source: TI12-security/trunk/documentation/epydoc/ndg.security.common.m2CryptoSSLUtility.HostCheck-class.html @ 4245

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/documentation/epydoc/ndg.security.common.m2CryptoSSLUtility.HostCheck-class.html@4245
Revision 4245, 20.8 KB checked in by pjkersha, 11 years ago (diff)

Working unit tests for WSGI based Attribute Authority.

  • Altered so that all Attribute Config is picked up from the Paste ini file. Separate cfg or xml based config file is still supported.

TODO:

  • Simplify unit test config for client.
Line 
1<?xml version="1.0" encoding="ascii"?>
2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
3          "DTD/xhtml1-transitional.dtd">
4<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
5<head>
6  <title>ndg.security.common.m2CryptoSSLUtility.HostCheck</title>
7  <link rel="stylesheet" href="epydoc.css" type="text/css" />
8  <script type="text/javascript" src="epydoc.js"></script>
9</head>
10
11<body bgcolor="white" text="black" link="blue" vlink="#204080"
12      alink="#204080">
13<!-- ==================== NAVIGATION BAR ==================== -->
14<table class="navbar" border="0" width="100%" cellpadding="0"
15       bgcolor="#a0c0ff" cellspacing="0">
16  <tr valign="middle">
17  <!-- Home link -->
18      <th>&nbsp;&nbsp;&nbsp;<a
19        href="ndg-module.html">Home</a>&nbsp;&nbsp;&nbsp;</th>
20
21  <!-- Tree link -->
22      <th>&nbsp;&nbsp;&nbsp;<a
23        href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>
24
25  <!-- Index link -->
26      <th>&nbsp;&nbsp;&nbsp;<a
27        href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>
28
29  <!-- Help link -->
30      <th>&nbsp;&nbsp;&nbsp;<a
31        href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>
32
33  <!-- Project homepage -->
34      <th class="navbar" align="right" width="100%">
35        <table border="0" cellpadding="0" cellspacing="0">
36          <tr><th class="navbar" align="center"
37            >NDG Security</th>
38          </tr></table></th>
39  </tr>
40</table>
41<table width="100%" cellpadding="0" cellspacing="0">
42  <tr valign="top">
43    <td width="100%">
44      <span class="breadcrumbs">
45        <a href="ndg-module.html">Package&nbsp;ndg</a> ::
46        <a href="ndg.security-module.html">Package&nbsp;security</a> ::
47        <a href="ndg.security.common-module.html">Package&nbsp;common</a> ::
48        <a href="ndg.security.common.m2CryptoSSLUtility-module.html">Module&nbsp;m2CryptoSSLUtility</a> ::
49        Class&nbsp;HostCheck
50      </span>
51    </td>
52    <td>
53      <table cellpadding="0" cellspacing="0">
54        <!-- hide/show private -->
55        <tr><td align="right"><span class="options">[<a href="javascript:void(0);" class="privatelink"
56    onclick="toggle_private();">hide&nbsp;private</a>]</span></td></tr>
57      </table>
58    </td>
59  </tr>
60</table>
61<!-- ==================== CLASS DESCRIPTION ==================== -->
62<h1 class="epydoc">Class HostCheck</h1><p class="nomargin-top"><span class="codelink"><a href="ndg.security.common.m2CryptoSSLUtility-pysrc.html#HostCheck">source&nbsp;code</a></span></p>
63<center>
64<center>  <map id="uml_class_diagram_for_ndg_secu_147" name="uml_class_diagram_for_ndg_secu_147">
65<area shape="rect" href="javascript:void(0);" title="M2Crypto.SSL.Checker.Checker.numericIpMatch" alt="" coords="255,28,449,47"/>
66<area shape="rect" href="javascript:void(0);" title="M2Crypto.SSL.Checker.Checker" alt="" coords="253,11,451,56"/>
67<area shape="rect" href="ndg.security.common.m2CryptoSSLUtility.HostCheck&#45;class.html#caCertList" title="ndg.security.common.m2CryptoSSLUtility.HostCheck.caCertList" alt="" coords="17,103,687,121"/>
68<area shape="rect" href="ndg.security.common.m2CryptoSSLUtility.HostCheck&#45;class.html#caCertFilePathList" title="ndg.security.common.m2CryptoSSLUtility.HostCheck.caCertFilePathList" alt="" coords="17,121,687,140"/>
