2013-03-02 21:37:28 +00:00
|
|
|
import string, urlparse, binascii
|
2013-03-03 08:36:19 +00:00
|
|
|
import odict, utils
|
2012-06-18 21:42:32 +00:00
|
|
|
|
2012-06-23 01:56:17 +00:00
|
|
|
class HttpError(Exception):
|
2012-06-18 21:42:32 +00:00
|
|
|
def __init__(self, code, msg):
|
|
|
|
|
self.code, self.msg = code, msg
|
|
|
|
|
|
|
|
|
|
def __str__(self):
|
2012-06-23 01:56:17 +00:00
|
|
|
return "HttpError(%s, %s)"%(self.code, self.msg)
|
2012-06-18 21:42:32 +00:00
|
|
|
|
|
|
|
|
|
2013-02-24 02:36:15 +00:00
|
|
|
class HttpErrorConnClosed(HttpError): pass
|
|
|
|
|
|
|
|
|
|
|
2013-03-03 08:36:19 +00:00
|
|
|
def _is_valid_port(port):
|
|
|
|
|
if not 0 <= port <= 65535:
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _is_valid_host(host):
|
|
|
|
|
try:
|
|
|
|
|
host.decode("idna")
|
|
|
|
|
except ValueError:
|
|
|
|
|
return False
|
|
|
|
|
if "\0" in host:
|
|
|
|
|
return None
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
2012-06-18 21:42:32 +00:00
|
|
|
def parse_url(url):
|
|
|
|
|
"""
|
|
|
|
|
Returns a (scheme, host, port, path) tuple, or None on error.
|
2013-03-03 01:52:06 +00:00
|
|
|
|
|
|
|
|
Checks that:
|
2013-03-03 02:08:17 +00:00
|
|
|
port is an integer 0-65535
|
2013-03-03 02:03:57 +00:00
|
|
|
host is a valid IDNA-encoded hostname with no null-bytes
|
2013-03-03 01:52:06 +00:00
|
|
|
path is valid ASCII
|
2012-06-18 21:42:32 +00:00
|
|
|
"""
|
2013-03-03 02:12:58 +00:00
|
|
|
try:
|
|
|
|
|
scheme, netloc, path, params, query, fragment = urlparse.urlparse(url)
|
|
|
|
|
except ValueError:
|
|
|
|
|
return None
|
2012-06-18 21:42:32 +00:00
|
|
|
if not scheme:
|
|
|
|
|
return None
|
|
|
|
|
if ':' in netloc:
|
|
|
|
|
host, port = string.rsplit(netloc, ':', maxsplit=1)
|
|
|
|
|
try:
|
|
|
|
|
port = int(port)
|
|
|
|
|
except ValueError:
|
|
|
|
|
return None
|
|
|
|
|
else:
|
|
|
|
|
host = netloc
|
|
|
|
|
if scheme == "https":
|
|
|
|
|
port = 443
|
|
|
|
|
else:
|
|
|
|
|
port = 80
|
|
|
|
|
path = urlparse.urlunparse(('', '', path, params, query, fragment))
|
|
|
|
|
if not path.startswith("/"):
|
|
|
|
|
path = "/" + path
|
2013-03-03 08:36:19 +00:00
|
|
|
if not _is_valid_host(host):
|
2013-03-03 01:52:06 +00:00
|
|
|
return None
|
2013-03-03 08:36:19 +00:00
|
|
|
if not utils.isascii(path):
|
2013-03-03 02:03:57 +00:00
|
|
|
return None
|
2013-03-03 08:36:19 +00:00
|
|
|
if not _is_valid_port(port):
|
2013-03-03 02:08:17 +00:00
|
|
|
return None
|
2012-06-18 21:42:32 +00:00
|
|
|
return scheme, host, port, path
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def read_headers(fp):
|
|
|
|
|
"""
|
2012-07-30 00:50:35 +00:00
|
|
|
Read a set of headers from a file pointer. Stop once a blank line is
|
|
|
|
|
reached. Return a ODictCaseless object, or None if headers are invalid.
