Manage SSL (HTTPS) connections.

2010-01-19 17:49:32 +01:00 · 2010-01-19 17:49:32 +01:00 · 86dd1b0ef4
commit 86dd1b0ef4
parent a8474449e2
4 changed files with 54 additions and 20 deletions
--- a/3
+++ b/3
@ -14,7 +14,8 @@
 0.2
 ===

-* SSL connections and authentications
+* [DONE] SSL connections
+* Authentications
 * [DONE] Daemon mode
 * [DONE] User configuration

--- a/radicale.py
+++ b/radicale.py
@ -36,32 +36,48 @@ import optparse

 import radicale

+# Get command-line options
 parser = optparse.OptionParser()
 parser.add_option(
    "-d", "--daemon", action="store_true",
    default=radicale.config.getboolean("server", "daemon"),
    help="launch as daemon")
 parser.add_option(
-    "-n", "--name",
-    default=radicale.config.get("server", "name"),
-    help="set server name")
+    "-H", "--host",
+    default=radicale.config.get("server", "host"),
+    help="set server hostname")
 parser.add_option(
-    "-p", "--port",
+    "-p", "--port", type="int",
    default=radicale.config.getint("server", "port"),
    help="set server port")
 parser.add_option(
-    "-P", "--protocol",
-    default=radicale.config.get("server", "protocol"),
-    help="set server protocol")
+    "-s", "--ssl", action="store_true",
+    default=radicale.config.getboolean("server", "ssl"),
+    help="use SSL connection")
+parser.add_option(
+    "-k", "--key",
+    default=radicale.config.get("server", "key"),
+    help="private key file ")
+parser.add_option(
+    "-c", "--certificate",
+    default=radicale.config.get("server", "certificate"),
+    help="certificate file ")
 options, args = parser.parse_args()

+# Update radicale configuration according to options
+for option in parser.option_list:
+    key = option.dest
+    if key:
+        value = getattr(options, key)
+        radicale.config.set("server", key, value)
+
+# Fork if Radicale is launched as daemon
 if options.daemon:
    if os.fork():
        sys.exit()
    sys.stdout = sys.stderr = open(os.devnull, "w")
-if options.protocol == "http":
-    server = radicale.server.HTTPServer(
-        (options.name, options.port), radicale.CalendarHandler)
+
+# Launch calendar server
+server_class = radicale.HTTPSServer if options.ssl else radicale.HTTPServer
+server = server_class((options.host, options.port), radicale.CalendarHTTPHandler)
 server.serve_forever()
-else:
-    raise StandardError("%s: unsupported protocol" % options.protocol)
--- a/radicale/init.py
+++ b/radicale/init.py
@ -20,7 +20,7 @@

 # TODO: Manage errors (see xmlutils)

-import posixpath
+import socket
 try:
    from http import client, server
 except ImportError:
@ -29,7 +29,24 @@ except ImportError:

 from radicale import config, support, xmlutils

-class CalendarHandler(server.BaseHTTPRequestHandler):
+HTTPServer = server.HTTPServer
+
+class HTTPSServer(HTTPServer):
+    def __init__(self, address, handler):
+        # Fails with Python 2.5, import if needed
+        import ssl
+
+        super(HTTPSServer, self).__init__(address, handler)
+        self.socket = ssl.wrap_socket(
+            socket.socket(self.address_family, self.socket_type),
+            server_side=True, 
+            certfile=config.get("server", "certificate"),
+            keyfile=config.get("server", "key"),
+            ssl_version=ssl.PROTOCOL_SSLv23)
+        self.server_bind()
+        self.server_activate()        
+
+class CalendarHTTPHandler(server.BaseHTTPRequestHandler):
    """HTTP requests handler for calendars."""
    def _parse_path(self):
        path = self.path.strip("/").split("/")
--- a/radicale/config.py
+++ b/radicale/config.py
@ -43,12 +43,12 @@ items = _config.items

 _initial = {
    "server": {
-        "protocol": "http",
-        "name": "",
+        "host": "",
        "port": "5232",
        "daemon": "False",
-        #"certificate": "/etc/apache2/ssl/server.crt",
-        #"privatekey": "/etc/apache2/ssl/server.key",
+        "ssl": "False",
+        "certificate": "/etc/apache2/ssl/server.crt",
+        "key": "/etc/apache2/ssl/server.key",
        #"log": "/var/www/radicale/server.log",
        },
    "encoding": {