== Release 0.1.0 ==

git-svn-id: http://proj.badc.rl.ac.uk/svn/ndg-security/trunk/ndg_httpsclient@7989 051b1e3e-aa0c-0410-b6c2-bfbade6052be

LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2011, Science & Technology Facilities Council (STFC)
+Copyright (c) 2012, Science & Technology Facilities Council (STFC)
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without 

README

@@ -1,12 +1,13 @@
-================
-urllib2pyopenssl
-================
+===============
+ndg_httpsclient
+===============
 
 Description
 ===========
-This is a library to enable urllib2 to be used with SSL sockets from pyOpenSSL instead of the built in ssl library. A script is provided to exercise it:
+This is a library to enable urllib2 to be used with SSL sockets from pyOpenSSL 
+instead of the built in ssl library. A script is provided to exercise it:
 
-urllib2pyopenssl_get::
+ndg_httpclient::
  - Utility to fetch data using HTTP or HTTPS GET from a specified URL.
 
 Prerequisites
@@ -18,10 +19,10 @@ pyOpenSSL
 Installation
 ============
 Installation can be performed using easy_install, e.g.::
-  easy_install urllib2pyopenssl-0.1.0-py2.6.egg
+  easy_install ndg_httpsclient-0.1.0-py2.6.egg
 
-Running urllib2pyopenssl_get
-============================
+Running ndg_httpclient
+======================
 Parameter::
     url                   The URL of the resource to be fetched
 
@@ -33,7 +34,8 @@ Options::
                           Private key file - defaults to the certificate file
     -t DIR, --ca-certificate-dir=DIR
                           Trusted CA certificate file directory.
-    -d, --debug           Print debug information - this may be useful in solving problems with HTTP
-                          or HTTPS access to a server.
+    -d, --debug           Print debug information - this may be useful in 
+                          solving problems with HTTP or HTTPS access to a 
+                          server.
     -f FILE, --fetch=FILE Output file
-    -v, --verify-peer     Verify peer certificate.
+    -n, --no-verify-peer  Skip verification of peer certificate..

documentation/Makefile

@@ -0,0 +1,32 @@
+#
+# Makefile to generate epydoc documentation for the NDG HTTPS Client Package
+#
+# @author P J Kershaw 17/01/12
+#
+
+# @copyright: (C) 2012 STFC
+#
+# @license: BSD - see LICENSE file for details
+#
+# $Id$
+
+# Generate HTML from embedded epydoc text in source code.
+EPYDOC=epydoc
+EPYDOC_INDIR=../ndg
+EPYDOC_OUTDIR=.
+EPYDOC_NAME='NDG HTTPS Client'
+EPYDOC_LOGFILE=epydoc.log
+EPYDOC_OPTS=--no-frames --include-log --graph=all -v --debug
+ZIP=zip
+ZIP_OUTFILE=./documentation.zip
+ZIP_INFILES=./*.*
+
+epydoc:
+	${EPYDOC} ${EPYDOC_INDIR} -o ${EPYDOC_OUTDIR} --name ${EPYDOC_NAME} \
+	${EPYDOC_OPTS} > ${EPYDOC_LOGFILE}
+
+zip:
+	${ZIP} ${ZIP_OUTFILE} ${ZIP_INFILES}    
+
+clean:
+	rm -f *.txt *.html *.gif *.css *.js *.png *.log

ndg/httpsclient/https.py

@@ -12,14 +12,9 @@
 __revision__ = '$Id$'
 import logging
 import socket
-import sys
 from httplib import HTTPS_PORT
-if sys.version_info < (2, 6, 2):
-    from ndg.httpsclient.httplib_proxy import HTTPConnection
-    from ndg.httpsclient.urllib2_proxy import AbstractHTTPHandler
-else:
-    from httplib import HTTPConnection
-    from urllib2 import AbstractHTTPHandler
+from httplib import HTTPConnection
+from urllib2 import AbstractHTTPHandler
 
 
 from OpenSSL import SSL
@@ -107,8 +102,8 @@ def __init__(self, ssl_context, debuglevel=0):
 
     def https_open(self, req):
         """Opens HTTPS request
-        @param req - HTTP request
-        @return HTTP Response object
+        @param req: HTTP request
+        @return: HTTP Response object
         """
         # Make a custom class extending HTTPSConnection, with the SSL context
         # set as a class variable so that it is available to the connect method.