|
2012-06-18 21:42:32 +00:00
|
|
|
"""
|
|
|
|
|
ret = []
|
|
|
|
|
name = ''
|
|
|
|
|
while 1:
|
|
|
|
|
line = fp.readline()
|
|
|
|
|
if not line or line == '\r\n' or line == '\n':
|
|
|
|
|
break
|
|
|
|
|
if line[0] in ' \t':
|
2012-07-30 00:50:35 +00:00
|
|
|
if not ret:
|
|
|
|
|
return None
|
2012-06-18 21:42:32 +00:00
|
|
|
# continued header
|
|
|
|
|
ret[-1][1] = ret[-1][1] + '\r\n ' + line.strip()
|
|
|
|
|
else:
|
|
|
|
|
i = line.find(':')
|
|
|
|
|
# We're being liberal in what we accept, here.
|
|
|
|
|
if i > 0:
|
|
|
|
|
name = line[:i]
|
|
|
|
|
value = line[i+1:].strip()
|
|
|
|
|
ret.append([name, value])
|
2012-07-30 00:50:35 +00:00
|
|
|
else:
|
|
|
|
|
return None
|
2012-06-24 09:49:23 +00:00
|
|
|
return odict.ODictCaseless(ret)
|
2012-06-18 21:42:32 +00:00
|
|
|
|
|
|
|
|
|
2013-12-15 05:43:54 +00:00
|
|
|
def read_chunked(fp, headers, limit, is_request):
|
2012-06-23 03:07:42 +00:00
|
|
|
"""
|
|
|
|
|
Read a chunked HTTP body.
|
|
|
|
|
|
|
|
|
|
May raise HttpError.
|
|
|
|
|
"""
|
2013-12-15 05:43:54 +00:00
|
|
|
# FIXME: Should check if chunked is the final encoding in the headers
|
|
|
|
|
# http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-16#section-3.3 3.3 2.
|
2012-06-18 21:42:32 +00:00
|
|
|
content = ""
|
|
|
|
|
total = 0
|
2013-12-15 05:43:54 +00:00
|
|
|
code = 400 if is_request else 502
|
2012-06-18 21:42:32 +00:00
|
|
|
while 1:
|
|
|
|
|
line = fp.readline(128)
|
|
|
|
|
if line == "":
|
2013-02-24 02:36:15 +00:00
|
|
|
raise HttpErrorConnClosed(code, "Connection closed prematurely")
|
2012-06-23 03:07:42 +00:00
|
|
|
if line != '\r\n' and line != '\n':
|
|
|
|
|
try:
|
|
|
|
|
length = int(line, 16)
|
|
|
|
|
except ValueError:
|
|
|
|
|
# FIXME: Not strictly correct - this could be from the server, in which
|
|
|
|
|
# case we should send a 502.
|
|
|
|
|
raise HttpError(code, "Invalid chunked encoding length: %s"%line)
|
|
|
|
|
if not length:
|
|
|
|
|
break
|
|
|
|
|
total += length
|
|
|
|
|
if limit is not None and total > limit:
|
|
|
|
|
msg = "HTTP Body too large."\
|
|
|
|
|
" Limit is %s, chunked content length was at least %s"%(limit, total)
|
|
|
|
|
raise HttpError(code, msg)
|
|
|
|
|
content += fp.read(length)
|
|
|
|
|
line = fp.readline(5)
|
|
|
|
|
if line != '\r\n':
|
|
|
|
|
raise HttpError(code, "Malformed chunked body")
|
2012-06-18 21:42:32 +00:00
|
|
|
while 1:
|
|
|
|
|
line = fp.readline()
|
|
|
|
|
if line == "":
|
2013-02-24 02:36:15 +00:00
|
|
|
raise HttpErrorConnClosed(code, "Connection closed prematurely")
|
2012-06-18 21:42:32 +00:00
|
|
|
if line == '\r\n' or line == '\n':
|
|
|
|
|
break
|
|
|
|
|
return content
|
|
|
|
|
|
|
|
|
|
|
2012-07-23 23:39:49 +00:00
|
|
|
def get_header_tokens(headers, key):
|
|
|
|
|
"""
|
|
|
|
|
Retrieve all tokens for a header key. A number of different headers
|
|
|
|
|
follow a pattern where each header line can containe comma-separated
|
|
|
|
|
tokens, and headers can be set multiple times.
