def main(basefp): default_port = 443 port = None ssl_enabled = True redirect_port = 80 for arg in sys.argv: if arg.startswith('--port='): port = int(arg[len('--port='):]) elif arg.startswith('--redirectport='): redirect_port = int(arg[len('--redirectport='):]) elif arg == '--dev': ssl_enabled = False redirect_port = None default_port = 8000 elif arg == '--nossl': ssl_enabled = False redirect_port = None default_port = 80 elif arg == '--noredirect': redirect_port = None if port is None: port = default_port config = Config() logging.basicConfig( stream=sys.stdout, level=logging.DEBUG, format= '%(asctime)s %(levelname) 7s [%(module) 8s L%(lineno)d] %(message)s', datefmt='%Y-%m-%dT%H:%M:%S%z', ) site = make_site(basefp, config) logging.info('Listening on port %d...' % (port, )) if ssl_enabled: logging.info('SSL/TLS is enabled (start with --nossl to disable).') KEYFILE = '../secret_config/rapidssl/server.key' CERTFILE = '../secret_config/rapidssl/server.crt' assert os.path.exists( KEYFILE), "Private key file %s not found" % (KEYFILE, ) assert os.path.exists( CERTFILE), "Certificate file %s not found" % (CERTFILE, ) # http://twistedmatrix.com/documents/current/core/howto/ssl.html sslfactory = ssl.DefaultOpenSSLContextFactory(KEYFILE, CERTFILE) reactor.listenSSL(port, site, sslfactory) if redirect_port is not None: logging.info('http->https redirector listening on port %d...' % (redirect_port, )) reactor.listenTCP(redirect_port, make_redirector_site(port)) else: logging.info('SSL/TLS is disabled.') reactor.listenTCP(port, site)
def main(basefp): print sys.argv default_port = 443 port = None ssl_enabled = True redirect_port = 80 for arg in sys.argv: if arg.startswith('--port='): port = int(arg[len('--port='):]) elif arg.startswith('--redirectport='): redirect_port = int(arg[len('--redirectport='):]) elif arg == '--dev': ssl_enabled = False redirect_port = None default_port = 8000 elif arg == '--nossl': ssl_enabled = False redirect_port = None default_port = 80 elif arg == '--noredirect': redirect_port = None if port is None: port = default_port config = Config() logging.basicConfig( stream = sys.stdout, level = logging.DEBUG, format = '%(asctime)s %(levelname) 7s [%(name)-65s L%(lineno)d] %(message)s', datefmt = '%Y-%m-%dT%H:%M:%S%z', ) root_log = logging.getLogger(__name__) site = make_site(basefp, config) root_log.info('Listening on port %d...' % (port,)) if ssl_enabled: root_log.info('SSL/TLS is enabled (start with --nossl to disable).') KEYFILE = '../secret_config/rapidssl/server.key' CERTFILE = '../secret_config/rapidssl/server.crt' assert os.path.exists(KEYFILE), "Private key file %s not found" % (KEYFILE,) assert os.path.exists(CERTFILE), "Certificate file %s not found" % (CERTFILE,) # http://twistedmatrix.com/documents/current/core/howto/ssl.html sslfactory = ssl.DefaultOpenSSLContextFactory(KEYFILE, CERTFILE) reactor.listenSSL(port, site, sslfactory) if redirect_port is not None: root_log.info('http->https redirector listening on port %d...' % (redirect_port,)) reactor.listenTCP(redirect_port, make_redirector_site(port)) else: root_log.info('SSL/TLS is disabled.') reactor.listenTCP(port, site)
def start_site(reactor, site, secure_ports, insecure_ports, redirect_to_port): parent = MultiService() for secure in secure_ports: StreamServerEndpointService(secure, site).setServiceParent(parent) if insecure_ports: redirector = make_redirector_site(redirect_to_port) for insecure in insecure_ports: StreamServerEndpointService(insecure, redirector).setServiceParent(parent) parent.privilegedStartService() parent.startService()
def main(basefp): print sys.argv default_port = 443 port = None ssl_enabled = True redirect_port = 80 for arg in sys.argv: if arg.startswith('--port='): port = int(arg[len('--port='):]) elif arg.startswith('--redirectport='): redirect_port = int(arg[len('--redirectport='):]) elif arg == '--dev': ssl_enabled = False redirect_port = None default_port = 8000 elif arg == '--nossl': ssl_enabled = False redirect_port = None default_port = 80 elif arg == '--noredirect': redirect_port = None if port is None: port = default_port config = Config() logging.basicConfig( stream = sys.stdout, level = logging.DEBUG, format = '%(asctime)s %(levelname) 7s [%(name)-65s L%(lineno)d] %(message)s', datefmt = '%Y-%m-%dT%H:%M:%S%z', ) root_log = logging.getLogger(__name__) site = make_site(basefp, config) root_log.info('Listening on port %d...' % (port,)) if ssl_enabled: root_log.info('SSL/TLS is enabled (start with --nossl to disable).') KEYFILE = '../secret_config/rapidssl/server.key' CERTFILE = '../secret_config/rapidssl/server.crt' assert os.path.exists(KEYFILE), "Private key file %s not found" % (KEYFILE,) assert os.path.exists(CERTFILE), "Certificate file %s not found" % (CERTFILE,) from twisted.internet import ssl import pem with open(KEYFILE) as keyFile: key = keyFile.read() certs = pem.parse_file(CERTFILE) cert = ssl.PrivateCertificate.loadPEM(str(key) + str(certs[0])) extraCertChain = [ssl.Certificate.loadPEM(str(certData)).original for certData in certs[1 :]] cert_options = ssl.CertificateOptions( privateKey=cert.privateKey.original, certificate=cert.original, extraCertChain=extraCertChain, ) reactor.listenSSL(port, site, cert_options) if redirect_port is not None: root_log.info('http->https redirector listening on port %d...' % (redirect_port,)) reactor.listenTCP(redirect_port, make_redirector_site(port)) else: root_log.info('SSL/TLS is disabled.') reactor.listenTCP(port, site)