ndg/httpsclient/ssl_context_util.py

@@ -1,9 +1,20 @@
+"""ndg_httpsclient SSL Context utilities module containing convenience routines
+for setting SSL context configuration.
+
+"""
+__author__ = "P J Kershaw (STFC)"
+__date__ = "09/12/11"
+__copyright__ = "(C) 2012 Science and Technology Facilities Council"
+__license__ = "BSD - see LICENSE file in top-level directory"
+__contact__ = "Philip.Kershaw@stfc.ac.uk"
+__revision__ = '$Id$'
 import urlparse
 
 from OpenSSL import SSL
 
 from ndg.httpsclient.ssl_peer_verification import ServerSSLCertVerification
 
+
 class SSlContextConfig(object):
     """
     Holds configuration options for creating a SSL context. This is used as a
@@ -17,11 +28,13 @@ def __init__(self, key_file=None, cert_file=None, pem_file=None, ca_dir=None,
         self.ca_dir = ca_dir
         self.verify_peer = verify_peer
 
+
 def make_ssl_context_from_config(ssl_config=False, url=None):
     return make_ssl_context(ssl_config.key_file, ssl_config.cert_file,
                             ssl_config.pem_file, ssl_config.ca_dir,
                             ssl_config.verify_peer, url)
 
+
 def make_ssl_context(key_file=None, cert_file=None, pem_file=None, ca_dir=None,
                      verify_peer=False, url=None):
     """
@@ -45,6 +58,7 @@ def _callback(conn, x509, errnum, errdepth, preverify_ok):
         Performs no checks and returns the status passed in.
         """
         return preverify_ok
+
     verify_callback = _callback
 
     if verify_peer:
@@ -57,7 +71,11 @@ def _callback(conn, x509, errnum, errdepth, preverify_ok):
         ssl_context.set_verify(SSL.VERIFY_NONE, verify_callback)
     return ssl_context
 
-def set_peer_verification_for_url_hostname(ssl_context, url, if_verify_enabled=False):
+
+def set_peer_verification_for_url_hostname(ssl_context, url, 
+                                           if_verify_enabled=False):
+    '''Convenience routine to set peer verification callback based on
+    ServerSSLCertVerification class'''
     if not if_verify_enabled or (ssl_context.get_verify_mode() & SSL.VERIFY_PEER):
         urlObj = urlparse.urlparse(url)
         hostname = urlObj.hostname

ndg/httpsclient/ssl_peer_verification.py

@@ -1,16 +1,15 @@
+"""ndg_httpsclient - module containing SSL peer verification class.
 """
-"""
-__author__ = "P J Kershaw"
-__date__ = "02/06/05"
-__copyright__ = "(C) 2010 Science and Technology Facilities Council"
-__license__ = """BSD - See LICENSE file in top-level directory"""
+__author__ = "P J Kershaw (STFC)"
+__date__ = "09/12/11"
+__copyright__ = "(C) 2012 Science and Technology Facilities Council"
+__license__ = "BSD - see LICENSE file in top-level directory"
 __contact__ = "Philip.Kershaw@stfc.ac.uk"
-__revision__ = '$Id: client.py 7928 2011-08-12 13:16:26Z pjkersha $'
-
+__revision__ = '$Id$'
+import re
 import logging
 log = logging.getLogger(__name__)
 
-import re
 
 class ServerSSLCertVerification(object):
     """Check server identity.  If hostname doesn't match, allow match of

ndg/httpsclient/ssl_socket.py

@@ -7,7 +7,7 @@
 __copyright__ = "(C) 2012 Science and Technology Facilities Council"
 __license__ = "BSD - see LICENSE file in top-level directory"
 __contact__ = "Philip.Kershaw@stfc.ac.uk"
-__revision__ = '$Id: pyopenssl.py 7929 2011-08-16 16:39:13Z pjkersha $'
+__revision__ = '$Id$'
 
 from datetime import datetime
 import logging

ndg/httpsclient/test/README

@@ -0,0 +1,12 @@
+NDG HTTPS Client Unit tests directory
+=====================================
+The unit tests expect to connect to a simple HTTPS server listening on port 
+4443.  An OpenSSL script is provided for this purpose in scripts/.  To run,
+
+$ ./scripts/openssl_https_server.sh
+
+Troubleshooting
+---------------
+Run it from *this* directory.  Also ensure it is has execute bits set. e.g.
+
+$ chmod 755 ./scripts/openssl_https_server.sh

ndg/httpsclient/test/__init__.py

@@ -1,4 +1,4 @@
-"""unit tests package for ndg_httpsclient
+"""Unit tests package for ndg_httpsclient
 