|
|
|
|
|
"""
|
|
|
|
|
toks = []
|
|
|
|
|
for i in headers[key]:
|
2012-06-18 21:42:32 +00:00
|
|
|
for j in i.split(","):
|
2012-07-23 23:39:49 +00:00
|
|
|
toks.append(j.strip())
|
|
|
|
|
return toks
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def has_chunked_encoding(headers):
|
|
|
|
|
return "chunked" in [i.lower() for i in get_header_tokens(headers, "transfer-encoding")]
|
2012-06-18 21:42:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def parse_http_protocol(s):
|
2012-06-23 03:07:42 +00:00
|
|
|
"""
|
|
|
|
|
Parse an HTTP protocol declaration. Returns a (major, minor) tuple, or
|
|
|
|
|
None.
|
|
|
|
|
"""
|
2012-06-18 21:42:32 +00:00
|
|
|
if not s.startswith("HTTP/"):
|
|
|
|
|
return None
|
2012-07-22 00:35:16 +00:00
|
|
|
_, version = s.split('/', 1)
|
2012-06-24 10:45:40 +00:00
|
|
|
if "." not in version:
|
|
|
|
|
return None
|
2012-07-22 00:35:16 +00:00
|
|
|
major, minor = version.split('.', 1)
|
2012-07-21 05:27:23 +00:00
|
|
|
try:
|
|
|
|
|
major = int(major)
|
|
|
|
|
minor = int(minor)
|
|
|
|
|
except ValueError:
|
|
|
|
|
return None
|
2012-06-18 21:42:32 +00:00
|
|
|
return major, minor
|
|
|
|
|
|
|
|
|
|
|
2013-03-02 21:37:28 +00:00
|
|
|
def parse_http_basic_auth(s):
|
|
|
|
|
words = s.split()
|
|
|
|
|
if len(words) != 2:
|
|
|
|
|
return None
|
|
|
|
|
scheme = words[0]
|
|
|
|
|
try:
|
|
|
|
|
user = binascii.a2b_base64(words[1])
|
|
|
|
|
except binascii.Error:
|
|
|
|
|
return None
|
|
|
|
|
parts = user.split(':')
|
|
|
|
|
if len(parts) != 2:
|
|
|
|
|
return None
|
|
|
|
|
return scheme, parts[0], parts[1]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def assemble_http_basic_auth(scheme, username, password):
|
|
|
|
|
v = binascii.b2a_base64(username + ":" + password)
|
|
|
|
|
return scheme + " " + v
|
|
|
|
|
|
|
|
|
|
|
2013-01-04 01:23:52 +00:00
|
|
|
def parse_init(line):
|
2012-06-18 21:42:32 +00:00
|
|
|
try:
|
|
|
|
|
method, url, protocol = string.split(line)
|
|
|
|
|
except ValueError:
|
|
|
|
|
return None
|
2013-01-04 01:23:52 +00:00
|
|
|
httpversion = parse_http_protocol(protocol)
|
|
|
|
|
if not httpversion:
|
2013-03-03 09:13:23 +00:00
|
|
|
return None
|
|
|
|
|
if not utils.isascii(method):
|
2013-01-04 01:23:52 +00:00
|
|
|
return None
|
|
|
|
|
return method, url, httpversion
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def parse_init_connect(line):
|
2013-12-13 05:24:08 +00:00
|
|
|
"""
|
|
|
|
|
Returns (host, port, httpversion) if line is a valid CONNECT line.
