Manage SSL (HTTPS) connections.

This commit is contained in:
Guillaume Ayoub 2010-01-19 17:49:32 +01:00
parent a8474449e2
commit 86dd1b0ef4
4 changed files with 54 additions and 20 deletions

3
TODO
View File

@ -14,7 +14,8 @@
0.2 0.2
=== ===
* SSL connections and authentications * [DONE] SSL connections
* Authentications
* [DONE] Daemon mode * [DONE] Daemon mode
* [DONE] User configuration * [DONE] User configuration

View File

@ -36,32 +36,48 @@ import optparse
import radicale import radicale
# Get command-line options
parser = optparse.OptionParser() parser = optparse.OptionParser()
parser.add_option( parser.add_option(
"-d", "--daemon", action="store_true", "-d", "--daemon", action="store_true",
default=radicale.config.getboolean("server", "daemon"), default=radicale.config.getboolean("server", "daemon"),
help="launch as daemon") help="launch as daemon")
parser.add_option( parser.add_option(
"-n", "--name", "-H", "--host",
default=radicale.config.get("server", "name"), default=radicale.config.get("server", "host"),
help="set server name") help="set server hostname")
parser.add_option( parser.add_option(
"-p", "--port", "-p", "--port", type="int",
default=radicale.config.getint("server", "port"), default=radicale.config.getint("server", "port"),
help="set server port") help="set server port")
parser.add_option( parser.add_option(
"-P", "--protocol", "-s", "--ssl", action="store_true",
default=radicale.config.get("server", "protocol"), default=radicale.config.getboolean("server", "ssl"),
help="set server protocol") help="use SSL connection")
parser.add_option(
"-k", "--key",
default=radicale.config.get("server", "key"),
help="private key file ")
parser.add_option(
"-c", "--certificate",
default=radicale.config.get("server", "certificate"),
help="certificate file ")
options, args = parser.parse_args() options, args = parser.parse_args()
# Update radicale configuration according to options
for option in parser.option_list:
key = option.dest
if key:
value = getattr(options, key)
radicale.config.set("server", key, value)
# Fork if Radicale is launched as daemon
if options.daemon: if options.daemon:
if os.fork(): if os.fork():
sys.exit() sys.exit()
sys.stdout = sys.stderr = open(os.devnull, "w") sys.stdout = sys.stderr = open(os.devnull, "w")
if options.protocol == "http":
server = radicale.server.HTTPServer( # Launch calendar server
(options.name, options.port), radicale.CalendarHandler) server_class = radicale.HTTPSServer if options.ssl else radicale.HTTPServer
server.serve_forever() server = server_class((options.host, options.port), radicale.CalendarHTTPHandler)
else: server.serve_forever()
raise StandardError("%s: unsupported protocol" % options.protocol)

View File

@ -20,7 +20,7 @@
# TODO: Manage errors (see xmlutils) # TODO: Manage errors (see xmlutils)
import posixpath import socket
try: try:
from http import client, server from http import client, server
except ImportError: except ImportError:
@ -29,7 +29,24 @@ except ImportError:
from radicale import config, support, xmlutils from radicale import config, support, xmlutils
class CalendarHandler(server.BaseHTTPRequestHandler): HTTPServer = server.HTTPServer
class HTTPSServer(HTTPServer):
def __init__(self, address, handler):
# Fails with Python 2.5, import if needed
import ssl
super(HTTPSServer, self).__init__(address, handler)
self.socket = ssl.wrap_socket(
socket.socket(self.address_family, self.socket_type),
server_side=True,
certfile=config.get("server", "certificate"),
keyfile=config.get("server", "key"),
ssl_version=ssl.PROTOCOL_SSLv23)
self.server_bind()
self.server_activate()
class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
"""HTTP requests handler for calendars.""" """HTTP requests handler for calendars."""
def _parse_path(self): def _parse_path(self):
path = self.path.strip("/").split("/") path = self.path.strip("/").split("/")

View File

@ -43,12 +43,12 @@ items = _config.items
_initial = { _initial = {
"server": { "server": {
"protocol": "http", "host": "",
"name": "",
"port": "5232", "port": "5232",
"daemon": "False", "daemon": "False",
#"certificate": "/etc/apache2/ssl/server.crt", "ssl": "False",
#"privatekey": "/etc/apache2/ssl/server.key", "certificate": "/etc/apache2/ssl/server.crt",
"key": "/etc/apache2/ssl/server.key",
#"log": "/var/www/radicale/server.log", #"log": "/var/www/radicale/server.log",
}, },
"encoding": { "encoding": {