patch to enable ssl wrapping with stunnel
== Background == I have been working on wrapping a CherryPy server with SSL using [http://www.stunnel.org/ stunnel]. stunnel is a cross platform utility for wrapping TCP streams in SSL. It could be a nice way to quickly SSL enable a CherryPy site.
The standard setup works pretty well, but a problem occurs when a request is made to 'https://host/pathtoobject'. If 'pathtoobject' has an index method, _cphttptools.mapPathToObject will raise _cperror.HTTPRedirect(path) (path being '/pathtoobject/') to redirect the user to the index method.
HTTPRedirect, following the HTTP standard, redirects to an absolute URL, using the cherrypy.request.base received ''from the SSL wrapper'', which would be 'http://host'. At best (depending on how you look at it ;-), if CP was running on port 80, the user would be redirected to the insecure site. At worst, if CP is running on some port other than 80, the connection is refused because nothing is listening on port 80.
== Resolution == Adding a couple config options, 'sslWrapAddr' and 'sslWrapPort'. HTTPRedirect will check to see if those options are set. If they are, it checks to see if the request came from 'sslWrapAddr'. If it did, then it modifies the location url to use https and optionally the 'sslWrapPort' if it is running on something other than 443.
Attached is a small patch to _cperror.py that checks for the above config settings and acts accordingly.
== Finally... == If this patch is accepted, I will be happy to add a how-to to the wiki on using stunnel with CherryPy.