|
|
|
|
|
http://tools.ietf.org/html/draft-luotonen-web-proxy-tunneling-01 section 3.1
|
|
|
|
|
"""
|
2013-01-04 01:23:52 +00:00
|
|
|
v = parse_init(line)
|
|
|
|
|
if not v:
|
|
|
|
|
return None
|
|
|
|
|
method, url, httpversion = v
|
|
|
|
|
|
|
|
|
|
if method.upper() != 'CONNECT':
|
2012-06-18 21:42:32 +00:00
|
|
|
return None
|
|
|
|
|
try:
|
|
|
|
|
host, port = url.split(":")
|
|
|
|
|
except ValueError:
|
|
|
|
|
return None
|
2013-01-05 07:06:55 +00:00
|
|
|
try:
|
|
|
|
|
port = int(port)
|
|
|
|
|
except ValueError:
|
|
|
|
|
return None
|
2013-03-03 08:36:19 +00:00
|
|
|
if not _is_valid_port(port):
|
|
|
|
|
return None
|
|
|
|
|
if not _is_valid_host(host):
|
|
|
|
|
return None
|
2012-06-18 21:42:32 +00:00
|
|
|
return host, port, httpversion
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def parse_init_proxy(line):
|
2013-01-04 01:23:52 +00:00
|
|
|
v = parse_init(line)
|
|
|
|
|
if not v:
|
2012-06-18 21:42:32 +00:00
|
|
|
return None
|
2013-01-04 01:23:52 +00:00
|
|
|
method, url, httpversion = v
|
|
|
|
|
|
2012-06-18 21:42:32 +00:00
|
|
|
parts = parse_url(url)
|
|
|
|
|
if not parts:
|
|
|
|
|
return None
|
|
|
|
|
scheme, host, port, path = parts
|
|
|
|
|
return method, scheme, host, port, path, httpversion
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def parse_init_http(line):
|
|
|
|
|
"""
|
|
|
|
|
Returns (method, url, httpversion)
|
|
|
|
|
"""
|
2013-01-04 01:23:52 +00:00
|
|
|
v = parse_init(line)
|
|
|
|
|
if not v:
|
2012-06-18 21:42:32 +00:00
|
|
|
return None
|
2013-01-04 01:23:52 +00:00
|
|
|
method, url, httpversion = v
|
2013-03-03 08:36:19 +00:00
|
|
|
if not utils.isascii(url):
|
|
|
|
|
return None
|
2012-06-18 21:42:32 +00:00
|
|
|
if not (url.startswith("/") or url == "*"):
|
|
|
|
|
return None
|
|
|
|
|
return method, url, httpversion
|
|
|
|
|
|
|
|
|
|
|
2013-11-19 03:11:24 +00:00
|
|
|
def connection_close(httpversion, headers):
|
2012-06-18 21:42:32 +00:00
|
|
|
"""
|
2013-11-19 03:11:24 +00:00
|
|
|
Checks the message to see if the client connection should be closed according to RFC 2616 Section 8.1
|
2012-06-18 21:42:32 +00:00
|
|
|
"""
|
2013-11-19 03:11:24 +00:00
|
|
|
# At first, check if we have an explicit Connection header.
|
2012-06-18 21:42:32 +00:00
|
|
|
if "connection" in headers:
|
2012-07-23 23:39:49 +00:00
|
|
|
toks = get_header_tokens(headers, "connection")
|
|
|
|
|
if "close" in toks:
|
|
|
|
|
return True
|
|
|
|
|
elif "keep-alive" in toks:
|
|
|
|
|
return False
|
2013-11-19 03:11:24 +00:00
|
|
|
# If we don't have a Connection header, HTTP 1.1 connections are assumed to be persistent
|
2012-06-18 21:42:32 +00:00
|
|
|
if httpversion == (1, 1):
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
2013-03-02 03:57:38 +00:00
|
|
|
def parse_response_line(line):
|
|
|
|
|
parts = line.strip().split(" ", 2)
|
|
|
|
|
if len(parts) == 2: # handle missing message gracefully
|
|
|
|
|
parts.append("")
|
|
|
|
|
if len(parts) != 3:
|
|
|
|
|
return None
|
|
|
|
|
proto, code, msg = parts
|
|
|
|
|
try:
|
|
|
|
|
code = int(code)
|
|
|
|
|
except ValueError:
|
|
|
|
|
return None
|
|
|
|
|
return (proto, code, msg)
|
|
|
|
|
|
|
|
|
|
|
2012-06-24 10:45:40 +00:00
|
|
|
def read_response(rfile, method, body_size_limit):
|
2012-06-27 04:24:22 +00:00
|
|
|
"""
|
|
|
|
|
Return an (httpversion, code, msg, headers, content) tuple.
