def test_ssl_sending_messages(self): s = eventlet.wrap_ssl( eventlet.listen(("localhost", 0)), certfile=certificate_file, keyfile=private_key_file, server_side=True ) self.spawn_server(sock=s) connect = [ "GET /echo HTTP/1.1", "Upgrade: WebSocket", "Connection: Upgrade", "Host: localhost:%s" % self.port, "Origin: http://localhost:%s" % self.port, "Sec-WebSocket-Protocol: ws", "Sec-WebSocket-Key1: 4 @1 46546xW%0l 1 5", "Sec-WebSocket-Key2: 12998 5 Y3 1 .P00", ] sock = eventlet.wrap_ssl(eventlet.connect(("localhost", self.port))) sock.sendall("\r\n".join(connect) + "\r\n\r\n^n:ds[4U") first_resp = sock.recv(1024) # make sure it sets the wss: protocol on the location header loc_line = [x for x in first_resp.split("\r\n") if x.lower().startswith("sec-websocket-location")][0] self.assert_("wss://localhost" in loc_line, "Expecting wss protocol in location: %s" % loc_line) sock.sendall("\x00hello\xFF") result = sock.recv(1024) self.assertEqual(result, "\x00hello\xff") sock.sendall("\x00start") eventlet.sleep(0.001) sock.sendall(" end\xff") result = sock.recv(1024) self.assertEqual(result, "\x00start end\xff") greenio.shutdown_safe(sock) sock.close() eventlet.sleep(0.01)
def test_wrap_ssl(self): server = eventlet.wrap_ssl(eventlet.listen(('localhost', 0)), certfile=certificate_file, keyfile=private_key_file, server_side=True) port = server.getsockname()[1] def handle(sock,addr): sock.sendall(sock.recv(1024)) raise eventlet.StopServe() eventlet.spawn(eventlet.serve, server, handle) client = eventlet.wrap_ssl(eventlet.connect(('localhost', port))) client.sendall("echo") self.assertEquals("echo", client.recv(1024))
def test_two_servers(self): def test_app(env, start_response): start_response('200 OK', {}) return ['PONG'] fake_ssl_server = nova.wsgi.Server("fake_ssl", test_app, host="127.0.0.1", port=0, use_ssl=True) fake_ssl_server.start() self.assertNotEqual(0, fake_ssl_server.port) fake_server = nova.wsgi.Server("fake", test_app, host="127.0.0.1", port=0) fake_server.start() self.assertNotEqual(0, fake_server.port) cli = eventlet.connect(("localhost", fake_ssl_server.port)) cli = eventlet.wrap_ssl(cli, ca_certs=os.path.join(SSL_CERT_DIR, 'ca.crt')) cli.write('POST / HTTP/1.1\r\nHost: localhost\r\n' 'Connection: close\r\nContent-length:4\r\n\r\nPING') response = cli.read(8192) self.assertEqual(response[-4:], "PONG") cli = eventlet.connect(("localhost", fake_server.port)) cli.sendall('POST / HTTP/1.1\r\nHost: localhost\r\n' 'Connection: close\r\nContent-length:4\r\n\r\nPING') response = cli.recv(8192) self.assertEqual(response[-4:], "PONG") fake_ssl_server.stop() fake_ssl_server.wait()
def get_socket(self): """Create listener socket based on bottle server parameters.""" import eventlet # Separate out socket.listen arguments socket_args = {} for arg in ('backlog', 'family'): try: socket_args[arg] = self.options.pop(arg) except KeyError: pass # Separate out wrap_ssl arguments ssl_args = {} for arg in ('keyfile', 'certfile', 'server_side', 'cert_reqs', 'ssl_version', 'ca_certs', 'do_handshake_on_connect', 'suppress_ragged_eofs', 'ciphers'): try: ssl_args[arg] = self.options.pop(arg) except KeyError: pass address = (self.host, self.port) try: sock = eventlet.listen(address, **socket_args) except TypeError: # Fallback, if we have old version of eventlet sock = eventlet.listen(address) if ssl_args: sock = eventlet.wrap_ssl(sock, **ssl_args) return sock
def start(self, key=None, backlog=128): """Run a WSGI server with the given application.""" if self.socket is None: self.listen(key=key, backlog=backlog) dup_socket = self.socket.dup() if key: self.socket_info[key] = self.socket.getsockname() # SSL is enabled if self.do_ssl: if self.cert_required: cert_reqs = ssl.CERT_REQUIRED else: cert_reqs = ssl.CERT_NONE dup_socket = eventlet.wrap_ssl(dup_socket, certfile=self.certfile, keyfile=self.keyfile, server_side=True, cert_reqs=cert_reqs, ca_certs=self.ca_certs) # Optionally enable keepalive on the wsgi socket. if self.keepalive: dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) if self.keepidle is not None: dup_socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, self.keepidle) self.greenthread = self.pool.spawn(self._run, self.application, dup_socket)
def main(): from eventlet import wsgi,wrap_ssl,listen from ankisyncd.thread import shutdown config = SafeConfigParser() config.read("ankisyncd.conf") ankiserver = SyncApp(config) host = config.get("sync_app", "host") port = config.getint("sync_app", "port") if(config.getboolean("sync_app", "ssl")): certfile = config.get("sync_app", "certfile") keyfile = config.get("sync_app", "keyfile") socket = wrap_ssl( listen((host, port)), certfile=certfile, keyfile=keyfile, server_side=True ) else: socket = listen((host, port)) try: wsgi.server(socket, ankiserver) finally: shutdown()
def test_connect_ssl(self): def accept_once(listenfd): try: conn, addr = listenfd.accept() conn.write(b'hello\r\n') greenio.shutdown_safe(conn) conn.close() finally: greenio.shutdown_safe(listenfd) listenfd.close() server = eventlet.wrap_ssl( eventlet.listen(('0.0.0.0', 0)), self.private_key_file, self.certificate_file, server_side=True ) eventlet.spawn_n(accept_once, server) raw_client = eventlet.connect(('127.0.0.1', server.getsockname()[1])) client = ssl.wrap_socket(raw_client) fd = client.makefile('rb', 8192) assert fd.readline() == b'hello\r\n' try: self.assertEqual(b'', fd.read(10)) except greenio.SSL.ZeroReturnError: # if it's a GreenSSL object it'll do this pass greenio.shutdown_safe(client) client.close() check_hub()
