diff options
Diffstat (limited to 'net/tools/testserver/testserver.py')
-rwxr-xr-x | net/tools/testserver/testserver.py | 620 |
1 files changed, 333 insertions, 287 deletions
diff --git a/net/tools/testserver/testserver.py b/net/tools/testserver/testserver.py index ba74b691..31fd3c5 100755 --- a/net/tools/testserver/testserver.py +++ b/net/tools/testserver/testserver.py @@ -23,27 +23,30 @@ import httplib import json import logging import minica +import optparse import os import random import re import select import socket import SocketServer +import struct import sys import threading import time import urllib import urlparse +import warnings import zlib import echo_message from mod_pywebsocket.standalone import WebSocketServer import pyftpdlib.ftpserver -import testserver_base import tlslite import tlslite.api -BASE_DIR = os.path.dirname(os.path.abspath(__file__)) +if sys.platform == 'win32': + import msvcrt SERVER_HTTP = 0 SERVER_FTP = 1 @@ -56,14 +59,12 @@ SERVER_WEBSOCKET = 6 # Default request queue size for WebSocketServer. _DEFAULT_REQUEST_QUEUE_SIZE = 128 - # Using debug() seems to cause hangs on XP: see http://crbug.com/64515 . debug_output = sys.stderr def debug(string): debug_output.write(string + "\n") debug_output.flush() - class WebSocketOptions: """Holds options for WebSocketServer.""" @@ -87,7 +88,6 @@ class WebSocketOptions: self.tls_client_ca = None self.use_basic_auth = False - class RecordingSSLSessionCache(object): """RecordingSSLSessionCache acts as a TLS session cache and maintains a log of lookups and inserts in order to test session cache behaviours.""" @@ -142,7 +142,6 @@ class OCSPServer(ClientRestrictingServerMixIn, BaseHTTPServer.HTTPServer): self.shutdown() self.thread.join() - class HTTPSServer(tlslite.api.TLSSocketServerMixIn, ClientRestrictingServerMixIn, StoppableHTTPServer): @@ -1982,6 +1981,23 @@ class SyncPageHandler(BasePageHandler): return True +def MakeDataDir(options): + if options.data_dir: + if not os.path.isdir(options.data_dir): + print 'specified data dir not found: ' + options.data_dir + ' exiting...' + return None + my_data_dir = options.data_dir + else: + # Create the default path to our data dir, relative to the exe dir. + my_data_dir = os.path.dirname(sys.argv[0]) + my_data_dir = os.path.join(my_data_dir, "..", "..", "..", "..", + "test", "data") + + #TODO(ibrar): Must use Find* funtion defined in google\tools + #i.e my_data_dir = FindUpward(my_data_dir, "test", "data") + + return my_data_dir + class OCSPHandler(BasePageHandler): def __init__(self, request, client_address, socket_server): handlers = [self.OCSPResponse] @@ -1997,7 +2013,6 @@ class OCSPHandler(BasePageHandler): self.wfile.write(self.ocsp_response) - class TCPEchoHandler(SocketServer.BaseRequestHandler): """The RequestHandler class for TCP echo server. @@ -2153,288 +2168,319 @@ class BasicAuthProxyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler): self._do_common_method() -class ServerRunner(testserver_base.TestServerRunner): - """TestServerRunner for the net test servers.""" +class FileMultiplexer: + def __init__(self, fd1, fd2) : + self.__fd1 = fd1 + self.__fd2 = fd2 - def __init__(self): - super(ServerRunner, self).__init__() - self.__ocsp_server = None - - def __make_data_dir(self): - if self.options.data_dir: - if not os.path.isdir(self.options.data_dir): - raise testserver_base.OptionError('specified data dir not found: ' + - self.options.data_dir + ' exiting...') - my_data_dir = self.options.data_dir - else: - # Create the default path to our data dir, relative to the exe dir. - my_data_dir = os.path.join(BASE_DIR, "..", "..", "..", "..", - "test", "data") - - #TODO(ibrar): Must use Find* funtion defined in google\tools - #i.e my_data_dir = FindUpward(my_data_dir, "test", "data") - - return my_data_dir - - def create_server(self, server_data): - port = self.options.port - host = self.options.host - - if self.options.server_type == SERVER_HTTP: - if self.options.https: - pem_cert_and_key = None - if self.options.cert_and_key_file: - if not os.path.isfile(self.options.cert_and_key_file): - raise testserver_base.OptionError( - 'specified server cert file not found: ' + - self.options.cert_and_key_file + ' exiting...') - pem_cert_and_key = file(self.options.cert_and_key_file, 'r').read() - else: - # generate a new certificate and run an OCSP server for it. - self.