Manage SSL (HTTPS) connections.
This commit is contained in:
parent
a8474449e2
commit
86dd1b0ef4
3
TODO
3
TODO
@ -14,7 +14,8 @@
|
|||||||
0.2
|
0.2
|
||||||
===
|
===
|
||||||
|
|
||||||
* SSL connections and authentications
|
* [DONE] SSL connections
|
||||||
|
* Authentications
|
||||||
* [DONE] Daemon mode
|
* [DONE] Daemon mode
|
||||||
* [DONE] User configuration
|
* [DONE] User configuration
|
||||||
|
|
||||||
|
42
radicale.py
42
radicale.py
@ -36,32 +36,48 @@ import optparse
|
|||||||
|
|
||||||
import radicale
|
import radicale
|
||||||
|
|
||||||
|
# Get command-line options
|
||||||
parser = optparse.OptionParser()
|
parser = optparse.OptionParser()
|
||||||
parser.add_option(
|
parser.add_option(
|
||||||
"-d", "--daemon", action="store_true",
|
"-d", "--daemon", action="store_true",
|
||||||
default=radicale.config.getboolean("server", "daemon"),
|
default=radicale.config.getboolean("server", "daemon"),
|
||||||
help="launch as daemon")
|
help="launch as daemon")
|
||||||
parser.add_option(
|
parser.add_option(
|
||||||
"-n", "--name",
|
"-H", "--host",
|
||||||
default=radicale.config.get("server", "name"),
|
default=radicale.config.get("server", "host"),
|
||||||
help="set server name")
|
help="set server hostname")
|
||||||
parser.add_option(
|
parser.add_option(
|
||||||
"-p", "--port",
|
"-p", "--port", type="int",
|
||||||
default=radicale.config.getint("server", "port"),
|
default=radicale.config.getint("server", "port"),
|
||||||
help="set server port")
|
help="set server port")
|
||||||
parser.add_option(
|
parser.add_option(
|
||||||
"-P", "--protocol",
|
"-s", "--ssl", action="store_true",
|
||||||
default=radicale.config.get("server", "protocol"),
|
default=radicale.config.getboolean("server", "ssl"),
|
||||||
help="set server protocol")
|
help="use SSL connection")
|
||||||
|
parser.add_option(
|
||||||
|
"-k", "--key",
|
||||||
|
default=radicale.config.get("server", "key"),
|
||||||
|
help="private key file ")
|
||||||
|
parser.add_option(
|
||||||
|
"-c", "--certificate",
|
||||||
|
default=radicale.config.get("server", "certificate"),
|
||||||
|
help="certificate file ")
|
||||||
options, args = parser.parse_args()
|
options, args = parser.parse_args()
|
||||||
|
|
||||||
|
# Update radicale configuration according to options
|
||||||
|
for option in parser.option_list:
|
||||||
|
key = option.dest
|
||||||
|
if key:
|
||||||
|
value = getattr(options, key)
|
||||||
|
radicale.config.set("server", key, value)
|
||||||
|
|
||||||
|
# Fork if Radicale is launched as daemon
|
||||||
if options.daemon:
|
if options.daemon:
|
||||||
if os.fork():
|
if os.fork():
|
||||||
sys.exit()
|
sys.exit()
|
||||||
sys.stdout = sys.stderr = open(os.devnull, "w")
|
sys.stdout = sys.stderr = open(os.devnull, "w")
|
||||||
if options.protocol == "http":
|
|
||||||
server = radicale.server.HTTPServer(
|
# Launch calendar server
|
||||||
(options.name, options.port), radicale.CalendarHandler)
|
server_class = radicale.HTTPSServer if options.ssl else radicale.HTTPServer
|
||||||
server.serve_forever()
|
server = server_class((options.host, options.port), radicale.CalendarHTTPHandler)
|
||||||
else:
|
server.serve_forever()
|
||||||
raise StandardError("%s: unsupported protocol" % options.protocol)
|
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
|
|
||||||
# TODO: Manage errors (see xmlutils)
|
# TODO: Manage errors (see xmlutils)
|
||||||
|
|
||||||
import posixpath
|
import socket
|
||||||
try:
|
try:
|
||||||
from http import client, server
|
from http import client, server
|
||||||
except ImportError:
|
except ImportError:
|
||||||
@ -29,7 +29,24 @@ except ImportError:
|
|||||||
|
|
||||||
from radicale import config, support, xmlutils
|
from radicale import config, support, xmlutils
|
||||||
|
|
||||||
class CalendarHandler(server.BaseHTTPRequestHandler):
|
HTTPServer = server.HTTPServer
|
||||||
|
|
||||||
|
class HTTPSServer(HTTPServer):
|
||||||
|
def __init__(self, address, handler):
|
||||||
|
# Fails with Python 2.5, import if needed
|
||||||
|
import ssl
|
||||||
|
|
||||||
|
super(HTTPSServer, self).__init__(address, handler)
|
||||||
|
self.socket = ssl.wrap_socket(
|
||||||
|
socket.socket(self.address_family, self.socket_type),
|
||||||
|
server_side=True,
|
||||||
|
certfile=config.get("server", "certificate"),
|
||||||
|
keyfile=config.get("server", "key"),
|
||||||
|
ssl_version=ssl.PROTOCOL_SSLv23)
|
||||||
|
self.server_bind()
|
||||||
|
self.server_activate()
|
||||||
|
|
||||||
|
class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
|
||||||
"""HTTP requests handler for calendars."""
|
"""HTTP requests handler for calendars."""
|
||||||
def _parse_path(self):
|
def _parse_path(self):
|
||||||
path = self.path.strip("/").split("/")
|
path = self.path.strip("/").split("/")
|
||||||
|
@ -43,12 +43,12 @@ items = _config.items
|
|||||||
|
|
||||||
_initial = {
|
_initial = {
|
||||||
"server": {
|
"server": {
|
||||||
"protocol": "http",
|
"host": "",
|
||||||
"name": "",
|
|
||||||
"port": "5232",
|
"port": "5232",
|
||||||
"daemon": "False",
|
"daemon": "False",
|
||||||
#"certificate": "/etc/apache2/ssl/server.crt",
|
"ssl": "False",
|
||||||
#"privatekey": "/etc/apache2/ssl/server.key",
|
"certificate": "/etc/apache2/ssl/server.crt",
|
||||||
|
"key": "/etc/apache2/ssl/server.key",
|
||||||
#"log": "/var/www/radicale/server.log",
|
#"log": "/var/www/radicale/server.log",
|
||||||
},
|
},
|
||||||
"encoding": {
|
"encoding": {
|
||||||
|
Loading…
Reference in New Issue
Block a user