def _run_server(): host = cfg.CONF.auth.host port = cfg.CONF.auth.port use_ssl = cfg.CONF.auth.use_ssl cert_file_path = os.path.realpath(cfg.CONF.auth.cert) key_file_path = os.path.realpath(cfg.CONF.auth.key) if use_ssl and not os.path.isfile(cert_file_path): raise ValueError('Certificate file "%s" doesn\'t exist' % (cert_file_path)) if use_ssl and not os.path.isfile(key_file_path): raise ValueError('Private key file "%s" doesn\'t exist' % (key_file_path)) socket = eventlet.listen((host, port)) if use_ssl: socket = eventlet.wrap_ssl(socket, certfile=cert_file_path, keyfile=key_file_path, server_side=True) LOG.info('ST2 Auth API running in "%s" auth mode', cfg.CONF.auth.mode) LOG.info('(PID=%s) ST2 Auth API is serving on %s://%s:%s.', os.getpid(), 'https' if use_ssl else 'http', host, port) wsgi.server(socket, app.setup_app()) return 0
def start(self, key=None, backlog=128): """Run a WSGI server with the given application.""" LOG.info(_('Starting %(arg0)s on %(host)s:%(port)s'), {'arg0': sys.argv[0], 'host': self.host, 'port': self.port}) # TODO(dims): eventlet's green dns/socket module does not actually # support IPv6 in getaddrinfo(). We need to get around this in the # future or monitor upstream for a fix info = socket.getaddrinfo(self.host, self.port, socket.AF_UNSPEC, socket.SOCK_STREAM)[0] _socket = eventlet.listen(info[-1], family=info[0], backlog=backlog) if key: self.socket_info[key] = _socket.getsockname() # SSL is enabled if self.do_ssl: if self.cert_required: cert_reqs = ssl.CERT_REQUIRED else: cert_reqs = ssl.CERT_NONE sslsocket = eventlet.wrap_ssl(_socket, certfile=self.certfile, keyfile=self.keyfile, server_side=True, cert_reqs=cert_reqs, ca_certs=self.ca_certs) _socket = sslsocket self.greenthread = self.pool.spawn(self._run, self.application, _socket)
def handle(self, listener, client, addr): if self.cfg.is_ssl: client = eventlet.wrap_ssl(client, server_side=True, do_handshake_on_connect=False, **self.cfg.ssl_options) super(EventletWorker, self).handle(listener, client, addr)
def run_server(): import eventlet eventlet_socket = eventlet.listen((host, port)) # If provided an SSL argument, use an SSL socket ssl_args = [ "keyfile", "certfile", "server_side", "cert_reqs", "ssl_version", "ca_certs", "do_handshake_on_connect", "suppress_ragged_eofs", "ciphers", ] ssl_params = {k: kwargs[k] for k in kwargs if k in ssl_args} if len(ssl_params) > 0: for k in ssl_params: kwargs.pop(k) ssl_params["server_side"] = True # Listening requires true eventlet_socket = eventlet.wrap_ssl(eventlet_socket, **ssl_params) eventlet.wsgi.server(eventlet_socket, app, log_output=log_output, **kwargs)
def make_socket(host, port, ssl_keyfile=None, ssl_certfile=None): sock = eventlet.listen((host, port)) # TODO: set ca_certs and cert_reqs=CERT_REQUIRED if ssl_keyfile and ssl_certfile: sock = eventlet.wrap_ssl(sock, certfile=ssl_certfile, keyfile=ssl_keyfile, server_side=True) return sock
def make_server(host="localhost", port=8081, scheme='http', **kw): socket = eventlet.listen((host, port)) if scheme == 'https': socket = eventlet.wrap_ssl(socket, server_side=True, **CERTS) dummy_log_fp = open('/dev/null', 'a') return wsgi.server(socket, TestingApp(), log=dummy_log_fp, **kw)
def serve(): if __name__ == '__main__': global app # wrap Flask application with engineio's middleware app = socketio.Middleware(sio, app) eventlet.wsgi.server(eventlet.wrap_ssl(eventlet.listen(('', 8000)), certfile='/home/garthtee/cert.pem', keyfile='/home/garthtee/privkey.pem'), app)
def _command(self, command, host, port): sock = eventlet.wrap_ssl(eventlet.connect((host, port)), keyfile=self._keyfile, certfile=self._certfile) stream = sock.makefile() stream.write("%s %s\n" % (self.NSDCT_VERSION, command)) stream.flush() result = stream.read() stream.close() sock.close() return result.rstrip()
def handle(self, listener, client, addr): if self.cfg.is_ssl: client = eventlet.wrap_ssl(client, server_side=True, **self.cfg.ssl_options) super(EventletWorker, self).handle(listener, client, addr) if not self.alive: raise eventlet.StopServe()
def start_client(**kwargs): host = kwargs["host"] backend_port = kwargs.get("backend_port") use_ssl = kwargs.get("use_ssl", False) ssl_opts = kwargs.get("ssl_opts", {}) if not backend_port: try: backend_port = util.discover_backend_port(host) except: print " ERROR: Unable to connect to service." sys.exit(0) frontend_ip = socket.gethostbyname(host.split(":")[0]) frontend_address, frontend_hostname = util.parse_address(host, default_ip=frontend_ip) backend = (frontend_address[0], backend_port) name = kwargs["name"] client = util.client_name() target = util.parse_address(kwargs["target"])[0] try: control = eventlet.connect(backend) if use_ssl: control = eventlet.wrap_ssl(control, server_side=False, **ssl_opts) control.sendall(protocol.version) protocol.send_message(control, protocol.control_request(name=name, client=client)) reply = protocol.recv_message(control) if reply and "control" in reply: reply = reply["control"] def maintain_proxy_backend_pool(): pool = eventlet.greenpool.GreenPool(reply["concurrency"]) while True: pool.spawn_n(open_proxy_backend, backend, target, name, client, use_ssl, ssl_opts) proxying = eventlet.spawn(maintain_proxy_backend_pool) print " {0}".format(reply["banner"]) print " Port {0} is now accessible from http://{1} ...\n".format(target[1], reply["host"]) try: while True: message = protocol.recv_message(control) assert message == protocol.control_ping() protocol.send_message(control, protocol.control_pong()) except (IOError, AssertionError): proxying.kill() elif reply and "error" in reply: print " ERROR: {0}".format(reply["message"]) else: print " ERROR: Unexpected server reply." print " Make sure you have the latest version of the client." except KeyboardInterrupt: pass
def start(self): """Start the wsgi server.""" from eventlet import wsgi import eventlet sock = eventlet.listen((self.server_host, self.server_port)) if self.ssl_certificate: sock = eventlet.wrap_ssl(sock, certfile=self.ssl_certificate, keyfile=self.ssl_key, server_side=True) wsgi.server(sock, self, log=_LOGGER)
