl_private_key = None
1472
1473	def __init__(self, bind_addr, wsgi_app, numthreads=10, server_name=None,
1474	max=-1, request_queue_size=5, timeout=10, shutdown_timeout=5):
1475	self.requests = ThreadPool(self, min=numthreads or 1, max=max)
1476
1477	if callable(wsgi_app):
1478	# We've been handed a single wsgi_app, in CP-2.1 style.
1479	# Assume it's mounted at "".
1480	self.wsgi_app = wsgi_app
1481	else:
1482	# We've been handed a list of (path_prefix, wsgi_app) tuples,
1483	# so that the server can call different wsgi_apps, and also
1484	# correctly set SCRIPT_NAME.
1485	warnings.warn("The ability to pass multiple apps is deprecated "
1486	"and will be removed in 3.2. You should explicitly "
1487	"include a WSGIPathInfoDispatcher instead.",
1488	DeprecationWarning)
1489	self.wsgi_app = WSGIPathInfoDispatcher(wsgi_app)
1490
1491	self.bind_addr = bind_addr
1492	if not server_name:
1493	server_name = socket.gethostname()
1494	self.server_name = server_name
1495	self.request_queue_size = request_queue_size
1496
1497	self.timeout = timeout
1498	self.shutdown_timeout = shutdown_timeout
1499
1500	def _get_numthreads(self):
1501	return self.requests.min
1502	def _set_numthreads(self, value):
1503	self.requests.min = value
1504	numthreads = property(_get_numthreads, _set_numthreads)
1505
1506	def __str__(self):
1507	return "%s.%s(%r)" % (self.__module__, self.__class__.__name__,
1508	self.bind_addr)
1509
1510	def _get_bind_addr(self):
1511	return self._bind_addr
1512	def _set_bind_addr(self, value):
1513	if isinstance(value, tuple) and value[0] in ('', None):
1514	# Despite the socket module docs, using '' does not
1515	# allow AI_PASSIVE to work. Passing None instead
1516	# returns '0.0.0.0' like we want. In other words:
1517	# host AI_PASSIVE result
1518	# '' Y 192.168.x.y
1519	# '' N 192.168.x.y
1520	# None Y 0.0.0.0
1521	# None N 127.0.0.1
1522	# But since you can get the same effect with an explicit
1523	# '0.0.0.0', we deny both the empty string and None as values.
1524	raise ValueError("Host values of '' or None are not allowed. "
1525	"Use '0.0.0.0' (IPv4) or '::' (IPv6) instead "
1526	"to listen on all active interfaces.")
1527	self._bind_addr = value
1528	bind_addr = property(_get_bind_addr, _set_bind_addr,
1529	doc="""The interface on which to listen for connections.
1530
1531	For TCP sockets, a (host, port) tuple. Host values may be any IPv4
1532	or IPv6 address, or any valid hostname. The string 'localhost' is a
1533	synonym for '127.0.0.1' (or '::1', if your hosts file prefers IPv6).
1534	The string '0.0.0.0' is a special IPv4 entry meaning "any active
1535	interface" (INADDR_ANY), and '::' is the similar IN6ADDR_ANY for
1536	IPv6. The empty string or None are not allowed.
1537
1538	For UNIX sockets, supply the filename as a string.""")
1539
1540	def start(self):
1541	"""Run the server forever."""
1542	# We don't have to trap KeyboardInterrupt or SystemExit here,
1543	# because cherrpy.server already does so, calling self.stop() for us.
1544	# If you're using this server with another framework, you should
1545	# trap those exceptions in whatever code block calls start().
1546	self._interrupt = None
1547
1548	# Select the appropriate socket
1549	if isinstance(self.bind_addr, basestring):
1550	# AF_UNIX socket
1551
1552	# So we can reuse the socket...
1553	try: os.unlink(self.bind_addr)
1554	except: pass
1555
1556	# So everyone can access the socket...
1557	try: os.chmod(self.bind_addr, 0777)
1558	except: pass
1559
1560	info = [(socket.AF_UNIX, socket.SOCK_STREAM, 0, "", self.bind_addr)]
1561	else:
1562	# AF_INET or AF_INET6 socket
1563	# Get the correct address family for our host (allows IPv6 addresses)
1564	host, port = self.bind_addr
1565	try:
1566	info = socket.getaddrinfo(host, port, socket.AF_UNSPEC,
1567	socket.SOCK_STREAM, 0, socket.AI_PASSIVE)
1568	except socket.gaierror:
1569	# Probably a DNS issue. Assume IPv4.
1570	info = [(socket.AF_INET, socket.SOCK_STREAM, 0, "", self.bind_addr)]