69<area shape="rect" href="ndg.security.common.m2CryptoSSLUtility.HostCheck&#45;class.html#__init__" title="Override parent class __init__ to enable setting of myProxyServerDN setting" alt="" coords="17,143,687,161"/>
70<area shape="rect" href="ndg.security.common.m2CryptoSSLUtility.HostCheck&#45;class.html#__call__" title="Carry out checks on server ID" alt="" coords="17,161,687,180"/>
71<area shape="rect" href="ndg.security.common.m2CryptoSSLUtility.HostCheck&#45;class.html" title="Override SSL.Checker.Checker to enable alternate Common Name setting match for peer cert" alt="" coords="16,85,688,181"/>
72</map>
73  <img src="uml_class_diagram_for_ndg_secu_147.gif" alt='' usemap="#uml_class_diagram_for_ndg_secu_147" ismap="ismap" class="graph-without-title" />
74</center>
75</center>
76<hr />
77<p>Override SSL.Checker.Checker to enable alternate Common Name setting
78  match for peer cert</p>
79
80<!-- ==================== INSTANCE METHODS ==================== -->
81<a name="section-InstanceMethods"></a>
82<table class="summary" border="1" cellpadding="3"
83       cellspacing="0" width="100%" bgcolor="white">
84<tr bgcolor="#70b0f0" class="table-header">
85  <td colspan="2" class="table-header">
86    <table border="0" cellpadding="0" cellspacing="0" width="100%">
87      <tr valign="top">
88        <td align="left"><span class="table-header">Instance Methods</span></td>
89        <td align="right" valign="top"
90         ><span class="options">[<a href="#section-InstanceMethods"
91         class="privatelink" onclick="toggle_private();"
92         >hide private</a>]</span></td>
93      </tr>
94    </table>
95  </td>
96</tr>
97<tr>
98    <td width="15%" align="right" valign="top" class="summary">
99      <span class="summary-type">&nbsp;</span>
100    </td><td class="summary">
101      <table width="100%" cellpadding="0" cellspacing="0" border="0">
102        <tr>
103          <td><span class="summary-sig"><a href="ndg.security.common.m2CryptoSSLUtility.HostCheck-class.html#__init__" class="summary-sig-name">__init__</a>(<span class="summary-sig-arg">self</span>,
104        <span class="summary-sig-arg">peerCertDN</span>=<span class="summary-sig-default">None</span>,
105        <span class="summary-sig-arg">peerCertCN</span>=<span class="summary-sig-default">None</span>,
106        <span class="summary-sig-arg">acceptedDNs</span>=<span class="summary-sig-default">[]</span>,
107        <span class="summary-sig-arg">caCertList</span>=<span class="summary-sig-default">[]</span>,
108        <span class="summary-sig-arg">caCertFilePathList</span>=<span class="summary-sig-default">[]</span>,
109        <span class="summary-sig-arg">**kw</span>)</span><br />
110      Override parent class __init__ to enable setting of myProxyServerDN
111      setting</td>
112          <td align="right" valign="top">
113            <span class="codelink"><a href="ndg.security.common.m2CryptoSSLUtility-pysrc.html#HostCheck.__init__">source&nbsp;code</a></span>
114           
115          </td>
116        </tr>
117      </table>
118     
119    </td>
120  </tr>
121<tr>
122    <td width="15%" align="right" valign="top" class="summary">
123      <span class="summary-type">&nbsp;</span>
124    </td><td class="summary">
125      <table width="100%" cellpadding="0" cellspacing="0" border="0">
126        <tr>
127          <td><span class="summary-sig"><a href="ndg.security.common.m2CryptoSSLUtility.HostCheck-class.html#__call__" class="summary-sig-name">__call__</a>(<span class="summary-sig-arg">self</span>,
128        <span class="summary-sig-arg">peerCert</span>,
129        <span class="summary-sig-arg">host</span>=<span class="summary-sig-default">None</span>)</span><br />
130      Carry out checks on server ID</td>
131          <td align="right" valign="top">
132            <span class="codelink"><a href="ndg.security.common.m2CryptoSSLUtility-pysrc.html#HostCheck.__call__">source&nbsp;code</a></span>
133           
134          </td>
135        </tr>
136      </table>
137     
138    </td>
139  </tr>
140<tr class="private">