 PyOpenSSL utility to make a httplib-like interface suitable for use with 
 urllib2
@@ -21,7 +21,7 @@ class Constants(object):
     TEST_URI = 'https://%s:%d' % (HOSTNAME, PORT)
     TEST_URI2 = 'https://%s:%d' % (HOSTNAME, PORT2)
 
-    UNITTEST_DIR = os.path.dirname(os.path.abspath(__path__))
+    UNITTEST_DIR = os.path.dirname(os.path.abspath(__file__))
     SSL_CERT_FILENAME = 'localhost.crt'
     SSL_CERT_FILEPATH = os.path.join(UNITTEST_DIR, 'pki', SSL_CERT_FILENAME)
     SSL_PRIKEY_FILENAME = 'localhost.key'

ndg/httpsclient/test/test_https.py

@@ -1,8 +1,14 @@
-'''
-Created on Jan 6, 2012
-
-@author: philipkershaw
-'''
+"""unit tests module for ndg.httpsclient.https.HTTPSconnection class
+
+PyOpenSSL utility to make a httplib-like interface suitable for use with 
+urllib2
+"""
+__author__ = "P J Kershaw (STFC)"
+__date__ = "06/01/12"
+__copyright__ = "(C) 2012 Science and Technology Facilities Council"
+__license__ = "BSD - see LICENSE file in top-level directory"
+__contact__ = "Philip.Kershaw@stfc.ac.uk"
+__revision__ = '$Id$'
 import logging
 logging.basicConfig(level=logging.DEBUG)
 import unittest

ndg/httpsclient/test/test_urllib2.py

@@ -1,8 +1,14 @@
-'''
-Created on Jan 5, 2012
+"""unit tests module for ndg.httpsclient.urllib2_build_opener module
 
-@author: philipkershaw
-'''
+PyOpenSSL utility to make a httplib-like interface suitable for use with 
+urllib2
+"""
+__author__ = "P J Kershaw (STFC)"
+__date__ = "06/01/12"
+__copyright__ = "(C) 2012 Science and Technology Facilities Council"
+__license__ = "BSD - see LICENSE file in top-level directory"
+__contact__ = "Philip.Kershaw@stfc.ac.uk"
+__revision__ = '$Id$'
 from urllib2 import URLError
 import unittest
 

ndg/httpsclient/test/test_utils.py

@@ -1,17 +1,51 @@
-'''
-Created on Jan 6, 2012
+"""unit tests module for ndg.httpsclient.utils module
 
-@author: philipkershaw
-'''
+PyOpenSSL utility to make a httplib-like interface suitable for use with 
+urllib2
+"""
+__author__ = "P J Kershaw (STFC)"
+__date__ = "06/01/12"
+__copyright__ = "(C) 2012 Science and Technology Facilities Council"
+__license__ = "BSD - see LICENSE file in top-level directory"
+__contact__ = "Philip.Kershaw@stfc.ac.uk"
+__revision__ = '$Id$'
 import unittest
+import os
 
+from OpenSSL import SSL
 
-class TestGetModule(unittest.TestCase):
+from ndg.httpsclient.test import Constants
+from ndg.httpsclient.utils import (Configuration, fetch_from_url, open_url,
+                                   _should_use_proxy)
 
 
-    def test01(self):
-        pass
+class TestUtilsModule(unittest.TestCase):
+    '''Test ndg.httpsclient.utils module'''
 
+    def test01_configuration(self):
+        config = Configuration(SSL.Context(SSL.SSLv3_METHOD), True)
+        self.assert_(config.ssl_context)
+        self.assertEquals(config.debug, True)
 
+    def test02_fetch_from_url(self):
+        config = Configuration(SSL.Context(SSL.SSLv3_METHOD), True)
+        res = fetch_from_url(Constants.TEST_URI, config)
+        self.assert_(res)
+
+    def test03_open_url(self):
+        config = Configuration(SSL.Context(SSL.SSLv3_METHOD), True)
+        res = open_url(Constants.TEST_URI, config)
+        self.assertEqual(res[0], 200, 
+                         'open_url for %r failed' % Constants.TEST_URI)
+
+    def test04__should_use_proxy(self):
+        self.assertTrue(_should_use_proxy(Constants.TEST_URI), 
+                        'Expecting use proxy = True')
+
+        os.environ['no_proxy'] = 'localhost,localhost.localdomain'
+        self.assertFalse(_should_use_proxy(Constants.TEST_URI), 
+                         'Expecting use proxy = False')
+        del os.environ['no_proxy']
+
 if __name__ == "__main__":
     unittest.main()