tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add ssl protocol and ciphers in config

Browse Source
This commit is contained in:
Jean-Marc Martins 2013-12-13 14:31:09 +01:00
parent f253b23a67
commit d765544edd
3 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config
View File

@ -25,6 +25,10 @@ ssl = False
certificate = /etc/apache2/ssl/server.crt certificate = /etc/apache2/ssl/server.crt
# SSL private key # SSL private key
key = /etc/apache2/ssl/server.key key = /etc/apache2/ssl/server.key
# SSL Protocol used. See python's ssl module for available values
protocol = PROTOCOL_SSLv23
# Ciphers available. See python's ssl module for available ciphers
ciphers = None
# Reverse DNS to resolve client address in logs # Reverse DNS to resolve client address in logs
dns_lookup = True dns_lookup = True
# Root URL of Radicale (starting and ending with a slash) # Root URL of Radicale (starting and ending with a slash)

7
radicale/__init__.py
View File

@ -98,7 +98,9 @@ class HTTPSServer(HTTPServer):
server_side=True, server_side=True,
certfile=config.get("server", "certificate"), certfile=config.get("server", "certificate"),
keyfile=config.get("server", "key"), keyfile=config.get("server", "key"),
ssl_version=ssl.PROTOCOL_SSLv23) ssl_version=getattr(ssl, config.get("server", "protocol"),
ssl.PROTOCOL_SSLv23),
ciphers=config.get("server", "ciphers"))
self.server_bind() self.server_bind()
self.server_activate() self.server_activate()
@ -271,8 +273,7 @@ class Application(object):
authorization = environ.get("HTTP_AUTHORIZATION", None) authorization = environ.get("HTTP_AUTHORIZATION", None)
if authorization: if authorization:
authorization = \ authorization = authorization.lstrip("Basic").strip()
authorization.decode("ascii").lstrip("Basic").strip()
user, password = self.decode(base64.b64decode( user, password = self.decode(base64.b64decode(
authorization.encode("ascii")), environ).split(":", 1) authorization.encode("ascii")), environ).split(":", 1)
else: else:

2
radicale/config.py
View File

@ -45,6 +45,8 @@ INITIAL_CONFIG = {
"ssl": "False", "ssl": "False",
"certificate": "/etc/apache2/ssl/server.crt", "certificate": "/etc/apache2/ssl/server.crt",
"key": "/etc/apache2/ssl/server.key", "key": "/etc/apache2/ssl/server.key",
"protocol": "PROTOCOL_SSLv23",
"ciphers": None,
"dns_lookup": "True", "dns_lookup": "True",
"base_prefix": "/", "base_prefix": "/",
"realm": "Radicale - Password Required"}, "realm": "Radicale - Password Required"},