1571
1572	self.socket = None
1573	msg = "No socket could be created"
1574	for res in info:
1575	af, socktype, proto, canonname, sa = res
1576	try:
1577	self.bind(af, socktype, proto)
1578	except socket.error, msg:
1579	if self.socket:
1580	self.socket.close()
1581	self.socket = None
1582	continue
1583	break
1584	if not self.socket:
1585	raise socket.error, msg
1586
1587	# Timeout so KeyboardInterrupt can be caught on Win32
1588	self.socket.settimeout(1)
1589	self.socket.listen(self.request_queue_size)
1590
1591	# Create worker threads
1592	self.requests.start()
1593
1594	self.ready = True
1595	while self.ready:
1596	self.tick()
1597	if self.interrupt:
1598	while self.interrupt is True:
1599	# Wait for self.stop() to complete. See _set_interrupt.
1600	time.sleep(0.1)
1601	if self.interrupt:
1602	raise self.interrupt
1603
1604	def bind(self, family, type, proto=0):
1605	"""Create (or recreate) the actual socket object."""
1606	self.socket = socket.socket(family, type, proto)
1607	prevent_socket_inheritance(self.socket)
1608	self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
1609	if self.nodelay:
1610	self.socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
1611	if self.ssl_certificate and self.ssl_private_key:
1612	if SSL is None:
1613	raise ImportError("You must install pyOpenSSL to use HTTPS.")
1614
1615	# See http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/442473
1616	ctx = SSL.Context(SSL.SSLv23_METHOD)
1617	ctx.use_privatekey_file(self.ssl_private_key)
1618	ctx.use_certificate_file(self.ssl_certificate)
1619	self.socket = SSLConnection(ctx, self.socket)
1620	self.populate_ssl_environ()
1621
1622	# If listening on the IPV6 any address ('::' = IN6ADDR_ANY),
1623	# activate dual-stack. See http://www.cherrypy.org/ticket/871.
1624	if (not isinstance(self.bind_addr, basestring)
1625	and self.bind_addr[0] == '::' and family == socket.AF_INET6):
1626	try:
1627	self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, 0)
1628	except (AttributeError, socket.error):
1629	# Apparently, the socket option is not available in
1630	# this machine's TCP stack
1631	pass
1632
1633	self.socket.bind(self.bind_addr)
1634
1635	def tick(self):
1636	"""Accept a new connection and put it on the Queue."""
1637	try:
1638	s, addr = self.socket.accept()
1639	prevent_socket_inheritance(s)
1640	if not self.ready:
1641	return
1642	if hasattr(s, 'settimeout'):
1643	s.settimeout(self.timeout)
1644
1645	environ = self.environ.copy()
1646	# SERVER_SOFTWARE is common for IIS. It's also helpful for
1647	# us to pass a default value for the "Server" response header.
1648	if environ.get("SERVER_SOFTWARE") is None:
1649	environ["SERVER_SOFTWARE"] = "%s WSGI Server" % self.version
1650	# set a non-standard environ entry so the WSGI app can know what
1651	# the real server protocol is (and what features to support).
1652	# See http://www.faqs.org/rfcs/rfc2145.html.
1653	environ["ACTUAL_SERVER_PROTOCOL"] = self.protocol
1654	environ["SERVER_NAME"] = self.server_name
1655
1656	if isinstance(self.bind_addr, basestring):
1657	# AF_UNIX. This isn't really allowed by WSGI, which doesn't
1658	# address unix domain sockets. But it's better than nothing.
1659	environ["SERVER_PORT"] = ""
1660	else:
1661	environ["SERVER_PORT"] = str(self.bind_addr[1])
1662	# optional values
1663	# Until we do DNS lookups, omit REMOTE_HOST
1664	environ["REMOTE_ADDR"] = addr[0]
1665	environ["REMOTE_PORT"] = str(addr[1])
1666
1667	conn = self.ConnectionClass(s, self.wsgi_app, environ)
1668	self.requests.put(conn)
1669	except socket.timeout:
1670	# The only reason for the timeout in start() is so we can
1671	# notice keyboard interrupts on Win32, which don't interrupt
1672	# accept() by default
1673	return
1674	except socket.error, x:
1675	if x.args[0] in socket_error_eintr:
1676	# I think this is right. EINTR should occur when a signal
1677	# is received during the accept() call; all docs say retry
1678	# the call, and I think I'm reading it right that Python
