Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable TLS #82

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

Enable TLS #82

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 44 additions & 3 deletions src/vlei/server.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@

import falcon
from hio.base import doing
from hio.core import http
from hio.core import http, tcp

from vlei.app import serving

Expand All @@ -28,11 +28,52 @@
action='store', dest="oobiDir",
required=True,
help="Directory of OOBIs to serve")
parser.add_argument("--keypath", action="store", required=False, default=None,
help="TLS server private key file")
parser.add_argument("--certpath", action="store", required=False, default=None,
help="TLS server signed certificate (public key) file")
parser.add_argument("--cafilepath", action="store", required=False, default=None,
help="TLS server CA certificate chain")


def createHttpServer(port, app, keypath=None, certpath=None, cafilepath=None):
"""
Create an HTTP or HTTPS server depending on whether TLS key material is present

Parameters:
port (int) : port to listen on for all HTTP(s) server instances
app (falcon.App) : application instance to pass to the http.Server instance
keypath (string) : the file path to the TLS private key
certpath (string) : the file path to the TLS signed certificate (public key)
cafilepath (string): the file path to the TLS CA certificate chain file
Returns:
hio.core.http.Server
"""
if keypath is not None and certpath is not None and cafilepath is not None:
servant = tcp.ServerTls(certify=False,
keypath=keypath,
certpath=certpath,
cafilepath=cafilepath,
port=port)
server = http.Server(port=port, app=app, servant=servant)
else:
server = http.Server(port=port, app=app)
return server


def launch(args):
app = falcon.App()
server = http.Server(port=int(args.http), app=app)
port = int(args.http)
keypath = args.keypath
certpath = args.certpath
cafilepath = args.cafilepath
if keypath is not None and certpath is not None and cafilepath is not None:
print(f"Starting on port {port} with TLS enabled")
else:
print(f"Starting on port {port} with TLS disabled")
server = createHttpServer(port=int(args.http), app=app,
keypath=args.keypath, certpath=args.certpath,
cafilepath=args.cafilepath)
if not server.reopen():
raise RuntimeError(f"cannot create http server on port {int(args.http)}")
httpServerDoer = http.ServerDoer(server=server)
Expand All @@ -52,4 +93,4 @@ def main():


if __name__ == "__main__":
main()
main()