|
|
|
|
|
"""
|
2012-06-24 10:45:40 +00:00
|
|
|
line = rfile.readline()
|
|
|
|
|
if line == "\r\n" or line == "\n": # Possible leftover from previous message
|
|
|
|
|
line = rfile.readline()
|
|
|
|
|
if not line:
|
2013-02-24 02:36:15 +00:00
|
|
|
raise HttpErrorConnClosed(502, "Server disconnect.")
|
2013-03-02 03:57:38 +00:00
|
|
|
parts = parse_response_line(line)
|
|
|
|
|
if not parts:
|
2012-06-29 22:52:28 +00:00
|
|
|
raise HttpError(502, "Invalid server response: %s"%repr(line))
|
2012-06-24 10:45:40 +00:00
|
|
|
proto, code, msg = parts
|
|
|
|
|
httpversion = parse_http_protocol(proto)
|
|
|
|
|
if httpversion is None:
|
2012-07-23 23:39:49 +00:00
|
|
|
raise HttpError(502, "Invalid HTTP version in line: %s"%repr(proto))
|
2012-06-24 10:45:40 +00:00
|
|
|
headers = read_headers(rfile)
|
2012-07-30 00:50:35 +00:00
|
|
|
if headers is None:
|
|
|
|
|
raise HttpError(502, "Invalid headers.")
|
2013-12-15 05:43:54 +00:00
|
|
|
|
|
|
|
|
# Parse response body according to http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-16#section-3.3
|
2014-01-18 21:55:40 +00:00
|
|
|
if method in ["HEAD", "CONNECT"] or (code in [204, 304]) or 100 <= code <= 199:
|
2012-06-24 10:45:40 +00:00
|
|
|
content = ""
|
|
|
|
|
else:
|
2013-12-15 05:43:54 +00:00
|
|
|
content = read_http_body(rfile, headers, body_size_limit, False)
|
2012-06-24 10:45:40 +00:00
|
|
|
return httpversion, code, msg, headers, content
|
2013-12-15 05:43:54 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def read_http_body(rfile, headers, limit, is_request):
|
|
|
|
|
"""
|
|
|
|
|
Read an HTTP message body:
|
|
|
|
|
|
|
|
|
|
rfile: A file descriptor to read from
|
|
|
|
|
headers: An ODictCaseless object
|
|
|
|
|
limit: Size limit.
|
|
|
|
|
is_request: True if the body to read belongs to a request, False otherwise
|
|
|
|
|
"""
|
|
|
|
|
if has_chunked_encoding(headers):
|
|
|
|
|
content = read_chunked(rfile, headers, limit, is_request)
|
|
|
|
|
elif "content-length" in headers:
|
|
|
|
|
try:
|
|
|
|
|
l = int(headers["content-length"][0])
|
|
|
|
|
if l < 0:
|
|
|
|
|
raise ValueError()
|
|
|
|
|
except ValueError:
|
|
|
|
|
raise HttpError(400 if is_request else 502, "Invalid content-length header: %s"%headers["content-length"])
|
|
|
|
|
if limit is not None and l > limit:
|
|
|
|
|
raise HttpError(400 if is_request else 509, "HTTP Body too large. Limit is %s, content-length was %s"%(limit, l))
|
|
|
|
|
content = rfile.read(l)
|
|
|
|
|
elif is_request:
|
|
|
|
|
content = ""
|
|
|
|
|
else:
|
|
|
|
|
content = rfile.read(limit if limit else -1)
|
|
|
|
|
not_done = rfile.read(1)
|
|
|
|
|
if not_done:
|
|
|
|
|
raise HttpError(400 if is_request else 509, "HTTP Body too large. Limit is %s," % limit)
|
|
|
|
|
return content
|
