def run(self): """Run the WSGI server in a thread.""" logging.info("Listening on port %d.", self.port) ssl_context = None if config.CONFIG["AdminUI.enable_ssl"]: cert_file = config.CONFIG["AdminUI.ssl_cert_file"] if not cert_file: raise ValueError("Need a valid cert file to enable SSL.") key_file = config.CONFIG["AdminUI.ssl_key_file"] if not key_file: raise ValueError("Need a valid key file to enable SSL.") ssl_context = (cert_file, key_file) # Werkzeug only handles IPv6 if ":" is in the host (i.e. we pass # an IPv6 ip). ip = utils.ResolveHostnameToIP("localhost", self.port) server = serving.make_server(ip, self.port, wsgiapp.AdminUIApp().WSGIHandler(), ssl_context=ssl_context) # We want to notify other threads that we are now ready to serve right # before we enter the serving loop. self.ready_to_serve.set() while self.keep_running: server.handle_request()
def main(_): """Run the main test harness.""" if flags.FLAGS.version: print("GRR Admin UI {}".format(config_server.VERSION["packageversion"])) return config.CONFIG.AddContext( contexts.ADMIN_UI_CONTEXT, "Context applied when running the admin user interface GUI.") server_startup.Init() if not config.CONFIG["AdminUI.headless"] and (not os.path.exists( os.path.join(config.CONFIG["AdminUI.document_root"], "dist/grr-ui.bundle.js")) or not os.path.exists( os.path.join(config.CONFIG["AdminUI.document_root"], "dist/grr-ui.bundle.css"))): raise RuntimeError("Can't find compiled JS/CSS bundles. " "Please reinstall the PIP package using " "\"pip install -e .\" to rebuild the bundles.") # Start up a server in another thread bind_address = config.CONFIG["AdminUI.bind"] ip = ipaddr.IPAddress(bind_address) if ip.version == 4: # Address looks like an IPv4 address. ThreadedServer.address_family = socket.AF_INET max_port = config.CONFIG.Get("AdminUI.port_max", config.CONFIG["AdminUI.port"]) for port in range(config.CONFIG["AdminUI.port"], max_port + 1): # Make a simple reference implementation WSGI server try: server = simple_server.make_server( bind_address, port, wsgiapp.AdminUIApp().WSGIHandler(), server_class=ThreadedServer) break except socket.error as e: if e.errno == socket.errno.EADDRINUSE and port < max_port: logging.info("Port %s in use, trying %s", port, port + 1) else: raise proto = "HTTP" if config.CONFIG["AdminUI.enable_ssl"]: cert_file = config.CONFIG["AdminUI.ssl_cert_file"] if not cert_file: raise ValueError("Need a valid cert file to enable SSL.") key_file = config.CONFIG["AdminUI.ssl_key_file"] server.socket = ssl.wrap_socket( server.socket, certfile=cert_file, keyfile=key_file, server_side=True) proto = "HTTPS" # SSL errors are swallowed by the WSGIServer so if your configuration does # not work, uncomment the line below, point your browser at the gui and look # at the log file to see why SSL complains: # server.socket.accept() sa = server.socket.getsockname() logging.info("Serving %s on %s port %d ...", proto, sa[0], sa[1]) server_startup.DropPrivileges() server.serve_forever()