141    <td width="15%" align="right" valign="top" class="summary">
142      <span class="summary-type">&nbsp;</span>
143    </td><td class="summary">
144      <table width="100%" cellpadding="0" cellspacing="0" border="0">
145        <tr>
146          <td><span class="summary-sig"><a name="__setCACertList"></a><span class="summary-sig-name">__setCACertList</span>(<span class="summary-sig-arg">self</span>,
147        <span class="summary-sig-arg">caCertList</span>)</span><br />
148      Set list of CA certs - peer cert must validate against at least one
149      of these</td>
150          <td align="right" valign="top">
151            <span class="codelink"><a href="ndg.security.common.m2CryptoSSLUtility-pysrc.html#HostCheck.__setCACertList">source&nbsp;code</a></span>
152           
153          </td>
154        </tr>
155      </table>
156     
157    </td>
158  </tr>
159<tr class="private">
160    <td width="15%" align="right" valign="top" class="summary">
161      <span class="summary-type">&nbsp;</span>
162    </td><td class="summary">
163      <table width="100%" cellpadding="0" cellspacing="0" border="0">
164        <tr>
165          <td><span class="summary-sig"><a href="ndg.security.common.m2CryptoSSLUtility.HostCheck-class.html#__setCACertsFromFileList" class="summary-sig-name" onclick="show_private();">__setCACertsFromFileList</a>(<span class="summary-sig-arg">self</span>,
166        <span class="summary-sig-arg">caCertFilePathList</span>)</span><br />
167      Read CA certificates from file and add them to the X.509 stack</td>
168          <td align="right" valign="top">
169            <span class="codelink"><a href="ndg.security.common.m2CryptoSSLUtility-pysrc.html#HostCheck.__setCACertsFromFileList">source&nbsp;code</a></span>
170           
171          </td>
172        </tr>
173      </table>
174     
175    </td>
176  </tr>
177  <tr>
178    <td colspan="2" class="summary">
179    <div class="private">    <p class="indent-wrapped-lines"><b>Inherited from <code>M2Crypto.SSL.Checker.Checker</code></b> (private):
180      <code>_match</code>,
181      <code>_splitSubjectAltName</code>
182      </p></div>
183    <p class="indent-wrapped-lines"><b>Inherited from <code>object</code></b>:
184      <code>__delattr__</code>,
185      <code>__getattribute__</code>,
186      <code>__hash__</code>,
187      <code>__new__</code>,
188      <code>__reduce__</code>,
189      <code>__reduce_ex__</code>,
190      <code>__repr__</code>,
191      <code>__setattr__</code>,
192      <code>__str__</code>
193      </p>
194    </td>
195  </tr>
196</table>
197<!-- ==================== CLASS VARIABLES ==================== -->
198<a name="section-ClassVariables"></a>
199<table class="summary" border="1" cellpadding="3"
200       cellspacing="0" width="100%" bgcolor="white">
201<tr bgcolor="#70b0f0" class="table-header">
202  <td colspan="2" class="table-header">
203    <table border="0" cellpadding="0" cellspacing="0" width="100%">
204      <tr valign="top">
205        <td align="left"><span class="table-header">Class Variables</span></td>
206        <td align="right" valign="top"
207         ><span class="options">[<a href="#section-ClassVariables"
208         class="privatelink" onclick="toggle_private();"
209         >hide private</a>]</span></td>
210      </tr>
211    </table>
212  </td>
213</tr>
214<tr>
215    <td width="15%" align="right" valign="top" class="summary">
216      <span class="summary-type">&nbsp;</span>
217    </td><td class="summary">
218        <a href="ndg.security.common.m2CryptoSSLUtility.HostCheck-class.html#caCertList" class="summary-name">caCertList</a> = <code title="property(fset= __setCACertList, doc= &quot;list of CA certs - peer cert mus\
219t validate against one&quot;)">property(fset= __setCACertList, doc= &quot;list of CA <code class="variable-ellipsis">...</code></code>
220    </td>
221  </tr>
222<tr>
223    <td width="15%" align="right" valign="top" class="summary">
224      <span class="summary-type">&nbsp;</span>