def test_ssl_sending_messages(self): s = eventlet.wrap_ssl( eventlet.listen(("localhost", 0)), certfile=tests.certificate_file, keyfile=tests.private_key_file, server_side=True, ) self.spawn_server(sock=s) connect = [ "GET /echo HTTP/1.1", "Upgrade: WebSocket", "Connection: Upgrade", "Host: %s:%s" % self.server_addr, "Origin: http://%s:%s" % self.server_addr, "Sec-WebSocket-Protocol: ws", "Sec-WebSocket-Key1: 4 @1 46546xW%0l 1 5", "Sec-WebSocket-Key2: 12998 5 Y3 1 .P00", ] sock = eventlet.wrap_ssl(eventlet.connect(self.server_addr)) sock.sendall(six.b("\r\n".join(connect) + "\r\n\r\n^n:ds[4U")) first_resp = b"" while b"\r\n\r\n" not in first_resp: first_resp += sock.recv() print("resp now:") print(first_resp) # make sure it sets the wss: protocol on the location header loc_line = [x for x in first_resp.split(b"\r\n") if x.lower().startswith(b"sec-websocket-location")][0] expect_wss = ("wss://%s:%s" % self.server_addr).encode() assert expect_wss in loc_line, "Expecting wss protocol in location: %s" % loc_line sock.sendall(b"\x00hello\xFF") result = sock.recv(1024) self.assertEqual(result, b"\x00hello\xff") sock.sendall(b"\x00start") eventlet.sleep(0.001) sock.sendall(b" end\xff") result = sock.recv(1024) self.assertEqual(result, b"\x00start end\xff") greenio.shutdown_safe(sock) sock.close() eventlet.sleep(0.01)
def start(self): try: wsgi.server(eventlet.wrap_ssl(eventlet.listen((self.listen_addr, self.listen_port)), certfile=self.ssl_crt_path, keyfile=self.ssl_key_path, server_side=True), self.handle_request, log=self.request_logger) except Exception: self.logger.exception('Oops') raise
def start(self): try: sock = eventlet.listen((self.listen_addr, self.listen_port)) fcntl.fcntl(sock.fileno(), fcntl.F_SETFD, fcntl.FD_CLOEXEC) wsgi.server(eventlet.wrap_ssl(sock, certfile=self.ssl_crt_path, keyfile=self.ssl_key_path, server_side=True), self.handle_request, log=self.request_logger) except Exception: self.logger.exception('Oops') raise
def _command(self, command): sock = eventlet.wrap_ssl( eventlet.connect((self.host, self.port)), keyfile=self.keyfile, certfile=self.certfile) stream = sock.makefile() stream.write('%s %s\n' % (self.NSDCT_VERSION, command)) stream.flush() result = stream.read() stream.close() sock.close() return result
def listen(self, key=None, backlog=128): """Create and start listening on socket. Call before forking worker processes. Raises Exception if this has already been called. """ if self.socket is not None: raise Exception(_('Server can only listen once.')) LOG.info(_('Starting %(arg0)s on %(host)s:%(port)s'), {'arg0': sys.argv[0], 'host': self.host, 'port': self.port}) # TODO(dims): eventlet's green dns/socket module does not actually # support IPv6 in getaddrinfo(). We need to get around this in the # future or monitor upstream for a fix info = socket.getaddrinfo(self.host, self.port, socket.AF_UNSPEC, socket.SOCK_STREAM)[0] _socket = eventlet.listen(info[-1], family=info[0], backlog=backlog) if key: self.socket_info[key] = _socket.getsockname() # SSL is enabled if self.do_ssl: if self.cert_required: cert_reqs = ssl.CERT_REQUIRED else: cert_reqs = ssl.CERT_NONE sslsocket = eventlet.wrap_ssl(_socket, certfile=self.certfile, keyfile=self.keyfile, server_side=True, cert_reqs=cert_reqs, ca_certs=self.ca_certs) _socket = sslsocket # Optionally enable keepalive on the wsgi socket. if self.keepalive: _socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) # This option isn't available in the OS X version of eventlet if hasattr(socket, 'TCP_KEEPIDLE') and self.keepidle is not None: _socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, self.keepidle) self.socket = _socket
def test_ssl_sending_messages(self): s = eventlet.wrap_ssl(eventlet.listen(('localhost', 0)), certfile=certificate_file, keyfile=private_key_file, server_side=True) self.spawn_server(sock=s) connect = [ "GET /echo HTTP/1.1", "Upgrade: WebSocket", "Connection: Upgrade", "Host: localhost:%s" % self.port, "Origin: http://localhost:%s" % self.port, "Sec-WebSocket-Protocol: ws", "Sec-WebSocket-Key1: 4 @1 46546xW%0l 1 5", "Sec-WebSocket-Key2: 12998 5 Y3 1 .P00", ] sock = eventlet.wrap_ssl(eventlet.connect(('localhost', self.port))) sock.sendall('\r\n'.join(connect) + '\r\n\r\n^n:ds[4U') first_resp = sock.recv(1024) # make sure it sets the wss: protocol on the location header loc_line = [ x for x in first_resp.split("\r\n") if x.lower().startswith('sec-websocket-location') ][0] self.assert_("wss://localhost" in loc_line, "Expecting wss protocol in location: %s" % loc_line) sock.sendall('\x00hello\xFF') result = sock.recv(1024) self.assertEqual(result, '\x00hello\xff') sock.sendall('\x00start') eventlet.sleep(0.001) sock.sendall(' end\xff') result = sock.recv(1024) self.assertEqual(result, '\x00start end\xff') greenio.shutdown_safe(sock) sock.close() eventlet.sleep(0.01)
def eventlet_server(host="localhost", port=8081, scheme='http', certs=None, **kw): import eventlet import eventlet.wsgi certs = certs or {} socket = eventlet.listen((host, port)) if scheme == 'https': socket = eventlet.wrap_ssl(socket, server_side=True, **certs) dummy_log_fp = open(os.devnull, 'a') return eventlet.wsgi.server(socket, TestingApp(), log=dummy_log_fp, **kw)
def start(self): self.port = 1025 while True: try: eventlet.spawn_n(eventlet.serve, eventlet.wrap_ssl( eventlet.listen(('127.0.0.1', self.port)), keyfile=self.keyfile, certfile=self.certfile, server_side=True), self.handle) break except socket.error: self.port = self.port + 1
