mirror of
https://github.com/GNS3/gns3-server
synced 2024-12-01 04:38:12 +00:00
Fix SSL support for controller and local compute. Fixes #1826
This commit is contained in:
parent
5dab0c2587
commit
b6a021dabd
@ -81,16 +81,23 @@ class Controller:
|
|||||||
name = "Main server"
|
name = "Main server"
|
||||||
|
|
||||||
computes = self._load_controller_settings()
|
computes = self._load_controller_settings()
|
||||||
|
from gns3server.web.web_server import WebServer
|
||||||
|
ssl_context = WebServer.instance().ssl_context()
|
||||||
|
protocol = server_config.get("protocol", "http")
|
||||||
|
if ssl_context and protocol != "https":
|
||||||
|
log.warning("Protocol changed to 'https' for local compute because SSL is enabled".format(port))
|
||||||
|
protocol = "https"
|
||||||
try:
|
try:
|
||||||
self._local_server = await self.add_compute(compute_id="local",
|
self._local_server = await self.add_compute(compute_id="local",
|
||||||
name=name,
|
name=name,
|
||||||
protocol=server_config.get("protocol", "http"),
|
protocol=protocol,
|
||||||
host=host,
|
host=host,
|
||||||
console_host=console_host,
|
console_host=console_host,
|
||||||
port=port,
|
port=port,
|
||||||
user=server_config.get("user", ""),
|
user=server_config.get("user", ""),
|
||||||
password=server_config.get("password", ""),
|
password=server_config.get("password", ""),
|
||||||
force=True)
|
force=True,
|
||||||
|
ssl_context=ssl_context)
|
||||||
except aiohttp.web.HTTPConflict:
|
except aiohttp.web.HTTPConflict:
|
||||||
log.fatal("Cannot access to the local server, make sure something else is not running on the TCP port {}".format(port))
|
log.fatal("Cannot access to the local server, make sure something else is not running on the TCP port {}".format(port))
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
@ -57,7 +57,8 @@ class Compute:
|
|||||||
A GNS3 compute.
|
A GNS3 compute.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
def __init__(self, compute_id, controller=None, protocol="http", host="localhost", port=3080, user=None, password=None, name=None, console_host=None):
|
def __init__(self, compute_id, controller=None, protocol="http", host="localhost",
|
||||||
|
port=3080, user=None, password=None, name=None, console_host=None, ssl_context=None):
|
||||||
self._http_session = None
|
self._http_session = None
|
||||||
assert controller is not None
|
assert controller is not None
|
||||||
log.info("Create compute %s", compute_id)
|
log.info("Create compute %s", compute_id)
|
||||||
@ -81,6 +82,7 @@ class Compute:
|
|||||||
self._cpu_usage_percent = None
|
self._cpu_usage_percent = None
|
||||||
self._memory_usage_percent = None
|
self._memory_usage_percent = None
|
||||||
self._last_error = None
|
self._last_error = None
|
||||||
|
self._ssl_context = ssl_context
|
||||||
self._capabilities = {
|
self._capabilities = {
|
||||||
"version": None,
|
"version": None,
|
||||||
"node_types": []
|
"node_types": []
|
||||||
@ -92,7 +94,9 @@ class Compute:
|
|||||||
|
|
||||||
def _session(self):
|
def _session(self):
|
||||||
if self._http_session is None or self._http_session.closed is True:
|
if self._http_session is None or self._http_session.closed is True:
|
||||||
self._http_session = aiohttp.ClientSession(connector=aiohttp.TCPConnector(limit=None, force_close=True))
|
self._http_session = aiohttp.ClientSession(connector=aiohttp.TCPConnector(limit=None,
|
||||||
|
force_close=True,
|
||||||
|
ssl_context=self._ssl_context))
|
||||||
return self._http_session
|
return self._http_session
|
||||||
|
|
||||||
#def __del__(self):
|
#def __del__(self):
|
||||||
|
@ -64,6 +64,7 @@ class WebServer:
|
|||||||
self._start_time = time.time()
|
self._start_time = time.time()
|
||||||
self._running = False
|
self._running = False
|
||||||
self._closing = False
|
self._closing = False
|
||||||
|
self._ssl_context = None
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def instance(host=None, port=None):
|
def instance(host=None, port=None):
|
||||||
@ -88,7 +89,6 @@ class WebServer:
|
|||||||
return False
|
return False
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
async def reload_server(self):
|
async def reload_server(self):
|
||||||
"""
|
"""
|
||||||
Reload the server.
|
Reload the server.
|
||||||
@ -96,7 +96,6 @@ class WebServer:
|
|||||||
|
|
||||||
await Controller.instance().reload()
|
await Controller.instance().reload()
|
||||||
|
|
||||||
|
|
||||||
async def shutdown_server(self):
|
async def shutdown_server(self):
|
||||||
"""
|
"""
|
||||||
Cleanly shutdown the server.
|
Cleanly shutdown the server.
|
||||||
@ -147,6 +146,13 @@ class WebServer:
|
|||||||
|
|
||||||
self._loop.stop()
|
self._loop.stop()
|
||||||
|
|
||||||
|
def ssl_context(self):
|
||||||
|
"""
|
||||||
|
Returns the SSL context for the server.
|
||||||
|
"""
|
||||||
|
|
||||||
|
return self._ssl_context
|
||||||
|
|
||||||
def _signal_handling(self):
|
def _signal_handling(self):
|
||||||
|
|
||||||
def signal_handler(signame, *args):
|
def signal_handler(signame, *args):
|
||||||
@ -255,12 +261,12 @@ class WebServer:
|
|||||||
|
|
||||||
server_config = Config.instance().get_section_config("Server")
|
server_config = Config.instance().get_section_config("Server")
|
||||||
|
|
||||||
ssl_context = None
|
self._ssl_context = None
|
||||||
if server_config.getboolean("ssl"):
|
if server_config.getboolean("ssl"):
|
||||||
if sys.platform.startswith("win"):
|
if sys.platform.startswith("win"):
|
||||||
log.critical("SSL mode is not supported on Windows")
|
log.critical("SSL mode is not supported on Windows")
|
||||||
raise SystemExit
|
raise SystemExit
|
||||||
ssl_context = self._create_ssl_context(server_config)
|
self._ssl_context = self._create_ssl_context(server_config)
|
||||||
|
|
||||||
self._loop = asyncio.get_event_loop()
|
self._loop = asyncio.get_event_loop()
|
||||||
|
|
||||||
@ -307,7 +313,7 @@ class WebServer:
|
|||||||
log.info("Starting server on {}:{}".format(self._host, self._port))
|
log.info("Starting server on {}:{}".format(self._host, self._port))
|
||||||
|
|
||||||
self._handler = self._app.make_handler()
|
self._handler = self._app.make_handler()
|
||||||
if self._run_application(self._handler, ssl_context) is False:
|
if self._run_application(self._handler, self._ssl_context) is False:
|
||||||
self._loop.stop()
|
self._loop.stop()
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user