__ocsp_server = OCSPServer((host, 0), OCSPHandler) - print ('OCSP server started on %s:%d...' % - (host, self.__ocsp_server.server_port)) - - ocsp_der = None - ocsp_state = None - - if self.options.ocsp == 'ok': - ocsp_state = minica.OCSP_STATE_GOOD - elif self.options.ocsp == 'revoked': - ocsp_state = minica.OCSP_STATE_REVOKED - elif self.options.ocsp == 'invalid': - ocsp_state = minica.OCSP_STATE_INVALID - elif self.options.ocsp == 'unauthorized': - ocsp_state = minica.OCSP_STATE_UNAUTHORIZED - elif self.options.ocsp == 'unknown': - ocsp_state = minica.OCSP_STATE_UNKNOWN - else: - raise testserver_base.OptionError('unknown OCSP status: ' + - self.options.ocsp_status) - - (pem_cert_and_key, ocsp_der) = minica.GenerateCertKeyAndOCSP( - subject = "127.0.0.1", - ocsp_url = ("http://%s:%d/ocsp" % - (host, self.__ocsp_server.server_port)), - ocsp_state = ocsp_state) - - self.__ocsp_server.ocsp_response = ocsp_der - - for ca_cert in self.options.ssl_client_ca: - if not os.path.isfile(ca_cert): - raise testserver_base.OptionError( - 'specified trusted client CA file not found: ' + ca_cert + - ' exiting...') - server = HTTPSServer((host, port), TestPageHandler, pem_cert_and_key, - self.options.ssl_client_auth, - self.options.ssl_client_ca, - self.options.ssl_bulk_cipher, - self.options.record_resume, - self.options.tls_intolerant) - print 'HTTPS server started on %s:%d...' % (host, server.server_port) + def __del__(self) : + self.close() + + def write(self, text) : + self.__fd1.write(text) + self.__fd2.write(text) + + def flush(self) : + self.__fd1.flush() + self.__fd2.flush() + + def close(self): + if self.__fd1 != sys.stdout and self.__fd1 != sys.stderr: + self.__fd1.close() + if self.__fd2 != sys.stdout and self.__fd2 != sys.stderr: + self.__fd2.close() + + +def main(options, _args): + logfile = open('testserver.log', 'w') + sys.stderr = FileMultiplexer(sys.stderr, logfile) + if options.log_to_console: + sys.stdout = FileMultiplexer(sys.stdout, logfile) + else: + sys.stdout = logfile + + port = options.port + host = options.host + + server_data = {} + server_data['host'] = host + + ocsp_server = None + + if options.server_type == SERVER_HTTP: + if options.https: + pem_cert_and_key = None + if options.cert_and_key_file: + if not os.path.isfile(options.cert_and_key_file): + print ('specified server cert file not found: ' + + options.cert_and_key_file + ' exiting...') + return 1 + pem_cert_and_key = file(options.cert_and_key_file, 'r').read() else: - server = HTTPServer((host, port), TestPageHandler) - print 'HTTP server started on %s:%d...' % (host, server.server_port) - - server.data_dir = self.__make_data_dir() - server.file_root_url = self.options.file_root_url - server_data['port'] = server.server_port - server._device_management_handler = None - server.policy_keys = self.options.policy_keys - server.policy_user = self.options.policy_user - server.gdata_auth_token = self.options.auth_token - elif self.options.server_type == SERVER_WEBSOCKET: - # Launch pywebsocket via WebSocketServer. - logger = logging.getLogger() - logger.addHandler(logging.StreamHandler()) - # TODO(toyoshim): Remove following os.chdir. Currently this operation - # is required to work correctly. It should be fixed from pywebsocket side. - os.chdir(self.