def start_web_app(ip='0.0.0.0', port=8000, usessl=False, cert_path=None): if usessl: if cert_path is None: # Store certs in the package directory cert_path = os.path.join( os.path.dirname(__file__), "cert.pem" ) key_path = os.path.join( os.path.dirname(__file__), "key.pem" ) else: # If specified, store certs at the user's preferred location cert_path = os.path.join( cert_path, "cert.pem" ) key_path = os.path.join( cert_path, "key.pem" ) if not os.path.isfile(cert_path) or not os.path.isfile(key_path): print( "\n" "-----------------------------------------\n" "---------------->WARNING<----------------\n" "The NXBT webapp is being run with self-\n" "signed SSL certificates for use on your\n" "local network.\n" "\n" "These certificates ARE NOT safe for\n" "production use. Please generate valid\n" "SSL certificates if you plan on using the\n" "NXBT webapp anywhere other than your own\n" "network.\n" "-----------------------------------------\n" "\n" "The above warning will only be shown once\n" "on certificate generation." "\n" ) print("Generating certificates...") cert, key = generate_cert(gethostname()) with open(cert_path, "wb") as f: f.write(cert) with open(key_path, "wb") as f: f.write(key) eventlet.wsgi.server(eventlet.wrap_ssl(eventlet.listen((ip, port)), certfile=cert_path, keyfile=key_path), app) else: eventlet.wsgi.server(eventlet.listen((ip, port)), app)
def run(self): for (iface, port, ssl, certfile, keyfile), app in self._wsgi_apps.items(): if ssl == 1: print "Orbited listening on https://%s:%s using cert: %s and key: %s" % (iface or "0.0.0.0", port, certfile, keyfile) eventlet.spawn(eventlet.wsgi.server, eventlet.wrap_ssl(eventlet.listen((iface, port)), certfile=certfile, keyfile=keyfile, server_side=True), app, log=EmptyLogShim()) else: print "Orbited listening on http://%s:%s" % (iface or "0.0.0.0", port) eventlet.spawn(eventlet.wsgi.server, eventlet.listen((iface,port)), app, log=EmptyLogShim()) ev = eventlet.event.Event() eventlet.spawn(self._run, ev) return ev
def requesting(host, port, ca_certs=None, method="POST", content_type="application/x-www-form-urlencoded", address_familly=socket.AF_INET): frame = bytes("{verb} / HTTP/1.1\r\n\r\n".format(verb=method), "utf-8") with socket.socket(address_familly, socket.SOCK_STREAM) as sock: if ca_certs: with eventlet.wrap_ssl(sock, ca_certs=ca_certs) as wrappedSocket: wrappedSocket.connect((host, port)) wrappedSocket.send(frame) data = wrappedSocket.recv(1024).decode() return data else: sock.connect((host, port)) sock.send(frame) data = sock.recv(1024).decode() return data
def start(self): if self._use_ssl: try: ca_file = CONF.ssl_ca_file cert_file = CONF.ssl_cert_file key_file = CONF.ssl_key_file if cert_file and not os.path.exists(cert_file): raise if ca_file and not os.path.exists(ca_file): raise if key_file and not os.path.exists(key_file): raise if self._use_ssl and (not cert_file or not key_file): raise ssl_kwargs = { 'server_side': True, 'certfile': cert_file, 'keyfile': key_file, 'cert_reqs': ssl.CERT_NONE } if CONF.ssl_ca_file: ssl_kwargs['ca_certs'] = ca_file ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED self._socket = eventlet.wrap_ssl(self.socket, **ssl_kwargs) self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) if hasattr(socket, 'TCP_KEEPIDLE'): self._socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, CONF.tcp_keepidle) except Exception: raise wsgi_kwargs = { 'func': eventlet.wsgi.server, 'sock': self._socket, 'site': self.app, 'protocol': self._protocol, 'custom_pool': self._pool } if self._max_url_len: wsgi_kwargs['url_length_limit'] = self._max_url_len self._server = eventlet.spawn(**wsgi_kwargs)
def eventlet_start_server(): address = serverConf.get("interface", "0.0.0.0") port = int(serverConf.get("port", 7009)) ssl_cert = serverConf.get("ssl_certificate") ssl_key = serverConf.get("ssl_private_key") if int(serverConf.get("access_log", 1)): log = "default" else: log = None if not ssl_key or not ssl_cert: wsgi.server(eventlet.listen((address, port)), application) else: print "ssl: %s, %s" % (ssl_key, ssl_cert) wsgi.server( eventlet.wrap_ssl(eventlet.listen((address, port)), certfile=ssl_cert, keyfile=ssl_key, server_side=True), application, )
def start(self): if self._use_ssl: try: ca_file = CONF.ssl_ca_file cert_file = CONF.ssl_cert_file key_file = CONF.ssl_key_file if cert_file and not os.path.exists(cert_file): raise if ca_file and not os.path.exists(ca_file): raise if key_file and not os.path.exists(key_file): raise if self._use_ssl and (not cert_file or not key_file): raise ssl_kwargs = { 'server_side': True, 'certfile': cert_file, 'keyfile': key_file, 'cert_reqs': ssl.CERT_NONE} if CONF.ssl_ca_file: ssl_kwargs['ca_certs'] = ca_file ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED self._socket = eventlet.wrap_ssl(self.socket, **ssl_kwargs) self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) if hasattr(socket, 'TCP_KEEPIDLE'): self._socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, CONF.tcp_keepidle) except Exception: raise wsgi_kwargs = { 'func': eventlet.wsgi.server, 'sock': self._socket, 'site': self.app, 'protocol': self._protocol, 'custom_pool': self._pool } if self._max_url_len: wsgi_kwargs['url_length_limit'] = self._max_url_len self._server = eventlet.spawn(**wsgi_kwargs)
def start(self, key=None, backlog=128): """Run a WSGI server with the given application.""" LOG.info(_('Starting %(arg0)s on %(host)s:%(port)s'), {'arg0': sys.argv[0], 'host': self.host, 'port': self.port}) # TODO(dims): eventlet's green dns/socket module does not actually # support IPv6 in getaddrinfo(). We need to get around this in the # future or monitor upstream for a fix info = socket.getaddrinfo(self.host, self.port, socket.AF_UNSPEC, socket.SOCK_STREAM)[0] _socket = eventlet.listen(info[-1], family=info[0], backlog=backlog) if key: self.socket_info[key] = _socket.getsockname() # SSL is enabled if self.do_ssl: if self.cert_required: cert_reqs = ssl.CERT_REQUIRED else: cert_reqs = ssl.CERT_NONE sslsocket = eventlet.wrap_ssl(_socket, certfile=self.certfile, keyfile=self.keyfile, server_side=True, cert_reqs=cert_reqs, ca_certs=self.ca_certs) _socket = sslsocket # Optionally enable keepalive on the wsgi socket. if self.keepalive: _socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) # This option isn't available in the OS X version of eventlet if hasattr(socket, 'TCP_KEEPIDLE') and self.keepidle is not None: _socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, self.keepidle) self.greenthread = self.pool.spawn(self._run, self.application, _socket)
