Mercurial > libervia-web

comparison libervia_server/__init__.py @ 421:39b07289ff42

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server_side: added parameter port_https_ext (external port for HTTPS, used for example for the redirection)
author souliane <souliane@mailoo.org>
date Tue, 25 Mar 2014 16:09:12 +0100
parents 2bd609d7dd65
children b5b440e6ea16
comparison
equal deleted inserted replaced
420:ac0018e4391b 421:39b07289ff42
787 """@return: a security warning message, or None if the connection is secure""" 787 """@return: a security warning message, or None if the connection is secure"""
788 if self.request.URLPath().scheme == 'https' or not self.sat_host.security_warning: 788 if self.request.URLPath().scheme == 'https' or not self.sat_host.security_warning:
789 return None 789 return None
790 text = D_("You are about to connect to an unsecured service.") 790 text = D_("You are about to connect to an unsecured service.")
791 if self.sat_host.connection_type == 'both': 791 if self.sat_host.connection_type == 'both':
792 new_port = (':%s' % self.sat_host.port_https) if self.sat_host.port_https != HTTPS_PORT else '' 792 new_port = (':%s' % self.sat_host.port_https_ext) if self.sat_host.port_https_ext != HTTPS_PORT else ''
793 url = "https://%s" % self.request.URLPath().netloc.replace(':%s' % self.sat_host.port, new_port) 793 url = "https://%s" % self.request.URLPath().netloc.replace(':%s' % self.sat_host.port, new_port)
794 text += D_('<br />Secure version of this website: <a href="%(url)s">%(url)s</a>') % {'url': url} 794 text += D_('<br />Secure version of this website: <a href="%(url)s">%(url)s</a>') % {'url': url}
795 return text 795 return text
796 796
797 797
995 class Libervia(service.Service): 995 class Libervia(service.Service):
996 996
997 OPT_PARAMETERS = [['connection_type', 't', 'https', "'http', 'https' or 'both' (to launch both servers).", coerceConnectionType], 997 OPT_PARAMETERS = [['connection_type', 't', 'https', "'http', 'https' or 'both' (to launch both servers).", coerceConnectionType],
998 ['port', 'p', 8080, 'The port number to listen HTTP on.', int], 998 ['port', 'p', 8080, 'The port number to listen HTTP on.', int],
999 ['port_https', 's', 8443, 'The port number to listen HTTPS on.', int], 999 ['port_https', 's', 8443, 'The port number to listen HTTPS on.', int],
1000 ['port_https_ext', 'e', 0, 'The external port number used for HTTPS (0 means port_https value).', int],
1000 ['ssl_certificate', 'c', 'libervia.pem', 'PEM certificate with both private and public parts.', str], 1001 ['ssl_certificate', 'c', 'libervia.pem', 'PEM certificate with both private and public parts.', str],
1001 ['redirect_to_https', 'r', 1, 'automatically redirect from HTTP to HTTPS.', int], 1002 ['redirect_to_https', 'r', 1, 'automatically redirect from HTTP to HTTPS.', int],
1002 ['security_warning', 'w', 1, 'warn user that he is about to connect on HTTP.', int], 1003 ['security_warning', 'w', 1, 'warn user that he is about to connect on HTTP.', int],
1003 ] 1004 ]
1004 1005
1010 kwargs[name] = value 1011 kwargs[name] = value
1011 1012
1012 self.connection_type = kwargs['connection_type'] 1013 self.connection_type = kwargs['connection_type']
1013 self.port = kwargs['port'] 1014 self.port = kwargs['port']
1014 self.port_https = kwargs['port_https'] 1015 self.port_https = kwargs['port_https']
1016 self.port_https_ext = kwargs['port_https_ext']
1017 if not self.port_https_ext:
1018 self.port_https_ext = self.port_https
1015 self.ssl_certificate = kwargs['ssl_certificate'] 1019 self.ssl_certificate = kwargs['ssl_certificate']
1016 self.redirect_to_https = kwargs['redirect_to_https'] 1020 self.redirect_to_https = kwargs['redirect_to_https']
1017 self.security_warning = kwargs['security_warning'] 1021 self.security_warning = kwargs['security_warning']
1018 self._cleanup = [] 1022 self._cleanup = []
1019 root = ProtectedFile(Const.LIBERVIA_DIR) 1023 root = ProtectedFile(Const.LIBERVIA_DIR)
1071 def startService(self): 1075 def startService(self):
1072 if self.connection_type in ('https', 'both'): 1076 if self.connection_type in ('https', 'both'):
1073 if not ssl_available: 1077 if not ssl_available:
1074 raise(ImportError(_("Python module pyOpenSSL is not installed!"))) 1078 raise(ImportError(_("Python module pyOpenSSL is not installed!")))
1075 try: 1079 try:
1076 with open(self.ssl_certificate) as keyAndCert: 1080 with open(os.path.expanduser(self.ssl_certificate)) as keyAndCert:
1077 try: 1081 try:
1078 cert = ssl.PrivateCertificate.loadPEM(keyAndCert.read()) 1082 cert = ssl.PrivateCertificate.loadPEM(keyAndCert.read())
1079 except OpenSSL.crypto.Error as e: 1083 except OpenSSL.crypto.Error as e:
1080 error(_("The file '%s' must contain both private and public parts of the certificate") % self.ssl_certificate) 1084 error(_("The file '%s' must contain both private and public parts of the certificate") % self.ssl_certificate)
1081 raise e 1085 raise e
1083 error(_("The file '%s' doesn't exist") % self.ssl_certificate) 1087 error(_("The file '%s' doesn't exist") % self.ssl_certificate)
1084 raise e 1088 raise e
1085 reactor.listenSSL(self.port_https, self.site, cert.options()) 1089 reactor.listenSSL(self.port_https, self.site, cert.options())
1086 if self.connection_type in ('http', 'both'): 1090 if self.connection_type in ('http', 'both'):
1087 if self.connection_type == 'both' and self.redirect_to_https: 1091 if self.connection_type == 'both' and self.redirect_to_https:
1088 reactor.listenTCP(self.port, server.Site(RedirectToHTTPS(self.port, self.port_https))) 1092 reactor.listenTCP(self.port, server.Site(RedirectToHTTPS(self.port, self.port_https_ext)))
1089 else: 1093 else:
1090 reactor.listenTCP(self.port, self.site) 1094 reactor.listenTCP(self.port, self.site)
1091 1095
1092 def stopService(self): 1096 def stopService(self):
1093 print "launching cleaning methods" 1097 print "launching cleaning methods"