225    </td><td class="summary">
226        <a href="ndg.security.common.m2CryptoSSLUtility.HostCheck-class.html#caCertFilePathList" class="summary-name">caCertFilePathList</a> = <code title="property(fset= __setCACertsFromFileList, doc= &quot;list of CA cert file pa\
227ths - peer cert must validate against one&quot;)">property(fset= __setCACertsFromFileList, <code class="variable-ellipsis">...</code></code>
228    </td>
229  </tr>
230  <tr>
231    <td colspan="2" class="summary">
232    <p class="indent-wrapped-lines"><b>Inherited from <code>M2Crypto.SSL.Checker.Checker</code></b>:
233      <code>numericIpMatch</code>
234      </p>
235    </td>
236  </tr>
237</table>
238<!-- ==================== PROPERTIES ==================== -->
239<a name="section-Properties"></a>
240<table class="summary" border="1" cellpadding="3"
241       cellspacing="0" width="100%" bgcolor="white">
242<tr bgcolor="#70b0f0" class="table-header">
243  <td colspan="2" class="table-header">
244    <table border="0" cellpadding="0" cellspacing="0" width="100%">
245      <tr valign="top">
246        <td align="left"><span class="table-header">Properties</span></td>
247        <td align="right" valign="top"
248         ><span class="options">[<a href="#section-Properties"
249         class="privatelink" onclick="toggle_private();"
250         >hide private</a>]</span></td>
251      </tr>
252    </table>
253  </td>
254</tr>
255  <tr>
256    <td colspan="2" class="summary">
257    <p class="indent-wrapped-lines"><b>Inherited from <code>object</code></b>:
258      <code>__class__</code>
259      </p>
260    </td>
261  </tr>
262</table>
263<!-- ==================== METHOD DETAILS ==================== -->
264<a name="section-MethodDetails"></a>
265<table class="details" border="1" cellpadding="3"
266       cellspacing="0" width="100%" bgcolor="white">
267<tr bgcolor="#70b0f0" class="table-header">
268  <td colspan="2" class="table-header">
269    <table border="0" cellpadding="0" cellspacing="0" width="100%">
270      <tr valign="top">
271        <td align="left"><span class="table-header">Method Details</span></td>
272        <td align="right" valign="top"
273         ><span class="options">[<a href="#section-MethodDetails"
274         class="privatelink" onclick="toggle_private();"
275         >hide private</a>]</span></td>
276      </tr>
277    </table>
278  </td>
279</tr>
280</table>
281<a name="__init__"></a>
282<div>
283<table class="details" border="1" cellpadding="3"
284       cellspacing="0" width="100%" bgcolor="white">
285<tr><td>
286  <table width="100%" cellpadding="0" cellspacing="0" border="0">
287  <tr valign="top"><td>
288  <h3 class="epydoc"><span class="sig"><span class="sig-name">__init__</span>(<span class="sig-arg">self</span>,
289        <span class="sig-arg">peerCertDN</span>=<span class="sig-default">None</span>,
290        <span class="sig-arg">peerCertCN</span>=<span class="sig-default">None</span>,
291        <span class="sig-arg">acceptedDNs</span>=<span class="sig-default">[]</span>,
292        <span class="sig-arg">caCertList</span>=<span class="sig-default">[]</span>,
293        <span class="sig-arg">caCertFilePathList</span>=<span class="sig-default">[]</span>,
294        <span class="sig-arg">**kw</span>)</span>
295    <br /><em class="fname">(Constructor)</em>
296  </h3>
297  </td><td align="right" valign="top"
298    ><span class="codelink"><a href="ndg.security.common.m2CryptoSSLUtility-pysrc.html#HostCheck.__init__">source&nbsp;code</a></span>&nbsp;
299    </td>
300  </tr></table>
301 
302  <p>Override parent class __init__ to enable setting of myProxyServerDN
303  setting</p>
304  <dl class="fields">
305    <dt>Parameters:</dt>
306    <dd><ul class="nomargin-top">
307        <li><strong class="pname"><code>peerCertDN</code></strong> (string/list) - Set the expected Distinguished Name of the server to avoid errors
308          matching hostnames.  This is useful where the hostname is not
309          fully qualified.