def open_proxy_backend(backend, target, name, client, use_ssl=False, ssl_opts=None): proxy = eventlet.connect(backend) if use_ssl: ssl_opts = ssl_opts or {} proxy = eventlet.wrap_ssl(proxy, server_side=False, **ssl_opts) proxy.sendall(protocol.version) protocol.send_message(proxy, protocol.proxy_request(name=name, client=client)) reply = protocol.recv_message(proxy) if reply and "proxy" in reply: try: local = eventlet.connect(target) util.join_sockets(proxy, local) except IOError: proxy.close() elif reply and "error" in reply: print " ERROR: {0}".format(reply["error"]) return else: pass
def run_server(): import eventlet eventlet_socket = eventlet.listen((host, port)) # If provided an SSL argument, use an SSL socket ssl_args = ['keyfile', 'certfile', 'server_side', 'cert_reqs', 'ssl_version', 'ca_certs', 'do_handshake_on_connect', 'suppress_ragged_eofs', 'ciphers'] ssl_params = {k: kwargs[k] for k in kwargs if k in ssl_args} if len(ssl_params) > 0: for k in ssl_params: kwargs.pop(k) ssl_params['server_side'] = True # Listening requires true eventlet_socket = eventlet.wrap_ssl(eventlet_socket, **ssl_params) eventlet.wsgi.server(eventlet_socket, app, log_output=log_output, **kwargs)
def main(argv): ssl_mode = False port = 5000 try: opts, args = getopt.getopt(argv, "sp:", "purge") except getopt.GetoptError: print('backend.py -s SSL enable -p [port]') sys.exit(2) for opt, arg in opts: if opt == '--purge': # Remove history, the actual files you need to delete manually. for uuid, watch in datastore.data['watching'].items(): watch.update({ 'history': {}, 'last_checked': 0, 'last_changed': 0, 'previous_md5': None }) if opt == '-s': ssl_mode = True if opt == '-p': port = arg # @todo handle ctrl break ticker_thread = threading.Thread( target=ticker_thread_check_time_launch_checks).start() save_data_thread = threading.Thread(target=save_datastore).start() # @todo finalise SSL config, but this should get you in the right direction if you need it. if ssl_mode: eventlet.wsgi.server( eventlet.wrap_ssl(eventlet.listen(('', port)), certfile='cert.pem', keyfile='privkey.pem', server_side=True), app) else: eventlet.wsgi.server(eventlet.listen(('', port)), app)
def test_two_servers(self): def test_app(env, start_response): start_response('200 OK', {}) return ['PONG'] fake_ssl_server = wsgi.Server(self.conf, "fake_ssl", test_app, host="127.0.0.1", port=0, use_ssl=True) fake_ssl_server.start() self.assertNotEqual(0, fake_ssl_server.port) fake_server = wsgi.Server(self.conf, "fake", test_app, host="127.0.0.1", port=0) fake_server.start() self.assertNotEqual(0, fake_server.port) cli = eventlet.connect(("localhost", fake_ssl_server.port)) cli = eventlet.wrap_ssl(cli, ca_certs=os.path.join(SSL_CERT_DIR, 'ca.crt')) cli.write('POST / HTTP/1.1\r\nHost: localhost\r\n' 'Connection: close\r\nContent-length:4\r\n\r\nPING') response = cli.read(8192) self.assertEqual(response[-4:], "PONG") cli = eventlet.connect(("localhost", fake_server.port)) cli.sendall('POST / HTTP/1.1\r\nHost: localhost\r\n' 'Connection: close\r\nContent-length:4\r\n\r\nPING') response = cli.recv(8192) self.assertEqual(response[-4:], "PONG") fake_ssl_server.stop() fake_ssl_server.wait()
def startup(self, ip, port, pipe): try: from eventlet import wsgi, wrap_ssl, listen import socket import ssl from FreeTAKServer.controllers.MainSocketController import MainSocketController from FreeTAKServer.model.sockets.SSLServerSocket import SSLServerSocket global IP, HTTPPORT self.MainSocket = SSLServerSocket() IP = ip HTTPPORT = port PIPE = pipe # Make sure the data package directory exists if not Path(dp_directory).exists(): app.logger.info(f"Creating directory at {str(dp_directory)}") os.makedirs(str(dp_directory)) # Create the relevant database tables print(const.IP) print(HTTPPORT) super().setIP(IP) super().setHTTPPORT(HTTPPORT) super().setPIPE(PIPE) #wsgi.server(eventlet.listen(('', 14533)), app) keyfile=MainConfig.keyDir, self.SSLSocketController = SSLSocketController() self.SSLSocketController.changeIP(IP) self.SSLSocketController.changePort(HTTPPORT) wsgi.server(sock=wrap_ssl(listen( (DataPackageServerConstants().IP, int(HTTPPORT))), keyfile=MainConfig.unencryptedKey, certfile=MainConfig.pemDir, server_side=True, ca_certs=MainConfig.CA), site=app) except Exception as e: logger.error( 'there has been an exception in Data Package service startup ' + str(e)) return -1
def eventlet_run(self, app, host=None, port=None, **kwargs): import eventlet import eventlet.wsgi import eventlet.green addresses = eventlet.green.socket.getaddrinfo(host, port) if not addresses: raise RuntimeError('Could not resolve host to a valid address') eventlet_socket = eventlet.listen(addresses[0][4], addresses[0][0]) # If provided an SSL argument, use an SSL socket ssl_args = ['keyfile', 'certfile', 'server_side', 'cert_reqs', 'ssl_version', 'ca_certs', 'do_handshake_on_connect', 'suppress_ragged_eofs', 'ciphers'] ssl_params = {k: kwargs[k] for k in kwargs if k in ssl_args} if len(ssl_params) > 0: for k in ssl_params: kwargs.pop(k) ssl_params['server_side'] = True # Listening requires true eventlet_socket = eventlet.wrap_ssl(eventlet_socket, **ssl_params) eventlet.wsgi.server(eventlet_socket, app, **kwargs)
