python2-xynehttpserver
Metadata
| Description: | Python BaseHTTPServer classes extended with authentication, SSL, and threading. |
| Latest Version: | 2021 |
| Source Code: | src/ |
| Architecture: |
|
| Dependencies: |
|
| Conflicts: |
|
| Arch Repositories: |
|
| AUR Page: | python2-xynehttpserver |
| Tags: |
Deprecation Notice
This module is deprecated. The code has been refactored into the
ThreadedHTTPSServer module of python3-threaded_servers. Use
that module instead as this will will disappear eventually.
About
python2-xynehttpserver provides the backend for the following projects:
Modules
- XyneHTTPServer - extends
BaseHTTPServer.HTTPServerandBaseHTTPServer.BaseHTTPRequestHandler- HTTP authentication
- SSL support (HTTPS)
- threaded request handling
- miscellaneous convenience functions
Certificate Generation
Here are some references for creating self-signed certificates:
- http://www.madboa.com/geek/openssl/#cert-pkcs12
- http://www.akadia.com/services/ssh_test_certificate.html
- http://code.activestate.com/recipes/442473-simple-http-server-supporting-ssl-secure-communica/
Generate a key and self-signed certificate for the server:
openssl req -newkey rsa:1024 -x509 -nodes -days 365 -keyout server.pem -out server.pem
Generate a certificate for the client using the server certificate created above (replace “My Certificate” with the name that you want to use):
openssl pkcs12 -export -out client.pfx -in server.pem -name "My Certificate"
This PKCS#12 certificate can then be used by clients to authenticate themselves when connecting to the server. For example, to import it in Firefox, “Edit” -> “Preferences” -> “Advanced” -> “View Certificate” -> “Your Certificates” -> “Import”.
Convert the PKCS#12 certificate to “pem” format:
openssl pkcs12 -in client.pfx -out client.pem -nodes
Quickproxy
Quickproxy is a simple HTTP proxy server that can be used with clients that do not support HTTP Digest Authentication or HTTPS connections (with client certificates). Simply start the server with the necessary options to authenticate on the remote server and then connect to it via HTTP.
I have posted it here for now but I will eventually package it.
Note that this server is only meant to be used on localhost or within a restricted LAN. It should never be made public as it would effectively act as a backdoor into the remote server.
Features
- HTTP Digest Authentication
- HTTPS support including client certificates
Caveats
- the remote server’s certificate is not verified
- HTTP Authentication does not work with HTTPS client certificates
- The “POST” method is not supported.
Agenda
- rewrite in Python 3 - see what’s left to do after that
- determine why HTTP Authentication doesn’t work with HTTPS client certificates and fix if possible
- add support for “POST”, including multipart forms (i.e. file uploads)
- add possibly missing features for proxy functionality
- Contact
- echo xyne.archlinux.org | sed 's/\./@/'
- Validation
- XHTML 1.0 Strict CSS level 3 Atom 1.0