310          <p>*param acceptedDNs: a list of acceptable DNs.  This enables
311          validation where the expected DN is where against a limited list
312          of certs.</p></li>
313        <li><strong class="pname"><code>peerCertCN</code></strong> (string) - enable alternate Common Name to peer hostname</li>
314        <li><strong class="pname"><code>caCertList</code></strong> (list type of M2Crypto.X509.X509 types) - CA X.509 certificates - if set the peer cert's CA signature is
315          verified against one of these.  At least one must verify</li>
316        <li><strong class="pname"><code>caCertFilePathList</code></strong> (list string types) - same as caCertList except input as list of CA cert file paths</li>
317    </ul></dd>
318    <dt>Overrides:
319        object.__init__
320    </dt>
321  </dl>
322</td></tr></table>
323</div>
324<a name="__call__"></a>
325<div>
326<table class="details" border="1" cellpadding="3"
327       cellspacing="0" width="100%" bgcolor="white">
328<tr><td>
329  <table width="100%" cellpadding="0" cellspacing="0" border="0">
330  <tr valign="top"><td>
331  <h3 class="epydoc"><span class="sig"><span class="sig-name">__call__</span>(<span class="sig-arg">self</span>,
332        <span class="sig-arg">peerCert</span>,
333        <span class="sig-arg">host</span>=<span class="sig-default">None</span>)</span>
334    <br /><em class="fname">(Call operator)</em>
335  </h3>
336  </td><td align="right" valign="top"
337    ><span class="codelink"><a href="ndg.security.common.m2CryptoSSLUtility-pysrc.html#HostCheck.__call__">source&nbsp;code</a></span>&nbsp;
338    </td>
339  </tr></table>
340 
341  <p>Carry out checks on server ID</p>
342  <dl class="fields">
343    <dt>Parameters:</dt>
344    <dd><ul class="nomargin-top">
345        <li><strong class="pname"><code>peerCert</code></strong> - MyProxy server host certificate as M2Crypto.X509.X509 instance</li>
346        <li><strong class="pname"><code>host</code></strong> - name of host to check</li>
347    </ul></dd>
348    <dt>Overrides:
349        M2Crypto.SSL.Checker.Checker.__call__
350    </dt>
351  </dl>
352</td></tr></table>
353</div>
354<a name="__setCACertsFromFileList"></a>
355<div class="private">
356<table class="details" border="1" cellpadding="3"
357       cellspacing="0" width="100%" bgcolor="white">
358<tr><td>
359  <table width="100%" cellpadding="0" cellspacing="0" border="0">
360  <tr valign="top"><td>
361  <h3 class="epydoc"><span class="sig"><span class="sig-name">__setCACertsFromFileList</span>(<span class="sig-arg">self</span>,
362        <span class="sig-arg">caCertFilePathList</span>)</span>
363  </h3>
364  </td><td align="right" valign="top"
365    ><span class="codelink"><a href="ndg.security.common.m2CryptoSSLUtility-pysrc.html#HostCheck.__setCACertsFromFileList">source&nbsp;code</a></span>&nbsp;
366    </td>
367  </tr></table>
368 
369  <p>Read CA certificates from file and add them to the X.509 stack</p>
370  <dl class="fields">
371    <dt>Parameters:</dt>
372    <dd><ul class="nomargin-top">
373        <li><strong class="pname"><code>caCertFilePathList</code></strong> (list or tuple) - list of file paths for CA certificates to be used to verify
374          certificate used to sign message</li>
375    </ul></dd>
376  </dl>
377</td></tr></table>
378</div>
379<br />
380<!-- ==================== CLASS VARIABLE DETAILS ==================== -->
381<a name="section-ClassVariableDetails"></a>
382<table class="details" border="1" cellpadding="3"
383       cellspacing="0" width="100%" bgcolor="white">
384<tr bgcolor="#70b0f0" class="table-header">