def start(self, key=None, backlog=128): """Run a WSGI server with the given application.""" if self.socket is None: self.listen(key=key, backlog=backlog) dup_socket = self.socket.dup() if key: self.socket_info[key] = self.socket.getsockname() # SSL is enabled if self.do_ssl: if self.cert_required: cert_reqs = ssl.CERT_REQUIRED else: cert_reqs = ssl.CERT_NONE dup_socket = eventlet.wrap_ssl(dup_socket, certfile=self.certfile, keyfile=self.keyfile, server_side=True, cert_reqs=cert_reqs, ca_certs=self.ca_certs) # Optionally enable keepalive on the wsgi socket. if self.keepalive: dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) if self.keepidle is not None: if hasattr(socket, 'TCP_KEEPIDLE'): dup_socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, self.keepidle) else: LOG.warning("System does not support TCP_KEEPIDLE but " "tcp_keepidle has been set. Ignoring.") self.greenthread = self.pool.spawn(self._run, self.application, dup_socket)
def _setup_ssl(self): LOG.info("%(name)s setup ssl" % self.__dict__) try: ca_file = CONF.ssl_ca_file cert_file = CONF.ssl_cert_file key_file = CONF.ssl_key_file if cert_file and not os.path.exists(cert_file): raise RuntimeError("Unable to find cert_file : %s" % cert_file) if ca_file and not os.path.exists(ca_file): raise RuntimeError("Unable to find ca_file : %s" % ca_file) if key_file and not os.path.exists(key_file): raise RuntimeError("Unable to find key_file : %s" % key_file) if self._use_ssl and (not cert_file or not key_file): raise RuntimeError("When running server in SSL mode, " "you must specify both a cert_file and key_" "file option value in your configuration " "file") ssl_kwargs = { 'server_side': True, 'certfile': cert_file, 'keyfile': key_file, 'cert_reqs': ssl.CERT_NONE, } if CONF.ssl_ca_file: ssl_kwargs['ca_certs'] = ca_file ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED self._socket = eventlet.wrap_ssl(self._socket, **ssl_kwargs) except socket.error: LOG.error("Failed to start %(name)s on %(host)s :%(port)s with SSL" " support" % self.__dict__)
def run_server(): import eventlet import eventlet.wsgi import eventlet.green addresses = eventlet.green.socket.getaddrinfo(host, port) if not addresses: raise RuntimeError( "Could not resolve host to a valid address") eventlet_socket = eventlet.listen(addresses[0][4], addresses[0][0]) # If provided an SSL argument, use an SSL socket ssl_args = [ "keyfile", "certfile", "server_side", "cert_reqs", "ssl_version", "ca_certs", "do_handshake_on_connect", "suppress_ragged_eofs", "ciphers", ] ssl_params = {k: kwargs[k] for k in kwargs if k in ssl_args} if len(ssl_params) > 0: for k in ssl_params: kwargs.pop(k) ssl_params["server_side"] = True # Listening requires true eventlet_socket = eventlet.wrap_ssl( eventlet_socket, **ssl_params) eventlet.wsgi.server(eventlet_socket, app, log_output=log_output, **kwargs)
def handle(self, listener, client, addr): if self.cfg.is_ssl: client = eventlet.wrap_ssl(client, server_side=True, **self.cfg.ssl_options) super(EventletWorker, self).handle(listener, client, addr)
def start(self): """Start serving a WSGI application. :returns: None """ # The server socket object will be closed after server exits, # but the underlying file descriptor will remain open, and will # give bad file descriptor error. So duplicating the socket object, # to keep file descriptor usable. dup_socket = self._socket.dup() dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) # sockets can hang around forever without keepalive dup_socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) # This option isn't available in the OS X version of eventlet if hasattr(socket, 'TCP_KEEPIDLE'): dup_socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, CONF.tcp_keepidle) if self._use_ssl: try: ca_file = CONF.ssl_ca_file cert_file = CONF.ssl_cert_file key_file = CONF.ssl_key_file if cert_file and not os.path.exists(cert_file): raise RuntimeError( _("Unable to find cert_file : %s") % cert_file) if ca_file and not os.path.exists(ca_file): raise RuntimeError( _("Unable to find ca_file : %s") % ca_file) if key_file and not os.path.exists(key_file): raise RuntimeError( _("Unable to find key_file : %s") % key_file) if self._use_ssl and (not cert_file or not key_file): raise RuntimeError( _("When running server in SSL mode, you must " "specify both a cert_file and key_file " "option value in your configuration file")) ssl_kwargs = { 'server_side': True, 'certfile': cert_file, 'keyfile': key_file, 'cert_reqs': ssl.CERT_NONE, } if CONF.ssl_ca_file: ssl_kwargs['ca_certs'] = ca_file ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED dup_socket = eventlet.wrap_ssl(dup_socket, **ssl_kwargs) except Exception: with excutils.save_and_reraise_exception(): LOG.error( _LE("Failed to start %(name)s on %(host)s" ":%(port)s with SSL support"), { 'name': self.name, 'host': self.host, 'port': self.port }) wsgi_kwargs = { 'func': eventlet.wsgi.server, 'sock': dup_socket, 'site': self.app, 'protocol': self._protocol, 'custom_pool': self._pool, 'log': self._wsgi_logger, 'log_format': CONF.wsgi_log_format, 'debug': False, 'keepalive': CONF.wsgi_keep_alive, 'socket_timeout': self.client_socket_timeout } if self._max_url_len: wsgi_kwargs['url_length_limit'] = self._max_url_len self._server = eventlet.spawn(**wsgi_kwargs)
def start(self): """Start serving a WSGI application. :returns: None """ if self._use_ssl: try: ca_file = CONF.ssl_ca_file cert_file = CONF.ssl_cert_file key_file = CONF.ssl_key_file if cert_file and not os.path.exists(cert_file): raise RuntimeError( _("Unable to find cert_file : %s") % cert_file) if ca_file and not os.path.exists(ca_file): raise RuntimeError( _("Unable to find ca_file : %s") % ca_file) if key_file and not os.path.exists(key_file): raise RuntimeError( _("Unable to find key_file : %s") % key_file) if self._use_ssl and (not cert_file or not key_file): raise RuntimeError( _("When running server in SSL mode, you must " "specify both a cert_file and key_file " "option value in your configuration file")) ssl_kwargs = { 'server_side': True, 'certfile': cert_file, 'keyfile': key_file, 'cert_reqs': ssl.CERT_NONE, } if CONF.ssl_ca_file: ssl_kwargs['ca_certs'] = ca_file ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED self._socket = eventlet.wrap_ssl(self._socket, **ssl_kwargs) self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) # sockets can hang around forever without keepalive self._socket.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) # This option isn't available in the OS X version of eventlet if hasattr(socket, 'TCP_KEEPIDLE'): self._socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, CONF.tcp_keepidle) except Exception: with excutils.save_and_reraise_exception(): LOG.error( _("Failed to start %(name)s on %(host)s" ":%(port)s with SSL support") % self.__dict__) wsgi_kwargs = { 'func': eventlet.wsgi.server, 'sock': self._socket, 'site': self.app, 'protocol': self._protocol, 'custom_pool': self._pool, 'log': self._wsgi_logger, 'log_format': CONF.wsgi_log_format } if self._max_url_len: wsgi_kwargs['url_length_limit'] = self._max_url_len self._server = eventlet.spawn(**wsgi_kwargs)
