mirror of
https://github.com/GNS3/gns3-server
synced 2024-11-24 17:28:08 +00:00
SSL support.
This commit is contained in:
parent
a5d89b428a
commit
841b013223
@ -82,17 +82,30 @@ class Controller:
|
||||
name = "Main server"
|
||||
|
||||
computes = self._load_controller_settings()
|
||||
|
||||
ssl_context = None
|
||||
if server_config.getboolean("ssl"):
|
||||
if sys.platform.startswith("win"):
|
||||
log.critical("SSL mode is not supported on Windows")
|
||||
raise SystemExit
|
||||
ssl_context = self._create_ssl_context(server_config)
|
||||
|
||||
protocol = server_config.get("protocol", "http")
|
||||
if ssl_context and protocol != "https":
|
||||
log.warning("Protocol changed to 'https' for local compute because SSL is enabled".format(port))
|
||||
protocol = "https"
|
||||
try:
|
||||
self._local_server = await self.add_compute(compute_id="local",
|
||||
name=name,
|
||||
protocol=server_config.get("protocol", "http"),
|
||||
protocol=protocol,
|
||||
host=host,
|
||||
console_host=console_host,
|
||||
port=port,
|
||||
user=server_config.get("user", ""),
|
||||
password=server_config.get("password", ""),
|
||||
force=True,
|
||||
connect=True)
|
||||
connect=True,
|
||||
ssl_context=ssl_context)
|
||||
except ControllerError:
|
||||
log.fatal("Cannot access to the local server, make sure something else is not running on the TCP port {}".format(port))
|
||||
sys.exit(1)
|
||||
@ -110,6 +123,22 @@ class Controller:
|
||||
await self.load_projects()
|
||||
await self._project_auto_open()
|
||||
|
||||
def _create_ssl_context(self, server_config):
|
||||
|
||||
import ssl
|
||||
ssl_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
||||
certfile = server_config["certfile"]
|
||||
certkey = server_config["certkey"]
|
||||
try:
|
||||
ssl_context.load_cert_chain(certfile, certkey)
|
||||
except FileNotFoundError:
|
||||
log.critical("Could not find the SSL certfile or certkey")
|
||||
raise SystemExit
|
||||
except ssl.SSLError as e:
|
||||
log.critical("SSL error: {}".format(e))
|
||||
raise SystemExit
|
||||
return ssl_context
|
||||
|
||||
def _update_config(self):
|
||||
"""
|
||||
Call this when the server configuration file changes.
|
||||
|
@ -316,7 +316,22 @@ def run():
|
||||
if log.getEffectiveLevel() == logging.DEBUG:
|
||||
access_log = True
|
||||
|
||||
config = uvicorn.Config("gns3server.app:app", host=host, port=port, access_log=access_log)
|
||||
certfile = None
|
||||
certkey = None
|
||||
if server_config.getboolean("ssl"):
|
||||
if sys.platform.startswith("win"):
|
||||
log.critical("SSL mode is not supported on Windows")
|
||||
raise SystemExit
|
||||
certfile = server_config["certfile"]
|
||||
certkey = server_config["certkey"]
|
||||
log.info("SSL is enabled")
|
||||
|
||||
config = uvicorn.Config("gns3server.app:app",
|
||||
host=host,
|
||||
port=port,
|
||||
access_log=access_log,
|
||||
ssl_certfile=certfile,
|
||||
ssl_keyfile=certkey)
|
||||
|
||||
# overwrite uvicorn loggers with our own logger
|
||||
for uvicorn_logger_name in ("uvicorn", "uvicorn.error"):
|
||||
|
@ -44,4 +44,4 @@ def get_next_application_id(projects, computes):
|
||||
application_id = (pool - used).pop()
|
||||
return application_id
|
||||
except KeyError:
|
||||
raise ComputeError(text="Cannot create a new IOU node (limit of 512 nodes across all opened projects using the same computes)")
|
||||
raise ComputeError("Cannot create a new IOU node (limit of 512 nodes across all opened projects using the same computes)")
|
||||
|
Loading…
Reference in New Issue
Block a user