1679	# will then go ahead and poll for and handle the signal
1680	# elsewhere. See http://www.cherrypy.org/ticket/707.
1681	return
1682	if x.args[0] in socket_errors_nonblocking:
1683	# Just try again. See http://www.cherrypy.org/ticket/479.
1684	return
1685	if x.args[0] in socket_errors_to_ignore:
1686	# Our socket was closed.
1687	# See http://www.cherrypy.org/ticket/686.
1688	return
1689	raise
1690
1691	def _get_interrupt(self):
1692	return self._interrupt
1693	def _set_interrupt(self, interrupt):
1694	self._interrupt = True
1695	self.stop()
1696	self._interrupt = interrupt
1697	interrupt = property(_get_interrupt, _set_interrupt,
1698	doc="Set this to an Exception instance to "
1699	"interrupt the server.")
1700
1701	def stop(self):
1702	"""Gracefully shutdown a server that is serving forever."""
1703	self.ready = False
1704
1705	sock = getattr(self, "socket", None)
1706	if sock:
1707	if not isinstance(self.bind_addr, basestring):
1708	# Touch our own socket to make accept() return immediately.
1709	try:
1710	host, port = sock.getsockname()[:2]
1711	except socket.error, x:
1712	if x.args[1] != "Bad file descriptor":
1713	raise
1714	else:
1715	# Note that we're explicitly NOT using AI_PASSIVE,
1716	# here, because we want an actual IP to touch.
1717	# localhost won't work if we've bound to a public IP,
1718	# but it will if we bound to '0.0.0.0' (INADDR_ANY).
1719	for res in socket.getaddrinfo(host, port, socket.AF_UNSPEC,
1720	socket.SOCK_STREAM):
1721	af, socktype, proto, canonname, sa = res
1722	s = None
1723	try:
1724	s = socket.socket(af, socktype, proto)
1725	# See http://groups.google.com/group/cherrypy-users/
1726	# browse_frm/thread/bbfe5eb39c904fe0
1727	s.settimeout(1.0)
1728	s.connect((host, port))
1729	s.close()
1730	except socket.error:
1731	if s:
1732	s.close()
1733	if hasattr(sock, "close"):
1734	sock.close()
1735	self.socket = None
1736
1737	self.requests.stop(self.shutdown_timeout)
1738
1739	def populate_ssl_environ(self):
1740	"""Create WSGI environ entries to be merged into each request."""
1741	cert = open(self.ssl_certificate, 'rb').read()
1742	cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert)
1743	ssl_environ = {
1744	"wsgi.url_scheme": "https",
1745	"HTTPS": "on",
1746	# pyOpenSSL doesn't provide access to any of these AFAICT
1747	## 'SSL_PROTOCOL': 'SSLv2',
1748	## SSL_CIPHER string The cipher specification name
1749	## SSL_VERSION_INTERFACE string The mod_ssl program version
1750	## SSL_VERSION_LIBRARY string The OpenSSL program version
1751	}
1752
1753	# Server certificate attributes
1754	ssl_environ.update({
1755	'SSL_SERVER_M_VERSION': cert.get_version(),
1756	'SSL_SERVER_M_SERIAL': cert.get_serial_number(),
1757	## 'SSL_SERVER_V_START': Validity of server's certificate (start time),
1758	## 'SSL_SERVER_V_END': Validity of server's certificate (end time),
1759	})
1760
1761	for prefix, dn in [("I", cert.get_issuer()),
1762	("S", cert.get_subject())]:
1763	# X509Name objects don't seem to have a way to get the
1764	# complete DN string. Use str() and slice it instead,
1765	# because str(dn) == "<X509Name object '/C=US/ST=...'>"
1766	dnstr = str(dn)[18:-2]
1767
1768	wsgikey = 'SSL_SERVER_%s_DN' % prefix
1769	ssl_environ[wsgikey] = dnstr
1770
1771	# The DN should be of the form: /k1=v1/k2=v2, but we must allow
1772	# for any value to contain slashes itself (in a URL).
1773	while dnstr:
1774	pos = dnstr.rfind("=")
1775	dnstr, value = dnstr[:pos], dnstr[pos + 1:]
1776	pos = dnstr.rfind("/")
1777	dnstr, key = dnstr[:pos], dnstr[pos + 1:]
1778	if key and value:
1779	wsgikey = 'SSL_SERVER_%s_DN_%s' % (prefix, key)
1780	ssl_environ[wsgikey] = value
1781
1782	self.environ.update(ssl_environ)
1783

Note: リポジトリブラウザについてのヘルプは TracBrowser を参照してください。

Context Navigation

root/galaxy-central/eggs/PasteScript-1.7.3-py2.6.egg/paste/script/wsgiserver/__init__.py

異なるフォーマットでダウンロード:

root/galaxy-central/eggs/PasteScript-1.7.3-py2.6.egg/paste/script/wsgiserver/init.py