Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
webssh
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
郑天保
webssh
Commits
827a0d8a
Commit
827a0d8a
authored
Oct 14, 2018
by
Sheng
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Support https server
parent
deef92fe
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
127 additions
and
5 deletions
+127
-5
cert.crt
tests/data/cert.crt
+21
-0
cert.key
tests/data/cert.key
+28
-0
test_settings.py
tests/test_settings.py
+43
-1
main.py
webssh/main.py
+12
-4
settings.py
webssh/settings.py
+23
-0
No files found.
tests/data/cert.crt
0 → 100644
View file @
827a0d8a
-----BEGIN CERTIFICATE-----
MIIDYDCCAkigAwIBAgIJAPPORA/o2Zd4MA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQwHhcNMTgxMDE0MDgwNTQzWhcNMjExMDEzMDgwNTQzWjBF
MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvSFaffq6ExFCPN4cApRopGEqVIipAYb6Ky3VHVu4pW0tOdrdKafGGYkN
GWQdsLV0AAzzxmCAPpXmmAx0m0mgtPaJp3iW8NUibkISxdEO/QJOA7y8O9iWhDdb
l9ghjwPI5AwURQkDkXbcBBBzQksYDaYseL2NGDGXkKCUQQoLzV0H+SV3vCPrbOXH
t50HKgKzEOGoT8LcI7BRCTXk1xTlK0b/4ylKUwKIsfNPH0a9RkukBjMFkpXG/2CV
VWb89+TkMzQwhcpIVn6rUCJQW5pHVRYLACP32Zki7xPUJb9OfF7XDK54v6Cwo3Fi
aZWxN6rYhnn8wRTufY3PYzv5f3XiZwIDAQABo1MwUTAdBgNVHQ4EFgQUq0kfpU/m
WQwNk3ymwm7fuVwYhJ0wHwYDVR0jBBgwFoAUq0kfpU/mWQwNk3ymwm7fuVwYhJ0w
DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAf2xudhAeOTUpNpw+
XZWLBXBKZXINd7PrUDgEG4bB0/0kYZN+T7bMJEtmv6+9t57y6jSni9sQzpbvT2tJ
TrbZgwhDvyTm3mw5n5RpAB9ZK+lnMcasa5N4qSd6wmpXjkC+kcEs7oQ8PwgIf3xT
/aGdoswNTWCz0W8vs8yRynLB4MKx1d20IMlDkfGu5n7wXhNK0ymcT8pa6iqEYl6X
bhPVTlELl8bM/OKktFc42VXoRghLRnfl8yM/9t7HVHKfHXZrLpIdtEOvnKwtzX5r
fBMs4IPa0OIPHGCcbLGT4rIbSvSaI8yOPA93G1XXbMF1VKdKyzdGjMS6aFKfbrhV
lnaUOA==
-----END CERTIFICATE-----
tests/data/cert.key
0 → 100644
View file @
827a0d8a
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC9IVp9+roTEUI8
3hwClGikYSpUiKkBhvorLdUdW7ilbS052t0pp8YZiQ0ZZB2wtXQADPPGYIA+leaY
DHSbSaC09omneJbw1SJuQhLF0Q79Ak4DvLw72JaEN1uX2CGPA8jkDBRFCQORdtwE
EHNCSxgNpix4vY0YMZeQoJRBCgvNXQf5JXe8I+ts5ce3nQcqArMQ4ahPwtwjsFEJ
NeTXFOUrRv/jKUpTAoix808fRr1GS6QGMwWSlcb/YJVVZvz35OQzNDCFykhWfqtQ
IlBbmkdVFgsAI/fZmSLvE9Qlv058XtcMrni/oLCjcWJplbE3qtiGefzBFO59jc9j
O/l/deJnAgMBAAECggEAZSwcblvbgiuvVUQzk6W0PIrFzCa20dxUoxiHcocIRWYb
1WEhAhF/xVUtLrIBt++5N/W1yh8BO3mQuzGehxth3qwrguzdQcOiAX1S8YMeE3ZS
KWmjABiim+PJGXdCrHCH3IYhqbRitkPw+jOalJH7MgH8tDIh8hlFTNa5t/kZyybW
uGFbqF6OFmyHSDIPvjPALzSlmd5po+EywnA5oa3sObj4n5xuaFB2l/IaF3ix38vT
geo517L15cCuAa7x42i1cAGn5H/hdeO/Dw+MGk+0sXRRPooCMBzKztxpsB+7kNhk
jbsVHmTkE5UG/T7Uc0PsthZNjFwouPOrQQVUFYTnwQKBgQDwBvpmc9vX4gnADa7p
L2lgMVo6KccPFeFr4DIAYmwS0Vl0sB2j6nPVEBg3PatGLKGNMCIlcj+A3z6KQ+4o
n7pnekRwX+2+m3OPX4Rbw8c/+E0CiRPtmYp9BISKNgPoSRGsI6s/L3wzagsDsQ3v
