From 602c20ff67aaca8fbbc7656caff733b039dfbfe3 Mon Sep 17 00:00:00 2001
From: rafael lisboa <rafaelzlisboa@gmail.com>
Date: Wed, 3 Jun 2015 18:40:31 -0300
Subject: Move reactor logic out of application initialization

---
 service/pixelated/config/__init__.py | 38 ++++++++++++++++++++++++++++++------
 1 file changed, 32 insertions(+), 6 deletions(-)

(limited to 'service/pixelated/config/__init__.py')

diff --git a/service/pixelated/config/__init__.py b/service/pixelated/config/__init__.py
index e21cb4c0..1e3911f3 100644
--- a/service/pixelated/config/__init__.py
+++ b/service/pixelated/config/__init__.py
@@ -34,12 +34,38 @@ from pixelated.config.initialize_leap import initialize_leap
 def start_user_agent(loading_app, host, port, sslkey, sslcert, leap_home, leap_session):
     yield loading_app.stopListening()
 
-    app_factory.create_app(leap_home,
-                           leap_session,
-                           host,
-                           port,
-                           sslkey=sslkey,
-                           sslcert=sslcert)
+    resource = app_factory.init_app(leap_home, leap_session)
+
+    if sslkey and sslcert:
+        reactor.listenSSL(port, Site(resource), _ssl_options(sslkey, sslcert), interface=host)
+    else:
+        reactor.listenTCP(port, Site(resource), interface=host)
+
+    reactor.threadpool.adjustPoolsize(20, 40)
+    reactor.stop = stop_incoming_mail_fetcher(reactor.stop, leap_session)
+
+
+def stop_incoming_mail_fetcher(reactor_stop_function, leap_session):
+    def wrapper():
+        leap_session.stop_background_jobs()
+        reactor.threadpool.stop()
+        reactor_stop_function()
+    return wrapper
+
+
+def _ssl_options(sslkey, sslcert):
+    with open(sslkey) as keyfile:
+        pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, keyfile.read())
+    with open(sslcert) as certfile:
+        cert = crypto.load_certificate(crypto.FILETYPE_PEM, certfile.read())
+
+    acceptable = ssl.AcceptableCiphers.fromOpenSSLCipherString(
+        u'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:!RC4:HIGH:!MD5:!aNULL:!EDH')
+    options = ssl.CertificateOptions(privateKey=pkey,
+                                     certificate=cert,
+                                     method=SSL.TLSv1_2_METHOD,
+                                     acceptableCiphers=acceptable)
+    return options
 
 
 def initialize():
-- 
cgit v1.2.3