print("Impresion de ticket") ticket_data = request.get_json() print("1..") print(ticket_data) def_page = { "ancho_ticket": 46, "ancho_precio": 5, "ancho_total": 6, "ancho_cantidad": 4, "lineas_x_descripcion": 3, "decimales": 1, "decimalesCantidad": 2 } global printer if printer == None: printer = Usb(0x04b8, 0x0e15) ticket = Ticket(printer, def_page) ticket.print_ticket(ticket_data) return {"code": 200, "message": "success"} if __name__ == '__main__': eventlet.wsgi.server( eventlet.wrap_ssl(eventlet.listen(('192.168.100.9', 5000)), certfile='server_cert.pem', keyfile='server_key.pem', server_side=True), app) # socketio.run(app,ssl_context='adhoc', host='192.168.100.9',port='5000',debug=True) # socketio.run(app,port='5000')
frame = cv2.cvtColor(np.array(pimg), cv2.COLOR_RGB2BGR) frame = predictXception(frame) if frame is None: emit("result_predict", None) return imgencode = cv2.imencode(".jpg", frame)[1] # base64 encode stringData = base64.b64encode(imgencode).decode("utf-8") b64_src = "data:image/jpg;base64," stringData = b64_src + stringData a = stringData emit("result_predict_for_take", a) if __name__ == '__main__': print("app is running") # socketio.run(app, host='0.0.0.0', port=3000) # socketio.run(app, host="0.0.0.0", debug=True, keyfile="key.pem", certfile="cert.pem") # create certificate # openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem eventlet.wsgi.server( eventlet.wrap_ssl(eventlet.listen(("0.0.0.0", 3000)), certfile='key_and_lock/cert.pem', keyfile='key_and_lock/key.pem', server_side=True), app)
def run_daemon(environment, config_file, secrets_file, policies_file, debug): """Run the Kraken server daemon.""" app.debug = debug or environment in ["dev", "vagrant"] app.config["SECRET_KEY"] = random_string() # Open and load configuraton config = arkos.init(config_file, secrets_file, policies_file, app.debug, environment in ["dev", "vagrant"], app.logger) storage.connect() if environment not in ["dev", "vagrant"]: filehdlr = RotatingFileHandler( '/var/log/kraken.log', maxBytes=2097152, backupCount=5 ) st = "{asctime} [{cls}] [{levelname}] {comp}: {message}" filehdlr.setLevel(logging.DEBUG if app.debug else logging.INFO) filehdlr.setFormatter(FileFormatter(st)) logger.logger.addHandler(filehdlr) apihdlr = APIHandler() apihdlr.setLevel(logging.DEBUG if app.debug else logging.INFO) apihdlr.addFilter(NotificationFilter()) logger.logger.addHandler(apihdlr) logger.info("Init", "arkOS Kraken {0}".format(arkos.version)) if environment in ["dev", "vagrant"]: logger.debug("Init", "*** TEST MODE ***") logger.info("Init", "Using config file at {0}".format(config.filename)) app.conf = config arch = config.get("enviro", "arch", "Unknown") board = config.get("enviro", "board", "Unknown") platform = detect_platform() hwstr = "Detected architecture/hardware: {0}, {1}" logger.info("Init", hwstr.format(arch, board)) logger.info("Init", "Detected platform: {0}".format(platform)) logger.info("Init", "Environment: {0}".format(environment)) config.set("enviro", "run", environment) for code in list(default_exceptions.keys()): app.register_error_handler(code, make_json_error) app.register_blueprint(auth.backend) logger.info("Init", "Loading applications and scanning system...") arkos.initial_scans() # Load framework blueprints logger.info("Init", "Loading frameworks...") register_frameworks(app) logger.info("Init", "Initializing Genesis (if present)...") app.register_blueprint(genesis.backend) hasgen = genesis.verify_genesis() if not hasgen: errmsg = ("A compiled distribution of Genesis was not found. " "Kraken will finish loading but you may not be able to " "access the Web interface.") logger.warning("Init", errmsg) app.after_request(add_cors_to_response) logger.info("Init", "Server is up and ready") try: import eventlet pubsub = storage.redis.pubsub(ignore_subscribe_messages=True) pubsub.subscribe(["arkos:notifications", "arkos:records:push", "arkos:records:purge"]) eventlet.spawn(handle_pubsub, pubsub, socketio) eventlet_socket = eventlet.listen( (config.get("genesis", "host"), config.get("genesis", "port")) ) if config.get("genesis", "ssl", False): eventlet_socket = eventlet.wrap_ssl( eventlet_socket, certfile=config.get("genesis", "cert_file"), keyfile=config.get("genesis", "cert_key"), ssl_version=ssl.PROTOCOL_TLSv1_2, server_side=True) eventlet.wsgi.server( eventlet_socket, app, log=WSGILogWrapper(), log_format=('%(client_ip)s - "%(request_line)s" %(status_code)s ' '%(body_length)s %(wall_seconds).6f')) except KeyboardInterrupt: logger.info("Init", "Received interrupt") raise
context_fetcher = create_wikipedia_context_fetcher( wikipedia_file=args.wikipedia_dump, base_url=args.entity_linking_service_url) except IOError as e: logger.warning( 'could not create a context fetcher. Please provide a context with every request.' % args.spacy_model) context_fetcher = None logger.info('Starting the API') if args.deploy: logger.info('use deployment server') if args.ssl_dir == '': wsgi.server(eventlet.listen(('', args.port)), app) else: cert_fn = os.path.join(args.ssl_dir, 'cert.pem') key_fn = os.path.join(args.ssl_dir, 'key.pem') assert os.path.exists( cert_fn), f'Could not find ssl certificate file: {cert_fn}' assert os.path.exists( key_fn), f'Could not find ssl key file: {key_fn}' # taken from https://eventlet.net/doc/modules/wsgi.html#wsgi-ssl wsgi.server( eventlet.wrap_ssl(eventlet.listen(('', args.port)), certfile=cert_fn, keyfile=key_fn, server_side=True), app) else: app.run(host='0.0.0.0', port=args.port, debug=True)