xhKCohvfyY8JwUEPX6Hosmu/UQKBgQDJt0/ihWn0g/2uOKnXlXthxvkXFoR45sO7
lY/yoyJB+Z4yGAjJlbyra+5xnReqYyBnf34/2AoddjT45dPCaFucMInQFINdMGF1
NeVNzC6xa/7jjbgwf4kGqHsLC85Mrq3wyK5hwhMmfEPmRs6w+CRzM/Q78Bsr5P/T
zEa13jFINwKBgQC50L0ieUjVDKD9s9oXnWOXWz19T4BRtl+nco1i7M67lqQJCJo5
njQD2ozUnwIrtjtuoLeeg56Ttr+krEf/3P+iQe4fjLPxXkiM0qYVoC9s311GvDXY
N4gVllzA3mYR+hcbSxW0OZ+N8ecK+ZNPbug/hx3LFi+MnrYuH5upGA7/sQKBgCRk
nlUQHP2wkqRMNNhgb9JEQ8yWk2/8snO1mDL+m7+reY8wJuW3zkJfRrXY0dw75izG
I9EA+VI3cXc2f+4jReP4HeUczlaR1AOBpc1TeVkpUuNbPlABsocw/oIPrzjGiztV
+aBJk4ruAJIbVE85ddoTFY161Gwm9MERqfBGFj4hAoGAN/ry0KC9/QkLkuPjs3uL
AU3xjBJt1SMB7KZq1yt8mBo8M4q/E3ulynBK7G3f+hS2aj7OAhU4IcPRPGqjsLO1
dZTIOMeVyOAr0TAaioCCIyvf8hEjA7cXddnWBJYi3WiUpOc6J0uINoSlrAX2UXtw
/Aq5PmJKn4D4a75f+ue2Sw8=
-----END PRIVATE KEY-----
tests/test_settings.py
View file @
827a0d8a
import
io
import
ssl
import
sys
import
os.path
import
unittest
...
...
@@ -8,7 +9,8 @@ import tornado.options as options
from
tests.utils
import
make_tests_data_path
from
webssh.policy
import
load_host_keys
from
webssh.settings
import
(
get_host_keys_settings
,
get_policy_setting
,
base_dir
,
print_version
get_host_keys_settings
,
get_policy_setting
,
base_dir
,
print_version
,
get_ssl_context
)
from
webssh.utils
import
UnicodeType
from
webssh._version
import
__version__
...
...
@@ -78,3 +80,43 @@ class TestSettings(unittest.TestCase):
)
else
:
self
.
assertIsInstance
(
instance
,
paramiko
.
client
.
RejectPolicy
)
def
test_get_ssl_context
(
self
):
options
.
certfile
=
''
options
.
keyfile
=
''
ssl_ctx
=
get_ssl_context
(
options
)
self
.
assertIsNone
(
ssl_ctx
)
options
.
certfile
=
'provided'
options
.
keyfile
=
''
with
self
.
assertRaises
(
ValueError
)
as
ctx
:
ssl_ctx
=
get_ssl_context
(
options
)
self
.
assertEqual
(
'keyfile is not provided'
,
str
(
ctx
.
exception
))
options
.
certfile
=
''
options
.
keyfile
=
'provided'
with
self
.
assertRaises
(
ValueError
)
as
ctx
:
ssl_ctx
=
get_ssl_context
(
options
)
self
.
assertEqual
(
'certfile is not provided'
,
str
(
ctx
.
exception
))
options
.
certfile
=
'FileDoesNotExist'
options
.
keyfile
=
make_tests_data_path
(
'cert.key'
)
with
self
.
assertRaises
(
ValueError
)
as
ctx
:
ssl_ctx
=
get_ssl_context
(
options
)
self
.
assertIn
(
'does not exist'
,
str
(
ctx
.
exception
))
options
.
certfile
=
make_tests_data_path
(
'cert.key'
)
options
.
keyfile
=
'FileDoesNotExist'
with
self
.
assertRaises
(
ValueError
)
as
ctx
:
ssl_ctx
=
get_ssl_context
(
options
)
self
.
assertIn
(
'does not exist'
,
str
(
ctx
.
exception
))
options
.
certfile
=
make_tests_data_path
(
'cert.key'
)
options
.
keyfile
=
make_tests_data_path
(
'cert.key'
)
with
self
.
assertRaises
(
ssl
.
