Added SSL support

Eugeny · Eugeny · commit 43f03ffc51e1 · 2010-03-18T11:24:31.000+02:00
diff --git a/ajenti/config.py b/ajenti/config.py
@@ -4,7 +4,9 @@
 
 default_values = {
                     'bind_host': '',
-                    'bind_port': '8000'
+                    'bind_port': '8000',
+                    'ssl'      : '1',
+                    'cert_file': 'server.pem'
                  }
 
 default_values['platform'] = detect_platform()
diff --git a/ajenti/standalone.py b/ajenti/standalone.py
@@ -3,12 +3,36 @@
  
 import sys
 import logging
-from wsgiref.simple_server import make_server
+from wsgiref.simple_server import make_server, WSGIRequestHandler, WSGIServer
+from OpenSSL import SSL
+import socket
 
 from ajenti.config import Config
 from ajenti.app import AppDispatcher
 
-def simple_server():
+ 
+class SecureRequestHandler(WSGIRequestHandler):
+    def setup(self):
+        self.connection = self.request
+        self.rfile = socket._fileobject(self.request, "rb", self.rbufsize)
+        self.wfile = socket._fileobject(self.request, "wb", self.wbufsize)
+     
+		
+class SecureServer(WSGIServer):
+    cert_file = ''
+    
+    def __init__(self, server_address, HandlerClass):
+        WSGIServer.__init__(self, server_address, HandlerClass)
+        ctx = SSL.Context(SSL.SSLv23_METHOD)
+        ctx.use_privatekey_file(SecureServer.cert_file)
+        ctx.use_certificate_file(SecureServer.cert_file)
+        self.socket = SSL.Connection(ctx, socket.socket(self.address_family,
+                                                        self.socket_type))
+        self.server_bind()
+        self.server_activate()
+
+        
+def server():
     # Initialize logging subsystem
     log = logging.getLogger('ajenti')
     stderr = logging.StreamHandler()
@@ -26,9 +50,15 @@ def simple_server():
     config.set('log_facility',log)
 
     # Start server
-    httpd = make_server(host, port, AppDispatcher(config).dispatcher)
+    if config.getint('ajenti', 'ssl') == 1:
+        SecureServer.cert_file = config.get('ajenti','cert_file')
+        httpd = make_server(host, port, AppDispatcher(config).dispatcher, SecureServer, SecureRequestHandler)
+    else:
+        httpd = make_server(host, port, AppDispatcher(config).dispatcher)
+    
     try:
         httpd.serve_forever()
     except KeyboardInterrupt, e:
         log.warn('Stopping by <Control-C>') 
-     
+        
+     
diff --git a/serve.py b/serve.py
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 
-from ajenti.standalone import simple_server
+from ajenti.standalone import server
 
 if __name__ == '__main__':
-    simple_server()
+    server()
 
diff --git a/server.pem b/server.pem
@@ -0,0 +1,31 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQC332g78wJol72MU60YDXnewvh8Zh6sTAsBVrn0fisMmrvvc2JK
+Kc2taoHn/nOTsnqoQ9n0jQrBWwu6F7YzqwqyrJW0U5z0ndAdSN2eTOe2mGH2jOuh
+sPtcrh9j47ryCUfSiwgEqRMmfB/X4Y++tZlG+kQGvEIYQ0jbKabkHNqecwIDAQAB
+AoGAJZNpSL8LofZIjTHYcM7oNebgQwPXhtxvb1Ga5OUXxRamC3QoBQHv/12BuLhe
+RDO4L0TWeMyOAx+pENmhqYNtxucdC2REUu4fMSLuUxniN7tyZDRbTKLaubFgVPOD
+OX4XRYNi5gCanD0nHM9+z1Fq2IU09LsTT5nQNt2JjNzMR2kCQQDeAEQs7RQsV+zn
+3oQqfoKHHGCZ94WJXLKloGvpy45h8sq4qZVGTni9Qe8L5CtNtU9I0iMQ3Y3ww6q3
+fIGVTyj/AkEA1AhJiLE650nobgEvWPUg69MAToV03K8mRnbvL8b2SzR3kkoSHeMc
+pveP03q0JQGAJnk/5WxnDcTigH5T9ST2jQJBAN06jLXsiAbslAQ45aJnMfIsoEOu
+u184hjqxU/jHRhtr1QMS09QdTQrlEq/Z8CFfRiQ+bH1ZHCLLCmwRYh0FpscCQHZL
+uVr+JnLsFTVqi9QBz0BDFKS6aJzHS398063AP6FtwFhp4vmxwEaXUDMY/nC3CZxt
+gWyqskRIWGaAFK9s0/ECQQCF5avvufBAN7xxKmZtgM8Y7u/iLwLe9KqSZqVfRvzZ
+PxlnmUcjZs0WFkGCu+W4p5I7o0WFZaZIzjO8mKZ2SCyr
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICjzCCAfigAwIBAgIJAI/GDuUaKh3GMA0GCSqGSIb3DQEBBQUAMDoxFjAUBgNV
+BAcTDVRoZSBzYXZhbm5haHMxDzANBgNVBAoTBkFqZW50aTEPMA0GA1UEAxMGYWpl
+bnRpMB4XDTEwMDMxODA4NTM1MVoXDTExMDMxODA4NTM1MVowOjEWMBQGA1UEBxMN
+VGhlIHNhdmFubmFoczEPMA0GA1UEChMGQWplbnRpMQ8wDQYDVQQDEwZhamVudGkw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALffaDvzAmiXvYxTrRgNed7C+Hxm
+HqxMCwFWufR+Kwyau+9zYkopza1qgef+c5OyeqhD2fSNCsFbC7oXtjOrCrKslbRT
+nPSd0B1I3Z5M57aYYfaM66Gw+1yuH2PjuvIJR9KLCASpEyZ8H9fhj761mUb6RAa8
+QhhDSNsppuQc2p5zAgMBAAGjgZwwgZkwHQYDVR0OBBYEFL238UdDnNB+a5fU6f/b
+fI50YCkzMGoGA1UdIwRjMGGAFL238UdDnNB+a5fU6f/bfI50YCkzoT6kPDA6MRYw
+FAYDVQQHEw1UaGUgc2F2YW5uYWhzMQ8wDQYDVQQKEwZBamVudGkxDzANBgNVBAMT
+BmFqZW50aYIJAI/GDuUaKh3GMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
+gYEAnTANwawdhPJLL4N765/hyt4BFwWGpg5XbI2dhXoq7meF5uqafrdsZMIFY4re
+7xllZ8Lt3AjQ4TNhBDUhyH5HYXxHCOHsNh8MwX0dOnkn79CSpNap2NScM/kSbcl9
+jhyzICGEVb7r1TNiwAIIfFD4L/qMF2ABWP4SU3DfJIVnjv0=
+-----END CERTIFICATE-----

Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,9 @@`
`4`	`4`
`5`	`5`	`default_values = {`
`6`	`6`	`'bind_host': '',`
`7`		`- 'bind_port': '8000'`
	`7`	`+ 'bind_port': '8000',`
	`8`	`+ 'ssl' : '1',`
	`9`	`+ 'cert_file': 'server.pem'`
`8`	`10`	`}`
`9`	`11`
`10`	`12`	`default_values['platform'] = detect_platform()`