__test__ = False if __name__ == '__main__': import eventlet eventlet.monkey_patch() try: eventlet.wrap_ssl(eventlet.listen(('localhost', 0)), certfile='does-not-exist', keyfile='does-not-exist', server_side=True) except IOError as ex: assert ex.errno == 2 print('pass')
def main(): parser = optparse.OptionParser() parser.add_option("-r", "--reload", action='store_true', dest='reload', help='If --reload is passed, reload the server any time ' 'a loaded module changes.') parser.add_option('--ssl-certificate', dest='ssl_certificate', type='string', default='', help='Absolute path to SSL certificate file.') parser.add_option('--ssl-private-key', dest='ssl_private_key', type='string', default='', help='Absolute path to SSL private key.') options, args = parser.parse_args() if len(args) != 5: print "Usage: %s controller_pid httpd_fd death_fd factory_qual factory_args" % ( sys.argv[0], ) sys.exit(1) controller_pid, httpd_fd, death_fd, factory_qual, factory_args = args controller_pid = int(controller_pid) config = spawning.util.named(factory_qual)(json.loads(factory_args)) setproctitle("spawn: child (%s)" % ", ".join(config.get("args"))) ## Set up status reporter, if requested init_statusobj(config.get('status_port')) ## Set up the reloader if config.get('reload'): watch = config.get('watch', None) if watch: watching = ' and %s' % watch else: watching = '' print "(%s) reloader watching sys.modules%s" % (os.getpid(), watching) eventlet.spawn(reloader_dev.watch_forever, controller_pid, 1, watch) ## The parent will catch sigint and tell us to shut down signal.signal(signal.SIGINT, signal.SIG_IGN) ## Expect a SIGHUP when we want the child to die signal.signal(signal.SIGHUP, child_sighup) eventlet.spawn(read_pipe_and_die, int(death_fd), eventlet.getcurrent()) ## Make the socket object from the fd given to us by the controller sock = eventlet.greenio.GreenSocket( socket.fromfd(int(httpd_fd), socket.AF_INET, socket.SOCK_STREAM)) if options.ssl_certificate and options.ssl_private_key: # The way spawning works is that there's a parent process which forks off long-lived # children, each of which can be multithreaded. What we're using is a single-threaded, # single-process server that does things asynchronously (using coroutines). Spawning creates # a socket and then calls fork() at least once. In the child process, it exec()'s something # else, so as a result the child loses all context. It puts the file descriptor for the # socket as a command-line argument to the child, which then uses the fromfd function of the # socket module to create a socket object. Unfortunately, the resulting object isn't quite # the same as the socket created by the parent. In particular, when we go to upgrade this # socket to ssl using eventlet's wrap_with_ssl(), it fails because it expects sock.fd to be # of type "socket._socketobject", but it's actually of type "_socket.socket". Patching # up the object in this way solves this problem. sock.fd = socket._socketobject(_sock=sock.fd) sock = eventlet.wrap_ssl(sock, certfile=options.ssl_certificate, keyfile=options.ssl_private_key, server_side=True) serve_from_child(sock, config, controller_pid)
def get_wsgi_srv(self): sock = self.ev_sock if not self.sslargs else wrap_ssl(self.ev_sock, **self.sslargs) addr = self.ev_sock.getsockname() return wsgi.Server(sock, addr, self.get_wsgi_app(), **self.srvargs)
# ControllerApp Site running on https://www.controllerapp.ml # Written by Faruk Hammoud, 2020 # sudo pm2 start controllerSite.py --name flask-app --interpreter=python3 from flask import Flask, request, jsonify, render_template from flask_bootstrap import Bootstrap from flask_socketio import SocketIO, emit import eventlet app = Flask(__name__) app.secret_key = 'super secret key' socketio = SocketIO(app) Bootstrap(app) @app.route('/') def index(): return render_template('index.html') if __name__ == '__main__': eventlet.wsgi.server(eventlet.wrap_ssl(eventlet.listen(("0.0.0.0", 443)), certfile='/etc/letsencrypt/live/www.controllerapp.ml/fullchain.pem', keyfile='/etc/letsencrypt/live/www.controllerapp.ml/privkey.pem', server_side=True), app) #app.run(host='0.0.0.0',port=80,debug=True)
print(username, "joined the chat!!!") users[sid] = username; domain = data['domain_name'] dic[sid] = domain # join_room(domain) # send(username + ' has entered your domain', room=domain) # sio.emit('get users', users, room=domain) roomuser = [] roomsid = [] for key in dic: if dic[key] == domain: roomsid.append(key) roomuser.append(users[key]) for ssid in roomsid: sio.emit('get users', roomuser, room=ssid) # sio.emit('get users', users, room=sid) if __name__ == '__main__': app = socketio.Middleware(sio, app) # deploy as an eventlet WSGI server eventlet.wsgi.server(eventlet.listen(('127.0.0.1', 5353)), app) # Localhost eventlet.wsgi.server(eventlet.wrap_ssl(eventlet.listen(('127.0.0.1', 5353)), certfile='cert.crt',keyfile='private.key',server_side=True), app) # Localhost # eventlet.wsgi.server(eventlet.listen(('0.0.0.0', 5355)), app) # kite Server # eventlet.wsgi.server(eventlet.wrap_ssl(eventlet.listen(('0.0.0.0', 5355)), certfile='cert.crt',keyfile='private.key',server_side=True), app) # Kite Server # sio.run(app, debug=True, host="0.0.0.0", port=5353) # sio.run(app, debug=True, port=5353)
def ssl(): wsgi.server( eventlet.wrap_ssl(eventlet.listen(('', 8443)), certfile='ssl/server.crt', keyfile='ssl/server.key', server_side=True), application)