SSLError
)
as
ctx
:
ssl_ctx
=
get_ssl_context
(
options
)
options
.
certfile
=
make_tests_data_path
(
'cert.crt'
)
options
.
keyfile
=
make_tests_data_path
(
'cert.key'
)
ssl_ctx
=
get_ssl_context
(
options
)
self
.
assertIsNotNone
(
ssl_ctx
)
webssh/main.py
View file @
827a0d8a
...
...
@@ -4,8 +4,10 @@ import tornado.ioloop
from
tornado.options
import
options
from
webssh.handler
import
IndexHandler
,
WsockHandler
from
webssh.settings
import
(
get_app_settings
,
get_host_keys_settings
,
get_policy_setting
,
max_body_size
)
from
webssh.settings
import
(
get_app_settings
,
get_host_keys_settings
,
get_policy_setting
,
get_ssl_context
,
max_body_size
,
xheaders
)
def
make_handlers
(
loop
,
options
):
...
...
@@ -28,9 +30,15 @@ def main():
options
.
parse_command_line
()
loop
=
tornado
.
ioloop
.
IOLoop
.
current
()
app
=
make_app
(
make_handlers
(
loop
,
options
),
get_app_settings
(
options
))
server_settings
=
dict
(
xheaders
=
True
,
max_body_size
=
max_body_size
)
app
.
listen
(
options
.
port
,
options
.
address
,
**
server_settings
)
ssl_ctx
=
get_ssl_context
(
options
)
kwargs
=
dict
(
xheaders
=
xheaders
,
max_body_size
=
max_body_size
)
app
.
listen
(
options
.
port
,
options
.
address
,
**
kwargs
)
logging
.
info
(
'Listening on {}:{}'
.
format
(
options
.
address
,
options
.
port
))
if
ssl_ctx
:
kwargs
.
update
(
ssl_options
=
ssl_ctx
)
app
.
listen
(
options
.
sslPort
,
options
.
sslAddress
,
**
kwargs
)
logging
.
info
(
'Listening on ssl {}:{}'
.
format
(
options
.
sslAddress
,
options
.
sslPort
))
loop
.
start
()
...
...
webssh/settings.py
View file @
827a0d8a
import
logging
import
os.path
import
ssl
import
sys
from
tornado.options
import
define
...
...
@@ -17,6 +18,10 @@ def print_version(flag):
define
(
'address'
,
default
=
'127.0.0.1'
,
help
=
'Listen address'
)
define
(
'port'
,
type
=
int
,
default
=
8888
,
help
=
'Listen port'
)
define
(
'sslAddress'
,
default
=
'0.0.0.0'
,
help
=
'SSL listen address'
)
define
(
'sslPort'
,
type
=
int
,
default
=
4433
,
help
=
'SSL listen port'
)
define
(
'certfile'
,
default
=
''
,
help
=
'SSL certificate file'
)
define
(
'keyfile'
,
default
=
''
,
help
=
'SSL key file'
)
define
(
'debug'
,
type
=
bool
,
default
=
False
,
help
=
'Debug mode'
)
define
(
'policy'
,
default
=
'warning'
,
help
=
'Missing host key policy, reject|autoadd|warning'
)
...
...
@@ -30,6 +35,7 @@ define('version', type=bool, help='Show version information',
base_dir
=
os
.
path
.
dirname
(
os
.
path
.
dirname
(
os
.
path
.
abspath
(
__file__
)))
max_body_size
=
1
*
1024
*
1024
swallow_http_errors
=
True
xheaders
=
True
def
get_app_settings
(
options
):
...
...
@@ -69,3 +75,20 @@ def get_policy_setting(options, host_keys_settings):
logging
.
info
(
policy_class
.
__name__
)
check_policy_setting
(
policy_class
,
host_keys_settings
)
return
policy_class
()
def
get_ssl_context
(
options
):
if
not
options
.
certfile
and
not
options
.
keyfile
:
return
None
elif
not
options
.
certfile
:
raise
ValueError
(
'certfile is not provided'
)
elif
not
options
.
keyfile
:
raise
ValueError
(
'keyfile is not provided'
)
elif
not
os
.
path
.
isfile
(
options
.
certfile
):
raise
ValueError
(
'File {!r} does not exist'
.
format
(
options
.
certfile
))
elif
not
os
.
path
.
isfile
(
options
.
keyfile
):
raise
ValueError
(
'File {!r} does not exist'
.
format
(
options
.
keyfile
))
else
:
ssl_ctx
=
ssl
.
create_default_context
(
ssl
.
Purpose
.
CLIENT_AUTH
)
ssl_ctx
.
load_cert_chain
(
options
.
certfile
,
options
.
keyfile
)
return
ssl_ctx
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment