mirror of
https://github.com/django/daphne.git
synced 2025-07-11 08:22:17 +03:00
add ssl support (required for any browser use of h2)
This commit is contained in:
parent
48889827ea
commit
6e3c69eaf7
|
@ -74,11 +74,25 @@ class CommandLineInterface(object):
|
||||||
help="enable HTTP/2"
|
help="enable HTTP/2"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
self.parser.add_argument(
|
||||||
|
'--sslcert',
|
||||||
|
action="store",
|
||||||
|
help="path to ssl certificate file"
|
||||||
|
)
|
||||||
|
|
||||||
|
self.parser.add_argument(
|
||||||
|
'--sslkey',
|
||||||
|
action="store",
|
||||||
|
help="path to ssl private key file"
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
self.parser.add_argument(
|
self.parser.add_argument(
|
||||||
'channel_layer',
|
'channel_layer',
|
||||||
help='The ASGI channel layer instance to use as path.to.module:instance.path',
|
help='The ASGI channel layer instance to use as path.to.module:instance.path',
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def entrypoint(cls):
|
def entrypoint(cls):
|
||||||
"""
|
"""
|
||||||
|
@ -137,4 +151,7 @@ class CommandLineInterface(object):
|
||||||
http_timeout=args.http_timeout,
|
http_timeout=args.http_timeout,
|
||||||
ping_interval=args.ping_interval,
|
ping_interval=args.ping_interval,
|
||||||
action_logger=AccessLogGenerator(access_log_stream) if access_log_stream else None,
|
action_logger=AccessLogGenerator(access_log_stream) if access_log_stream else None,
|
||||||
|
ssl_certificate=args.sslcert,
|
||||||
|
ssl_key=args.sslkey
|
||||||
|
|
||||||
).run()
|
).run()
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
import logging
|
import logging
|
||||||
from twisted.internet import reactor
|
from twisted.internet import reactor, ssl, endpoints
|
||||||
|
from OpenSSL import crypto
|
||||||
|
|
||||||
from .http_protocol import HTTPFactory
|
from .http_protocol import HTTPFactory
|
||||||
|
|
||||||
|
@ -20,6 +21,8 @@ class Server(object):
|
||||||
http_timeout=120,
|
http_timeout=120,
|
||||||
websocket_timeout=None,
|
websocket_timeout=None,
|
||||||
ping_interval=20,
|
ping_interval=20,
|
||||||
|
ssl_certificate = None,
|
||||||
|
ssl_key = None
|
||||||
):
|
):
|
||||||
self.channel_layer = channel_layer
|
self.channel_layer = channel_layer
|
||||||
self.host = host
|
self.host = host
|
||||||
|
@ -33,6 +36,8 @@ class Server(object):
|
||||||
# channel layer's group_expiry value if present, or one day if not.
|
# channel layer's group_expiry value if present, or one day if not.
|
||||||
self.websocket_timeout = websocket_timeout or getattr(channel_layer, "group_expiry", 86400)
|
self.websocket_timeout = websocket_timeout or getattr(channel_layer, "group_expiry", 86400)
|
||||||
self.factory_class = factory_class
|
self.factory_class = factory_class
|
||||||
|
self.ssl_certificate = ssl_certificate
|
||||||
|
self.ssl_key = ssl_key
|
||||||
|
|
||||||
def run(self):
|
def run(self):
|
||||||
self.factory = self.factory_class(
|
self.factory = self.factory_class(
|
||||||
|
@ -42,10 +47,26 @@ class Server(object):
|
||||||
websocket_timeout=self.websocket_timeout,
|
websocket_timeout=self.websocket_timeout,
|
||||||
ping_interval=self.ping_interval,
|
ping_interval=self.ping_interval,
|
||||||
)
|
)
|
||||||
if self.unix_socket:
|
|
||||||
reactor.listenUNIX(self.unix_socket, self.factory)
|
if self.ssl_certificate :
|
||||||
else:
|
with open(self.ssl_certificate, 'r') as f:
|
||||||
reactor.listenTCP(self.port, self.factory, interface=self.host)
|
cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
|
||||||
|
with open(self.ssl_key, 'r') as f:
|
||||||
|
key = crypto.load_privatekey(crypto.FILETYPE_PEM, f.read())
|
||||||
|
|
||||||
|
opts = ssl.CertificateOptions(
|
||||||
|
privateKey= key,
|
||||||
|
certificate=cert,
|
||||||
|
acceptableProtocols=[b'h2']
|
||||||
|
)
|
||||||
|
|
||||||
|
endpt = endpoints.SSL4ServerEndpoint(reactor, self.port, opts, backlog=128)
|
||||||
|
endpt.listen(self.factory)
|
||||||
|
else :
|
||||||
|
if self.unix_socket:
|
||||||
|
reactor.listenUNIX(self.unix_socket, self.factory)
|
||||||
|
else:
|
||||||
|
reactor.listenTCP(self.port, self.factory, interface=self.host)
|
||||||
reactor.callLater(0, self.backend_reader)
|
reactor.callLater(0, self.backend_reader)
|
||||||
reactor.callLater(2, self.timeout_checker)
|
reactor.callLater(2, self.timeout_checker)
|
||||||
reactor.run(installSignalHandlers=self.signal_handlers)
|
reactor.run(installSignalHandlers=self.signal_handlers)
|
||||||
|
|
3
setup.py
3
setup.py
|
@ -24,7 +24,8 @@ setup(
|
||||||
'asgiref>=0.10',
|
'asgiref>=0.10',
|
||||||
'twisted>=15.5',
|
'twisted>=15.5',
|
||||||
'autobahn>=0.12',
|
'autobahn>=0.12',
|
||||||
'h2>=2.2'
|
'h2>=2.2',
|
||||||
|
'pyOpenSSL' # optionnal ??
|
||||||
],
|
],
|
||||||
entry_points={'console_scripts': [
|
entry_points={'console_scripts': [
|
||||||
'daphne = daphne.cli:CommandLineInterface.entrypoint',
|
'daphne = daphne.cli:CommandLineInterface.entrypoint',
|
||||||
|
|
Loading…
Reference in New Issue
Block a user