385  <td colspan="2" class="table-header">
386    <table border="0" cellpadding="0" cellspacing="0" width="100%">
387      <tr valign="top">
388        <td align="left"><span class="table-header">Class Variable Details</span></td>
389        <td align="right" valign="top"
390         ><span class="options">[<a href="#section-ClassVariableDetails"
391         class="privatelink" onclick="toggle_private();"
392         >hide private</a>]</span></td>
393      </tr>
394    </table>
395  </td>
396</tr>
397</table>
398<a name="caCertList"></a>
399<div>
400<table class="details" border="1" cellpadding="3"
401       cellspacing="0" width="100%" bgcolor="white">
402<tr><td>
403  <h3 class="epydoc">caCertList</h3>
404 
405  <dl class="fields">
406  </dl>
407  <dl class="fields">
408    <dt>Value:</dt>
409      <dd><table><tr><td><pre class="variable">
410property(fset= __setCACertList, doc= &quot;list of CA certs - peer cert mus<span class="variable-linewrap"><img src="crarr.png" alt="\" /></span>
411t validate against one&quot;)
412</pre></td></tr></table>
413</dd>
414  </dl>
415</td></tr></table>
416</div>
417<a name="caCertFilePathList"></a>
418<div>
419<table class="details" border="1" cellpadding="3"
420       cellspacing="0" width="100%" bgcolor="white">
421<tr><td>
422  <h3 class="epydoc">caCertFilePathList</h3>
423 
424  <dl class="fields">
425  </dl>
426  <dl class="fields">
427    <dt>Value:</dt>
428      <dd><table><tr><td><pre class="variable">
429property(fset= __setCACertsFromFileList, doc= &quot;list of CA cert file pa<span class="variable-linewrap"><img src="crarr.png" alt="\" /></span>
430ths - peer cert must validate against one&quot;)
431</pre></td></tr></table>
432</dd>
433  </dl>
434</td></tr></table>
435</div>
436<br />
437<!-- ==================== NAVIGATION BAR ==================== -->
438<table class="navbar" border="0" width="100%" cellpadding="0"
439       bgcolor="#a0c0ff" cellspacing="0">
440  <tr valign="middle">
441  <!-- Home link -->
442      <th>&nbsp;&nbsp;&nbsp;<a
443        href="ndg-module.html">Home</a>&nbsp;&nbsp;&nbsp;</th>
444
445  <!-- Tree link -->
446      <th>&nbsp;&nbsp;&nbsp;<a
447        href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>
448
449  <!-- Index link -->
450      <th>&nbsp;&nbsp;&nbsp;<a
451        href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>
452
453  <!-- Help link -->
454      <th>&nbsp;&nbsp;&nbsp;<a
455        href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>
456
457  <!-- Project homepage -->
458      <th class="navbar" align="right" width="100%">
459        <table border="0" cellpadding="0" cellspacing="0">
460          <tr><th class="navbar" align="center"
461            >NDG Security</th>
462          </tr></table></th>
463  </tr>
464</table>
465<table border="0" cellpadding="0" cellspacing="0" width="100%%">
466  <tr>
467    <td align="left" class="footer">
468    <a href="epydoc-log.html">Generated by Epydoc
469    3.0.1 on Thu Sep  4 09:37:47 2008</a>
470    </td>
471    <td align="right" class="footer">
472      <a target="mainFrame" href="http://epydoc.sourceforge.net"
473        >http://epydoc.sourceforge.net</a>
474    </td>
475  </tr>
476</table>
477
478<script type="text/javascript">
479  <!--
480  // Private objects are initially displayed (because if
481  // javascript is turned off then we want them to be
482  // visible); but by default, we want to hide them.  So hide
483  // them unless we have a cookie that says to show them.
484  checkCookie();
485  // -->
486</script>
487</body>
488</html>
Note: See TracBrowser for help on using the repository browser.