__make_data_dir()) - websocket_options = WebSocketOptions(host, port, '.') - if self.options.cert_and_key_file: - websocket_options.use_tls = True - websocket_options.private_key = self.options.cert_and_key_file - websocket_options.certificate = self.options.cert_and_key_file - if self.options.ssl_client_auth: - websocket_options.tls_client_auth = True - if len(self.options.ssl_client_ca) != 1: - raise testserver_base.OptionError( - 'one trusted client CA file should be specified') - if not os.path.isfile(self.options.ssl_client_ca[0]): - raise testserver_base.OptionError( - 'specified trusted client CA file not found: ' + - self.options.ssl_client_ca[0] + ' exiting...') - websocket_options.tls_client_ca = self.options.ssl_client_ca[0] - server = WebSocketServer(websocket_options) - print 'WebSocket server started on %s:%d...' % (host, server.server_port) - server_data['port'] = server.server_port - elif self.options.server_type == SERVER_SYNC: - xmpp_port = self.options.xmpp_port - server = SyncHTTPServer((host, port), xmpp_port, SyncPageHandler) - print 'Sync HTTP server started on port %d...' % server.server_port - print 'Sync XMPP server started on port %d...' % server.xmpp_port - server_data['port'] = server.server_port - server_data['xmpp_port'] = server.xmpp_port - elif self.options.server_type == SERVER_TCP_ECHO: - # Used for generating the key (randomly) that encodes the "echo request" - # message. - random.seed() - server = TCPEchoServer((host, port), TCPEchoHandler) - print 'Echo TCP server started on port %d...' % server.server_port - server_data['port'] = server.server_port - elif self.options.server_type == SERVER_UDP_ECHO: - # Used for generating the key (randomly) that encodes the "echo request" - # message. - random.seed() - server = UDPEchoServer((host, port), UDPEchoHandler) - print 'Echo UDP server started on port %d...' % server.server_port - server_data['port'] = server.server_port - elif self.options.server_type == SERVER_BASIC_AUTH_PROXY: - server = HTTPServer((host, port), BasicAuthProxyRequestHandler) - print 'BasicAuthProxy server started on port %d...' % server.server_port - server_data['port'] = server.server_port - elif self.options.server_type == SERVER_FTP: - my_data_dir = self.__make_data_dir() - - # Instantiate a dummy authorizer for managing 'virtual' users - authorizer = pyftpdlib.ftpserver.DummyAuthorizer() - - # Define a new user having full r/w permissions and a read-only - # anonymous user - authorizer.add_user('chrome', 'chrome', my_data_dir, perm='elradfmw') - - authorizer.add_anonymous(my_data_dir) - - # Instantiate FTP handler class - ftp_handler = pyftpdlib.ftpserver.FTPHandler - ftp_handler.authorizer = authorizer - - # Define a customized banner (string returned when client connects) - ftp_handler.banner = ("pyftpdlib %s based ftpd ready." % - pyftpdlib.ftpserver.__ver__) - - # Instantiate FTP server class and listen to address:port - server = pyftpdlib.ftpserver.FTPServer((host, port), ftp_handler) - server_data['port'] = server.socket.getsockname()[1] - print 'FTP server started on port %d...' % server_data['port'] + # generate a new certificate and run an OCSP server for it. + ocsp_server = OCSPServer((host, 0), OCSPHandler) + print ('OCSP server started on %s:%d...' % + (host, ocsp_server.server_port)) + + ocsp_der = None + ocsp_state = None + + if options.ocsp == 'ok': + ocsp_state = minica.OCSP_STATE_GOOD + elif options.ocsp == 'revoked': + ocsp_state = minica.OCSP_STATE_REVOKED + elif options.ocsp == 'invalid': + ocsp_state = minica.OCSP_STATE_INVALID + elif options.ocsp == 'unauthorized': + ocsp_state = minica.OCSP_STATE_UNAUTHORIZED + elif options.ocsp == 'unknown': + ocsp_state = minica.OCSP_STATE_UNKNOWN + else: + print 'unknown OCSP status: ' + options.ocsp_status + return 1 + + (pem_cert_and_key, ocsp_der) = minica.GenerateCertKeyAndOCSP( + subject = "127.0.0.1", + ocsp_url = ("http://%s:%d/ocsp" % (host, ocsp_server.server_port)), + ocsp_state = ocsp_state) + + ocsp_server.ocsp_response = ocsp_der + + for ca_cert in options.ssl_client_ca: + if not os.path.isfile(ca_cert): + print ('specified trusted client CA file not found: ' + ca_cert + + ' exiting...') + return 1 + server = HTTPSServer((host, port), TestPageHandler, pem_cert_and_key, + options.ssl_client_auth, options.ssl_client_ca, + options.ssl_bulk_cipher, options.record_resume, + options.tls_intolerant) + print 'HTTPS server started on %s:%d...' % (host, server.server_port) else: - raise testserver_base.OptionError('unknown server type' + - self.options.server_type) - - return server - - def run_server(self): - if self.__ocsp_server: - self.__ocsp_server.serve_forever_on_thread() - - testserver_base.TestServerRunner.run_server(self) - - if self.__ocsp_server: - self.__ocsp_server.stop_serving() - - def add_options(self): - testserver_base.TestServerRunner.add_options(self) - self.option_parser.add_option('-f', '--ftp', action='store_const', - const=SERVER_FTP, default=SERVER_HTTP, - dest='server_type', - help='start up an FTP server.') - self.option_parser.add_option('--sync', action='store_const', - const=SERVER_SYNC, default=SERVER_HTTP, - dest='server_type', - help='start up a sync server.') - self.option_parser.add_option('--tcp-echo', action='store_const', - const=SERVER_TCP_ECHO, default=SERVER_HTTP, - dest='server_type', - help='start up a tcp echo server.') - self.option_parser.add_option('--udp-echo', action='store_const', - const=SERVER_UDP_ECHO, default=SERVER_HTTP, - dest='server_type', - help='start up a udp echo server.') - self.option_parser.add_option('--basic-auth-proxy', action='store_const', - const=SERVER_BASIC_AUTH_PROXY, - default=SERVER_HTTP, dest='server_type', - help='start up a proxy server which requires ' - 'basic authentication.') - self.option_parser.add_option('--websocket', action='store_const', - const=SERVER_WEBSOCKET, default=SERVER_HTTP, - dest='server_type', - help='start up a WebSocket server.') - self.option_parser.add_option('--xmpp-port', default='0', type='int', - help='Port used by the XMPP server. If ' - 'unspecified, the XMPP server will listen on ' - 'an ephemeral port.') - self.option_parser.add_option('--data-dir', dest='data_dir', - help='Directory from which to read the ' - 'files.') - self.option_parser.add_option('--https', action='store_true', - dest='https', help='Specify that https ' - 'should be used.') - self.option_parser.add_option('--cert-and-key-file', - dest='cert_and_key_file', help='specify the ' - 'path to the file containing the certificate ' - 'and private key for the server in PEM ' - 'format') - self.option_parser.add_option('--ocsp', dest='ocsp', default='ok', - help='The type of OCSP response generated ' - 'for the automatically generated ' - 'certificate. One of [ok,revoked,invalid]') - self.option_parser.add_option('--tls-intolerant', dest='tls_intolerant', - default='0', type='int', - help='If nonzero, certain TLS connections ' - 'will be aborted in order to test version ' - 'fallback. 1 means all TLS versions will be ' - 'aborted. 2 means TLS 1.1 or higher will be ' - 'aborted. 3 means TLS 1.2 or higher will be ' - 'aborted.') - self.option_parser.add_option('--https-record-resume', - dest='record_resume', const=True, - default=False, action='store_const', - help='Record resumption cache events rather ' - 'than resuming as normal. Allows the use of ' - 'the /ssl-session-cache request') - self.option_parser.add_option('--ssl-client-auth', action='store_true', - help='Require SSL client auth on every ' - 'connection.') - self.option_parser.add_option('--ssl-client-ca', action='append', - default=[], help='Specify that the client ' - 'certificate request should include the CA ' - 'named in the subject of the DER-encoded ' - 'certificate