Improved ssl handling and error logging

author: Yves Fischer <yvesf-git@xapek.org> 2015-02-21 21:21:55 +0100
committer: Yves Fischer <yvesf-git@xapek.org> 2015-02-21 21:21:55 +0100
commit: 177325a8f1b4fb6130d868a368ac8a2c8165b997 (patch)
tree: b09e1f7824c18a5c36a9ac6249180d78a1ea6858
parent: 083899d6088492b1bc7e01f74be015070224f2c2 (diff)
download: fuse-httpfs-177325a8f1b4fb6130d868a368ac8a2c8165b997.tar.gz
fuse-httpfs-177325a8f1b4fb6130d868a368ac8a2c8165b997.zip
2 files changed, 62 insertions, 46 deletions
diff --git a/fuse-httpfs b/fuse-httpfs
index d955ec3..56662a8 100755
--- a/fuse-httpfs
+++ b/fuse-httpfs
@@ -1,38 +1,43 @@
 #!/usr/bin/env python3
-from httpfs import *
+import sys
+import fuse
+import logging
+import argparse
+from httpfs import Config, Httpfs
 
-if __name__ == '__main__':
-    import logging
-    FORMAT = "%(threadName)s %(asctime)-15s %(levelname)s:%(name)s %(message)s"
-    logging.basicConfig(level=logging.INFO, format=FORMAT)
+FORMAT = "%(threadName)s %(asctime)-15s %(levelname)s:%(name)s %(message)s"
+logging.basicConfig(level=logging.INFO, format=FORMAT)
 
-    import argparse
-    p = argparse.ArgumentParser(
-        formatter_class=argparse.ArgumentDefaultsHelpFormatter)
-    p.add_argument("mountpoint", nargs=1, help="Target directory")
-    p.add_argument("--max_background", type=int, default=15,
-                   help="Maximum number of background threads")
-    p.add_argument("--no_foreground", action="store_true", default=False,
-                   help="Fork into background as a daemon")
-    p.add_argument("--debug", action="store_true", help="Enable fuse debug")
-    p.add_argument("--nothreads", action="store_true",
-                   help="Disable fuse threads")
-    p.add_argument("--connect_timeout", type=int,
-                   default=Config.timeout[0], help="HTTP connect timeout")
-    p.add_argument("--read_timeout", type=int,
-                   default=Config.timeout[1], help="HTTP read timeout")
-    p.add_argument("--no-verify", action="store_true", help="Disable ssl verify")
+p = argparse.ArgumentParser(
+    formatter_class=argparse.ArgumentDefaultsHelpFormatter)
+p.add_argument("mountpoint", help="Target directory")
+p.add_argument("--max_background", type=int, default=15,
+               help="Maximum number of background threads")
+p.add_argument("--no_foreground", action="store_true", default=False,
+               help="Fork into background as a daemon")
+p.add_argument("--debug", action="store_true", help="Enable fuse debug")
+p.add_argument("--nothreads", action="store_true",
+               help="Disable fuse threads")
+p.add_argument("--connect_timeout", type=int,
+               default=Config.timeout[0], help="HTTP connect timeout")
+p.add_argument("--read_timeout", type=int,
+               default=Config.timeout[1], help="HTTP read timeout")
+p.add_argument("--ssl", choices=["default", "system", "none"],
+               help="SSL Verification", default="default")
+p.add_argument("--system-ca", default="/etc/ssl/certs/ca-certificates.crt",
+               help="Path to system ca bundle")
 
-    args = vars(p.parse_args(sys.argv[1:]))
+args = vars(p.parse_args(sys.argv[1:]))
 
-    Config.timeout = (args.pop("connect_timeout"), args.pop("read_timeout"))
-    Config.mountpoint = args.pop("mountpoint")[0]
-    Config.verify = not args.pop("no_verify")
-    kwargs = {}
-    if not args.pop("no_foreground"):
-        kwargs["foreground"] = True
-    if args.pop("debug"):
-        kwargs["debug"] = True
-    kwargs.update(args)
+Config.timeout = (args.pop("connect_timeout"), args.pop("read_timeout"))
+Config.mountpoint = args.pop("mountpoint")
+Config.verify = args.pop("ssl")
+Config.system_ca = args.pop("system_ca")
+kwargs = {}
+if not args.pop("no_foreground"):
+    kwargs["foreground"] = True
+if args.pop("debug"):
+    kwargs["debug"] = True
+kwargs.update(args)
 
