Changeset 6354 for TI12-security/trunk/NDGSecurity
- Timestamp:
- 20/01/10 10:53:02 (11 years ago)
- Location:
- TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server
- Files:
-
- 1 deleted
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/__init__.py
r6276 r6354 202 202 ''' 203 203 super(OpenIDProviderMiddleware, self).__init__(app, {}) 204 # self._app = app205 # self._environ = {}206 # self._start_response = None207 # self._pathInfo = None208 # self._path = None209 # self.mountPath = '/'210 204 211 205 self.__charset = None … … 1461 1455 hdr += [('Content-type', 'text/html' + self.charset), 1462 1456 ('Content-length', str(len(response)))] 1457 1458 log.debug("Sending response to Relying Party:\n\nheader=%r\nbody=%r", 1459 hdr, response) 1463 1460 1464 1461 self.start_response('%d %s' % (webresponse.code, -
TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/axinterface/csv.py
r6276 r6354 16 16 import re 17 17 18 from ndg.security.server.wsgi.openid.provider.axinterface import AXInterface, \ 19 AXInterfaceConfigError, MissingRequiredAttrs 20 from ndg.security.server.wsgi.openid.provider import AbstractAuthNInterface, \ 21 OpenIDProviderMiddleware 18 from ndg.security.server.wsgi.openid.provider.axinterface import (AXInterface, 19 AXInterfaceConfigError, MissingRequiredAttrs) 20 from ndg.security.server.wsgi.openid.provider import (AbstractAuthNInterface, 21 OpenIDProviderMiddleware) 22 22 23 23 24 class CSVFileAXInterface(AXInterface): -
TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/renderinginterface/buffet/templates/ndg/security/decidePage.kid
r5080 r6354 34 34 <tr> 35 35 <td align="right"> 36 <input type="submit" name=" Yes" value="Yes" />37 <input type="submit" name=" No" value="No" />36 <input type="submit" name="ApproveRelyingParty" value="Yes" /> 37 <input type="submit" name="RejectRelyingParty" value="No" /> 38 38 </td> 39 39 </tr> -
TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/relyingparty/__init__.py
r6276 r6354 249 249 idPValidationDriver = SSLIdPValidationDriver( 250 250 idpConfigFilePath=idpWhitelistConfigFilePath) 251 252 # def verifySSLPeerCertCallback(preVerifyOK, x509StoreCtx): 253 # '''SSL verify callback function used to control the behaviour when 254 # the SSL_VERIFY_PEER flag is set 255 # 256 # http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html 257 # 258 # @type preVerifyOK: int 259 # @param preVerifyOK: If a verification error is found, this 260 # parameter will be set to 0 261 # @type x509StoreCtx: M2Crypto.X509_Store_Context 262 # @param x509StoreCtx: locate the certificate to be verified and 263 # perform additional verification steps as needed 264 # @rtype: int 265 # @return: controls the strategy of the further verification process. 266 # - If verify_callback returns 0, the verification process is 267 # immediately stopped with "verification failed" state. If 268 # SSL_VERIFY_PEER is set, a verification failure alert is sent to the 269 # peer and the TLS/SSL handshake is terminated. 270 # - If verify_callback returns 1, the verification process is 271 # continued. 272 # If verify_callback always returns 1, the TLS/SSL handshake will not 273 # be terminated with respect to verification failures and the 274 # connection 275 # will be established. The calling process can however retrieve the 276 # error code of the last verification error using 277 # SSL_get_verify_result or by maintaining its own error storage 278 # managed by verify_callback. 279 # ''' 280 # if preVerifyOK == 0: 281 # # Something is wrong with the certificate don't bother 282 # # proceeding any further 283 # log.error("verifyCallback: pre-verify OK flagged an error " 284 # "with the peer certificate, returning error state " 285 # "to caller ...") 286 # return preVerifyOK 287 # 288 # x509Cert = x509StoreCtx.get_current_cert() 289 # x509Cert.get_subject() 290 # x509CertChain = x509StoreCtx.get1_chain() 291 # for cert in x509CertChain: 292 # subject = cert.get_subject() 293 # dn = subject.as_text() 294 # log.debug("verifyCallback: dn = %r", dn) 295 # 296 # # If all is OK preVerifyOK will be 1. Return this to the caller to 297 # # that it's OK to proceed 298 # return preVerifyOK 299 # 300 # 301 # # Create a context specifying verification of the peer but with an 302 # # additional callback function 303 # ctx = SSL.Context() 304 # ctx.set_verify(SSL.verify_peer|SSL.verify_fail_if_no_peer_cert, 305 # 9, 306 # callback=verifySSLPeerCertCallback) 307 # 308 # # Point to a directory containing CA certificates. These must be named 309 # # in their hashed form as expected by the OpenSSL API. Use c_rehash 310 # # utility to generate names or in the CA directory: 311 # # 312 # # $ for i in *.crt *.pem; do ln -s $i $(openssl x509 -hash -noout -in $i).0; done 313 # ctx.load_verify_locations(capath=self.caCertDirPath) 314 # 315 # # Load this client's certificate and private key to enable the peer 316 # # OpenID Provider to authenticate it 317 # ctx.load_cert(self.certFilePath, 318 # keyfile=self.priKeyFilePath, 319 # callback=lambda *arg, **kw: self.priKeyPwd) 320 251 321 252 # Force Python OpenID library to use Urllib2 fetcher instead of the 322 253 # Curl based one otherwise the M2Crypto SSL handler will be ignored. 323 254 setDefaultFetcher(Urllib2Fetcher()) 324 255 325 # log.debug("Adding the M2Crypto SSL handler to urllib2's list of "326 # "handlers...")327 # urllib2.install_opener(build_opener(ssl_context=ctx))328 256 log.debug("Setting the M2Crypto SSL handler ...") 329 257
Note: See TracChangeset
for help on using the changeset viewer.