contained in the specified ' - 'file. This option may appear multiple ' - 'times, indicating multiple CA names should ' - 'be sent in the request.') - self.option_parser.add_option('--ssl-bulk-cipher', action='append', - help='Specify the bulk encryption ' - 'algorithm(s) that will be accepted by the ' - 'SSL server. Valid values are "aes256", ' - '"aes128", "3des", "rc4". If omitted, all ' - 'algorithms will be used. This option may ' - 'appear multiple times, indicating ' - 'multiple algorithms should be enabled.'); - self.option_parser.add_option('--file-root-url', default='/files/', - help='Specify a root URL for files served.') - self.option_parser.add_option('--policy-key', action='append', - dest='policy_keys', - help='Specify a path to a PEM-encoded ' - 'private key to use for policy signing. May ' - 'be specified multiple times in order to ' - 'load multipe keys into the server. If the ' - 'server has multiple keys, it will rotate ' - 'through them in at each request a ' - 'round-robin fashion. The server will ' - 'generate a random key if none is specified ' - 'on the command line.') - self.option_parser.add_option('--policy-user', - default='user@example.com', - dest='policy_user', - help='Specify the user name the server ' - 'should report back to the client as the ' - 'user owning the token used for making the ' - 'policy request.') - self.option_parser.add_option('--auth-token', dest='auth_token', - help='Specify the auth token which should be ' - 'used in the authorization header for GData.') - + server = HTTPServer((host, port), TestPageHandler) + print 'HTTP server started on %s:%d...' % (host, server.server_port) + + server.data_dir = MakeDataDir(options) + server.file_root_url = options.file_root_url + server_data['port'] = server.server_port + server._device_management_handler = None + server.policy_keys = options.policy_keys + server.policy_user = options.policy_user + server.gdata_auth_token = options.auth_token + elif options.server_type == SERVER_WEBSOCKET: + # Launch pywebsocket via WebSocketServer. + logger = logging.getLogger() + logger.addHandler(logging.StreamHandler()) + # TODO(toyoshim): Remove following os.chdir. Currently this operation + # is required to work correctly. It should be fixed from pywebsocket side. + os.chdir(MakeDataDir(options)) + websocket_options = WebSocketOptions(host, port, '.') + if options.cert_and_key_file: + websocket_options.use_tls = True + websocket_options.private_key = options.cert_and_key_file + websocket_options.certificate = options.cert_and_key_file + if options.ssl_client_auth: + websocket_options.tls_client_auth = True + if len(options.ssl_client_ca) != 1: + print 'one trusted client CA file should be specified' + return 1 + if not os.path.isfile(options.ssl_client_ca[0]): + print ('specified trusted client CA file not found: ' + + options.ssl_client_ca[0] + ' exiting...') + return 1 + websocket_options.tls_client_ca = options.ssl_client_ca[0] + server = WebSocketServer(websocket_options) + print 'WebSocket server started on %s:%d...' % (host, server.server_port) + server_data['port'] = server.server_port + elif options.server_type == SERVER_SYNC: + xmpp_port = options.xmpp_port + server = SyncHTTPServer((host, port), xmpp_port, SyncPageHandler) + print 'Sync HTTP server started on port %d...' % server.server_port + print 'Sync XMPP server started on port %d...' % server.xmpp_port + server_data['port'] = server.server_port + server_data['xmpp_port'] = server.xmpp_port + elif options.server_type == SERVER_TCP_ECHO: + # Used for generating the key (randomly) that encodes the "echo request" + # message. + random.seed() + server = TCPEchoServer((host, port), TCPEchoHandler) + print 'Echo TCP server started on port %d...' % server.server_port + server_data['port'] = server.server_port + elif options.server_type == SERVER_UDP_ECHO: + # Used for generating the key (randomly) that encodes the "echo request" + # message. + random.seed() + server = UDPEchoServer((host, port), UDPEchoHandler) + print 'Echo UDP server started on port %d...' % server.server_port + server_data['port'] = server.server_port + elif options.server_type == SERVER_BASIC_AUTH_PROXY: + server = HTTPServer((host, port), BasicAuthProxyRequestHandler) + print 'BasicAuthProxy server started on port %d...' % server.server_port + server_data['port'] = server.server_port + # means FTP Server + else: + my_data_dir = MakeDataDir(options) + + # Instantiate a dummy authorizer for managing 'virtual' users + authorizer = pyftpdlib.ftpserver.DummyAuthorizer() + + # Define a new user having full r/w permissions and a read-only + # anonymous user + authorizer.add_user('chrome', 'chrome', my_data_dir, perm='elradfmw') + + authorizer.add_anonymous(my_data_dir) + + # Instantiate FTP handler class + ftp_handler = pyftpdlib.ftpserver.FTPHandler + ftp_handler.authorizer = authorizer + + # Define a customized banner (string returned when client connects) + ftp_handler.banner = ("pyftpdlib %s based ftpd ready." % + pyftpdlib.ftpserver.__ver__) + + # Instantiate FTP server class and listen to address:port + server = pyftpdlib.ftpserver.FTPServer((host, port), ftp_handler) + server_data['port'] = server.socket.getsockname()[1] + print 'FTP server started on port %d...' % server_data['port'] + + # Notify the parent that we've started. (BaseServer subclasses + # bind their sockets on construction.) + if options.startup_pipe is not None: + server_data_json = json.dumps(server_data) + server_data_len = len(server_data_json) + print 'sending server_data: %s (%d bytes)' % ( + server_data_json, server_data_len) + if sys.platform == 'win32': + fd = msvcrt.open_osfhandle(options.startup_pipe, 0) + else: + fd = options.startup_pipe + startup_pipe = os.fdopen(fd, "w") + # First write the data length as an unsigned 4-byte value. This + # is _not_ using network byte ordering since the other end of the + # pipe is on the same machine. + startup_pipe.write(struct.pack('=L', server_data_len)) + startup_pipe.write(server_data_json) + startup_pipe.close() + + if ocsp_server is not None: + ocsp_server.serve_forever_on_thread() + + try: + server.serve_forever() + except KeyboardInterrupt: + print 'shutting down server' + if ocsp_server is not None: + ocsp_server.stop_serving() + server.stop = True + + return 0 if __name__ == '__main__': - sys.exit(ServerRunner().main()) + option_parser = optparse.OptionParser() + option_parser.add_option("-f", '--ftp', action='store_const', + const=SERVER_FTP, default=SERVER_HTTP, + dest='server_type', + help='start up an FTP server.') + option_parser.add_option('', '--sync', action='store_const', + const=SERVER_SYNC, default=SERVER_HTTP, + dest='server_type', + help='start up a sync server.') + option_parser.add_option('', '--tcp-echo', action='store_const', + const=SERVER_TCP_ECHO, default=SERVER_HTTP, + dest='server_type', + help='start up a tcp echo server.') + option_parser.add_option('', '--udp-echo', action='store_const', + const=SERVER_UDP_ECHO, default=SERVER_HTTP, + dest='server_type', + help='start up a udp echo server.') + option_parser.add_option('', '--basic-auth-proxy', action='store_const', + const=SERVER_BASIC_AUTH_PROXY, default=SERVER_HTTP, + dest='server_type', + help='start up a proxy server which requires basic ' + 'authentication.') + option_parser.add_option('', '--websocket', action='store_const', + const=SERVER_WEBSOCKET, default=SERVER_HTTP, + dest='server_type', + help='start up a WebSocket server.') + option_parser.add_option('', '--log-to-console', action='store_const', + const=True, default=False, + dest='log_to_console', + help='Enables or disables sys.stdout logging to ' + 'the