Rezzect/syncplay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

startTLS: support Let's Encrypt certificates

Browse Source
This commit is contained in:
Alberto Sottile 2019-02-04 18:07:18 +01:00
parent 81e0a20047
commit f16ceed539
1 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
syncplay/server.py
View File

@ -5,6 +5,7 @@ import os
import random import random
import time import time
from string import Template from string import Template
from OpenSSL import crypto
from twisted.enterprise import adbapi from twisted.enterprise import adbapi
from twisted.internet import task, reactor, ssl from twisted.internet import task, reactor, ssl
@ -27,7 +28,7 @@ from syncplay.utils import RoomPasswordProvider, NotControlledRoom, RandomString
class SyncFactory(Factory): class SyncFactory(Factory):
def __init__(self, port='', password='', motdFilePath=None, isolateRooms=False, salt=None, def __init__(self, port='', password='', motdFilePath=None, isolateRooms=False, salt=None,
disableReady=False, disableChat=False, maxChatMessageLength=constants.MAX_CHAT_MESSAGE_LENGTH, disableReady=False, disableChat=False, maxChatMessageLength=constants.MAX_CHAT_MESSAGE_LENGTH,
maxUsernameLength=constants.MAX_USERNAME_LENGTH, statsDbFile=None, tlsCert=None): maxUsernameLength=constants.MAX_USERNAME_LENGTH, statsDbFile=None, tlsCertPath=None):
self.isolateRooms = isolateRooms self.isolateRooms = isolateRooms
print(getMessage("welcome-server-notification").format(syncplay.version)) print(getMessage("welcome-server-notification").format(syncplay.version))
self.port = port self.port = port
@ -56,12 +57,18 @@ class SyncFactory(Factory):
else: else:
self._statsDbHandle = None self._statsDbHandle = None
self.options = None self.options = None
if tlsCert is not None: if tlsCertPath is not None:
try: try:
with open(tlsCert) as f: privkey=open(tlsCertPath+'/privkey.pem', 'rt').read()
certData = f.read() certif=open(tlsCertPath+'/cert.pem', 'rt').read()
cert = ssl.PrivateCertificate.loadPEM(certData).options() chain=open(tlsCertPath+'/chain.pem', 'rt').read()
self.options = cert
privkeypyssl=crypto.load_privatekey(crypto.FILETYPE_PEM,privkey)
certifpyssl=crypto.load_certificate(crypto.FILETYPE_PEM,certif)
chainpyssl=[crypto.load_certificate(crypto.FILETYPE_PEM,chain)]
contextFactory=ssl.CertificateOptions(privateKey=privkeypyssl,certificate=certifpyssl,extraCertChain=chainpyssl)
self.options = contextFactory
except Exception as e: except Exception as e:
print(e) print(e)
print("Cannot import certificate. TLS support not enabled.") print("Cannot import certificate. TLS support not enabled.")