-    fuse = fuse.FUSE(Httpfs(), Config.mountpoint, **kwargs)
+fuse = fuse.FUSE(Httpfs(), Config.mountpoint, **kwargs)
diff --git a/httpfs/__init__.py b/httpfs/__init__.py
index f7d7ec3..518bcc5 100644
--- a/httpfs/__init__.py
+++ b/httpfs/__init__.py
@@ -19,6 +19,7 @@ class Config(object):
     mountpoint = None
     timeout = (5, 25)  # connect_timeout, read_timeout
     verify = None
+    system_ca = None
 
 
 class Path:
@@ -39,8 +40,6 @@ class Path:
     @classmethod
     def fromPath(clazz, parent, pathElement):
         p = clazz(parent, unquote(pathElement))
-        if (pathElement == ""):
-            raise SystemExit(1)
         logging.info("created {} '{}' referencing {}".format(
             clazz.__name__, p.name, p.buildUrl()))
         return p
@@ -135,7 +134,15 @@ class Server(Directory):
     def __init__(self, parent, name):
         super().__init__(parent, name)
         self.session = requests.Session()
-        self.session.verify = Config.verify
+        if Config.verify == "default":
+            pass
+        elif Config.verify == "system":
+            self.session.verify = Config.system_ca
+        elif Config.verify == "none":
+            logging.warn("SSL Verification disabled!")
+            self.session.verify = False
+        else:
+            raise SystemExit("Invalid value for ssl verification")
 
     def getSession(self):
         return self.session
@@ -204,13 +211,13 @@ class Httpfs(fuse.LoggingMixIn, fuse.Operations):
             logging.warn("No .netrc file found, no default machines")
 
     def getattr(self, path, fh=None):
-        logging.info("getattr path={}".format(path))
+        logging.debug("getattr path={}".format(path))
         try:
             entry = self._getPath(path)
             if entry:
                 return entry.getAttr()
         except Exception as e:
-            logging.error("Error", e)
+            logging.exception("Error in getattr(%s)", path)
             raise fuse.FuseOSError(EHOSTUNREACH)
         raise fuse.FuseOSError(ENOENT)
 
@@ -265,15 +272,19 @@ class Httpfs(fuse.LoggingMixIn, fuse.Operations):
         return prevEntry.entries[lastElement]
 
     def readdir(self, path, fh):
-        logging.info("readdir path=%s", path)
-        entry = self._getPath(path)
-        if not entry:
-            raise fuse.FuseOSError(EBADF)
-        if not entry.initialized:
-            entry.init()
-        return [(".", entry.getAttr(), 0),
-                ("..", (entry.parent and entry.parent.getAttr() or None), 0)] \
-            + [(it.name, it.getAttr(), 0) for it in entry.entries.values()]
+        try:
+            logging.debug("readdir path=%s", path)
+            entry = self._getPath(path)
+            if not entry:
+                raise fuse.FuseOSError(EBADF)
+            if not entry.initialized:
+                entry.init()
+            return [(".", entry.getAttr(), 0),
+                    ("..", (entry.parent and entry.parent.getAttr() or None), 0)] \
+                + [(it.name, it.getAttr(), 0) for it in entry.entries.values()]
+        except Exception as e:
+            logging.exception("Error in readdir(%s)", path)
+            raise fuse.FuseOSError(EIO)
 
     def read(self, path, size, offset, fh):
         entry = self._getPath(path)
author	Yves Fischer <yvesf-git@xapek.org>	2015-02-21 21:21:55 +0100
committer	Yves Fischer <yvesf-git@xapek.org>	2015-02-21 21:21:55 +0100
commit	177325a8f1b4fb6130d868a368ac8a2c8165b997 (patch)
tree	b09e1f7824c18a5c36a9ac6249180d78a1ea6858
parent	083899d6088492b1bc7e01f74be015070224f2c2 (diff)
download	fuse-httpfs-177325a8f1b4fb6130d868a368ac8a2c8165b997.tar.gz fuse-httpfs-177325a8f1b4fb6130d868a368ac8a2c8165b997.zip