console.') + option_parser.add_option('', '--port', default='0', type='int', + help='Port used by the server. If unspecified, the ' + 'server will listen on an ephemeral port.') + option_parser.add_option('', '--xmpp-port', default='0', type='int', + help='Port used by the XMPP server. If unspecified, ' + 'the XMPP server will listen on an ephemeral port.') + option_parser.add_option('', '--data-dir', dest='data_dir', + help='Directory from which to read the files.') + option_parser.add_option('', '--https', action='store_true', dest='https', + help='Specify that https should be used.') + option_parser.add_option('', '--cert-and-key-file', dest='cert_and_key_file', + help='specify the path to the file containing the ' + 'certificate and private key for the server in PEM ' + 'format') + option_parser.add_option('', '--ocsp', dest='ocsp', default='ok', + help='The type of OCSP response generated for the ' + 'automatically generated certificate. One of ' + '[ok,revoked,invalid]') + option_parser.add_option('', '--tls-intolerant', dest='tls_intolerant', + default='0', type='int', + help='If nonzero, certain TLS connections will be' + ' aborted in order to test version fallback. 1' + ' means all TLS versions will be aborted. 2 means' + ' TLS 1.1 or higher will be aborted. 3 means TLS' + ' 1.2 or higher will be aborted.') + option_parser.add_option('', '--https-record-resume', dest='record_resume', + const=True, default=False, action='store_const', + help='Record resumption cache events rather than' + ' resuming as normal. Allows the use of the' + ' /ssl-session-cache request') + option_parser.add_option('', '--ssl-client-auth', action='store_true', + help='Require SSL client auth on every connection.') + option_parser.add_option('', '--ssl-client-ca', action='append', default=[], + help='Specify that the client certificate request ' + 'should include the CA named in the subject of ' + 'the DER-encoded certificate contained in the ' + 'specified file. This option may appear multiple ' + 'times, indicating multiple CA names should be ' + 'sent in the request.') + option_parser.add_option('', '--ssl-bulk-cipher', action='append', + help='Specify the bulk encryption algorithm(s)' + 'that will be accepted by the SSL server. Valid ' + 'values are "aes256", "aes128", "3des", "rc4". If ' + 'omitted, all algorithms will be used. This ' + 'option may appear multiple times, indicating ' + 'multiple algorithms should be enabled.') + option_parser.add_option('', '--file-root-url', default='/files/', + help='Specify a root URL for files served.') + option_parser.add_option('', '--startup-pipe', type='int', + dest='startup_pipe', + help='File handle of pipe to parent process') + option_parser.add_option('', '--policy-key', action='append', + dest='policy_keys', + help='Specify a path to a PEM-encoded private key ' + 'to use for policy signing. May be specified ' + 'multiple times in order to load multipe keys into ' + 'the server. If ther server has multiple keys, it ' + 'will rotate through them in at each request a ' + 'round-robin fashion. The server will generate a ' + 'random key if none is specified on the command ' + 'line.') + option_parser.add_option('', '--policy-user', default='user@example.com', + dest='policy_user', + help='Specify the user name the server should ' + 'report back to the client as the user owning the ' + 'token used for making the policy request.') + option_parser.add_option('', '--host', default='127.0.0.1', + dest='host', + help='Hostname or IP upon which the server will ' + 'listen. Client connections will also only be ' + 'allowed from this address.') + option_parser.add_option('', '--auth-token', dest='auth_token', + help='Specify the auth token which should be used' + 'in the authorization header for GData.') + main_options, main_args = option_parser.parse_args() + + sys.exit(main(main_options, main_args)) |