From 082206a7db19c4f670e5154407faae2a18db6265 Mon Sep 17 00:00:00 2001 From: grossmj Date: Wed, 7 Apr 2021 12:40:15 +0930 Subject: [PATCH] Fix packet capture with HTTPS remote server. Fixes #1882 --- gns3server/controller/__init__.py | 14 +++++++++++--- gns3server/controller/topology.py | 4 ++-- gns3server/handlers/api/controller/link_handler.py | 3 ++- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/gns3server/controller/__init__.py b/gns3server/controller/__init__.py index 1bca4141..e000ea06 100644 --- a/gns3server/controller/__init__.py +++ b/gns3server/controller/__init__.py @@ -53,6 +53,7 @@ class Controller: self._notification = Notification(self) self.gns3vm = GNS3VM(self) self.symbols = Symbols() + self._ssl_context = None self._appliance_manager = ApplianceManager() self._template_manager = TemplateManager() self._iou_license_settings = {"iourc_content": "", @@ -82,9 +83,9 @@ class Controller: computes = self._load_controller_settings() from gns3server.web.web_server import WebServer - ssl_context = WebServer.instance(host=host, port=port).ssl_context() + self._ssl_context = WebServer.instance(host=host, port=port).ssl_context() protocol = server_config.get("protocol", "http") - if ssl_context and protocol != "https": + if self._ssl_context and protocol != "https": log.warning("Protocol changed to 'https' for local compute because SSL is enabled".format(port)) protocol = "https" try: @@ -97,7 +98,7 @@ class Controller: user=server_config.get("user", ""), password=server_config.get("password", ""), force=True, - ssl_context=ssl_context) + ssl_context=self._ssl_context) except aiohttp.web.HTTPConflict: log.fatal("Cannot access to the local server, make sure something else is not running on the TCP port {}".format(port)) sys.exit(1) @@ -115,6 +116,13 @@ class Controller: await self.load_projects() await self._project_auto_open() + def ssl_context(self): + """ + Returns the SSL context for the server. + """ + + return self._ssl_context + def _update_config(self): """ Call this when the server configuration file changes. diff --git a/gns3server/controller/topology.py b/gns3server/controller/topology.py index dd57d3f7..f93e78f2 100644 --- a/gns3server/controller/topology.py +++ b/gns3server/controller/topology.py @@ -63,13 +63,13 @@ def _check_topology_schema(topo): error = "Invalid data in topology file: {} in schema: {}".format( e.message, json.dumps(e.schema)) - log.critical(error) + log.debug(error) raise aiohttp.web.HTTPConflict(text=error) def project_to_topology(project): """ - :return: A dictionnary with the topology ready to dump to a .gns3 + :return: A dictionary with the topology ready to dump to a .gns3 """ data = { "project_id": project.id, diff --git a/gns3server/handlers/api/controller/link_handler.py b/gns3server/handlers/api/controller/link_handler.py index 7854583a..05bf7a4a 100644 --- a/gns3server/handlers/api/controller/link_handler.py +++ b/gns3server/handlers/api/controller/link_handler.py @@ -215,6 +215,7 @@ class LinkHandler: async def pcap(request, response): project = await Controller.instance().get_loaded_project(request.match_info["project_id"]) + ssl_context = Controller.instance().ssl_context() link = project.get_link(request.match_info["link_id"]) if not link.capturing: raise aiohttp.web.HTTPConflict(text="This link has no active packet capture") @@ -226,7 +227,7 @@ class LinkHandler: headers['Router-Host'] = request.host body = await request.read() - connector = aiohttp.TCPConnector(limit=None, force_close=True) + connector = aiohttp.TCPConnector(limit=None, force_close=True, ssl_context=ssl_context) async with aiohttp.ClientSession(connector=connector, headers=headers) as session: async with session.request(request.method, pcap_streaming_url, timeout=None, data=body) as response: proxied_response = aiohttp.web.Response(headers=response.headers, status=response.status)