diff options
Diffstat (limited to 'service')
| -rw-r--r-- | service/pixelated/config/app_factory.py | 39 | ||||
| -rw-r--r-- | service/pixelated/config/args.py | 5 | ||||
| -rw-r--r-- | service/pixelated/runserver.py | 8 | ||||
| -rw-r--r-- | service/test/unit/runserver_test.py | 11 |
4 files changed, 48 insertions, 15 deletions
diff --git a/service/pixelated/config/app_factory.py b/service/pixelated/config/app_factory.py index 38422a64..15577bb8 100644 --- a/service/pixelated/config/app_factory.py +++ b/service/pixelated/config/app_factory.py @@ -15,7 +15,11 @@ # along with Pixelated. If not, see <http://www.gnu.org/licenses/>. import sys +from OpenSSL import SSL from twisted.internet import reactor +from twisted.internet import ssl +from twisted.web import resource +from twisted.web.util import redirectTo from pixelated.config.routes import setup_routes from pixelated.adapter.mail_service import MailService from pixelated.adapter.mail import InputMail @@ -62,7 +66,7 @@ def init_leap_session(app): leap_session = LeapSession.open(app.config['LEAP_USERNAME'], app.config['LEAP_PASSWORD'], app.config['LEAP_SERVER_NAME']) - except ConnectionError, error: + except ConnectionError: print("Can't connect to the requested provider") sys.exit(1) except LeapAuthException, e: @@ -120,7 +124,36 @@ def init_app(app): sync_info_controller, attachments_controller, contacts_controller) -def create_app(app, bind_address, bind_port): - reactor.listenTCP(bind_port, Site(app.resource()), interface=bind_address) +def create_app(app, args): + + if args.sslkey and args.sslcert: + listen_with_ssl(app, args) + else: + listen_without_ssl(app, args) reactor.callWhenRunning(lambda: init_app(app)) reactor.run() + + +def listen_without_ssl(app, args): + reactor.listenTCP(args.port, Site(app.resource()), interface=args.host) + + +def listen_with_ssl(app, args): + sslContext = ssl.DefaultOpenSSLContextFactory(privateKeyFileName=args.sslkey, + certificateFileName=args.sslcert, + sslmethod=SSL.TLSv1_METHOD) + reactor.listenSSL(args.ssl_port, Site(app.resource()), sslContext, interface=args.host) + reactor.listenTCP(args.port, Site(RedirectToSSL(args.ssl_port))) + + return reactor + + +class RedirectToSSL(resource.Resource): + isLeaf = True + + def __init__(self, ssl_port): + self.ssl_port = ssl_port + + def render_GET(self, request): + host = request.getHost().host + return redirectTo("https://%s:%s" % (host, self.ssl_port), request) diff --git a/service/pixelated/config/args.py b/service/pixelated/config/args.py index 4ac8a2ea..de47996a 100644 --- a/service/pixelated/config/args.py +++ b/service/pixelated/config/args.py @@ -24,7 +24,10 @@ def parse(): parser.add_argument('--dispatcher-stdin', help='run in organization mode, the credentials will be read from stdin', default=False, action='store_true', dest='dispatcher_stdin') parser.add_argument('--host', default='127.0.0.1', help='the host to run the user agent on') parser.add_argument('--port', type=int, default=3333, help='the port to run the user agent on') - parser.add_argument('-c', '--config', metavar='configfile', default=None, help='use specified file for credentials (for test purposes only)') + parser.add_argument('--ssl-port', type=int, default=3433, help='the port to run the user agent with SSL support') + parser.add_argument('-c', '--config', metavar='<configfile>', default=None, help='use specified file for credentials (for test purposes only)') + parser.add_argument('-sk', '--sslkey', metavar='<server.key>', default=None, help='use specified file for SSL key') + parser.add_argument('-sc', '--sslcert', metavar='<server.pem>', default=None, help='use specified file for SSL certificate') parser.add_argument('--register', metavar=('provider', 'username'), nargs=2, help='register a new username on the desired provider') args = parser.parse_args() diff --git a/service/pixelated/runserver.py b/service/pixelated/runserver.py index 5f30913b..b53a682b 100644 --- a/service/pixelated/runserver.py +++ b/service/pixelated/runserver.py @@ -19,13 +19,11 @@ import sys import logging import json from klein import Klein -from twisted.python.log import ILogObserver klein_app = Klein() import ConfigParser from twisted.python import log -import sys from leap.common.events import server as events_server from pixelated.config import app_factory import pixelated.config.args as input_args @@ -59,7 +57,7 @@ def setup(): app.config['LEAP_PASSWORD'] = config['password'] else: configuration_setup(args.config) - start_services(args.host, args.port) + start_services(args) def register(username, server_name): @@ -122,9 +120,9 @@ def configuration_setup(config_file): app.config['LEAP_PASSWORD'] = password -def start_services(bind_address, bind_port): +def start_services(args): events_server.ensure_server(port=8090) - app_factory.create_app(app, bind_address, bind_port) + app_factory.create_app(app, args) if __name__ == '__main__': diff --git a/service/test/unit/runserver_test.py b/service/test/unit/runserver_test.py index 801a60bf..8650def1 100644 --- a/service/test/unit/runserver_test.py +++ b/service/test/unit/runserver_test.py @@ -75,14 +75,13 @@ class RunserverTest(unittest.TestCase): finally: sys.stdin = orig_stdin - def test_start_services_provides_port(self): - bind_address = '127.0.0.1' - bind_port = 12345 - when(app_factory).create_app(any(), bind_address, bind_port).thenReturn(None) + def test_start_services_pass_args_through(self): + args = {} + when(app_factory).create_app(any(), args).thenReturn(None) - pixelated.runserver.start_services(bind_address, bind_port) + pixelated.runserver.start_services(args) - verify(app_factory).create_app(any(), bind_address, bind_port) + verify(app_factory).create_app(any(),args) def spin_up_fifo(self, test_fifo): with open(test_fifo, 'w') as fifo: |