SimpleSallap:SimpleProxy:DataClass Config simpleproxy updated
This commit is contained in:
hanishkvc
parent
277225dddd
commit
d470d7e47d
|
|
@ -316,6 +316,7 @@ Chat Session specific settings
|
||||||
* add ssl ie https support and restrict it to latest supported ssl/tls version
|
* add ssl ie https support and restrict it to latest supported ssl/tls version
|
||||||
* enable multi threaded ssl and client request handling, so that rogue clients cant mount simple DoS
|
* enable multi threaded ssl and client request handling, so that rogue clients cant mount simple DoS
|
||||||
by opening connection and then missing in action.
|
by opening connection and then missing in action.
|
||||||
|
* switch to a Dicty DataClass based Config with better type validation and usage, instead of literal dict++
|
||||||
|
|
||||||
|
|
||||||
## ToDo
|
## ToDo
|
||||||
|
|
|
||||||
|
|
@ -61,6 +61,9 @@ class Network(DictyDataclassMixin):
|
||||||
port: int = 3128
|
port: int = 3128
|
||||||
addr: str = ''
|
addr: str = ''
|
||||||
|
|
||||||
|
def server_address(self):
|
||||||
|
return (self.addr, self.port)
|
||||||
|
|
||||||
|
|
||||||
@dataclass
|
@dataclass
|
||||||
class Op(DictyDataclassMixin):
|
class Op(DictyDataclassMixin):
|
||||||
|
|
|
||||||
|
|
@ -95,7 +95,7 @@ class ProxyHandler(http.server.BaseHTTPRequestHandler):
|
||||||
return { 'AllOk': False, 'Msg': "Invalid auth line" }
|
return { 'AllOk': False, 'Msg': "Invalid auth line" }
|
||||||
if authlineA[0] != 'Bearer':
|
if authlineA[0] != 'Bearer':
|
||||||
return { 'AllOk': False, 'Msg': "Invalid auth type" }
|
return { 'AllOk': False, 'Msg': "Invalid auth type" }
|
||||||
if authlineA[1] != gMe['--bearer.transformed']:
|
if authlineA[1] != gMe.op.bearerTransformed:
|
||||||
return { 'AllOk': False, 'Msg': "Invalid auth" }
|
return { 'AllOk': False, 'Msg': "Invalid auth" }
|
||||||
return { 'AllOk': True, 'Msg': "Auth Ok" }
|
return { 'AllOk': True, 'Msg': "Auth Ok" }
|
||||||
|
|
||||||
|
|
@ -159,8 +159,8 @@ class ProxyHandler(http.server.BaseHTTPRequestHandler):
|
||||||
"""
|
"""
|
||||||
print(f"\n\n\nDBUG:ProxyHandler:Handle:RequestFrom:{self.client_address}")
|
print(f"\n\n\nDBUG:ProxyHandler:Handle:RequestFrom:{self.client_address}")
|
||||||
try:
|
try:
|
||||||
if (gMe['sslContext']):
|
if (gMe.op.sslContext):
|
||||||
self.request = gMe['sslContext'].wrap_socket(self.request, server_side=True)
|
self.request = gMe.op.sslContext.wrap_socket(self.request, server_side=True)
|
||||||
self.rfile = self.request.makefile('rb', self.rbufsize)
|
self.rfile = self.request.makefile('rb', self.rbufsize)
|
||||||
self.wfile = self.request.makefile('wb', self.wbufsize)
|
self.wfile = self.request.makefile('wb', self.wbufsize)
|
||||||
except:
|
except:
|
||||||
|
|
@ -203,17 +203,16 @@ def setup_server():
|
||||||
Helps setup a http/https server
|
Helps setup a http/https server
|
||||||
"""
|
"""
|
||||||
try:
|
try:
|
||||||
gMe['serverAddr'] = ('', gMe['--port'])
|
gMe.op.server = http.server.ThreadingHTTPServer(gMe.nw.server_address(), ProxyHandler)
|
||||||
gMe['server'] = http.server.ThreadingHTTPServer(gMe['serverAddr'], ProxyHandler)
|
if gMe.sec.get('keyFile') and gMe.sec.get('certFile'):
|
||||||
if gMe.get('--sec.keyfile') and gMe.get('--sec.certfile'):
|
|
||||||
sslCtxt = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
|
sslCtxt = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
|
||||||
sslCtxt.load_cert_chain(certfile=gMe['--sec.certfile'], keyfile=gMe['--sec.keyfile'])
|
sslCtxt.load_cert_chain(certfile=gMe.sec.certFile, keyfile=gMe.sec.keyFile)
|
||||||
sslCtxt.minimum_version = ssl.TLSVersion.MAXIMUM_SUPPORTED
|
sslCtxt.minimum_version = ssl.TLSVersion.MAXIMUM_SUPPORTED
|
||||||
sslCtxt.maximum_version = ssl.TLSVersion.MAXIMUM_SUPPORTED
|
sslCtxt.maximum_version = ssl.TLSVersion.MAXIMUM_SUPPORTED
|
||||||
gMe['sslContext'] = sslCtxt
|
gMe.op.sslContext = sslCtxt
|
||||||
print(f"INFO:SetupServer:Starting on {gMe['serverAddr']}:Https mode")
|
print(f"INFO:SetupServer:Starting on {gMe.nw.server_address()}:Https mode")
|
||||||
else:
|
else:
|
||||||
print(f"INFO:SetupServer:Starting on {gMe['serverAddr']}:Http mode")
|
print(f"INFO:SetupServer:Starting on {gMe.nw.server_address()}:Http mode")
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
print(f"ERRR:SetupServer:{traceback.format_exc()}")
|
print(f"ERRR:SetupServer:{traceback.format_exc()}")
|
||||||
raise RuntimeError(f"SetupServer:{exc}") from exc
|
raise RuntimeError(f"SetupServer:{exc}") from exc
|
||||||
|
|
@ -222,16 +221,18 @@ def setup_server():
|
||||||
def run():
|
def run():
|
||||||
try:
|
try:
|
||||||
setup_server()
|
setup_server()
|
||||||
gMe['server'].serve_forever()
|
if not gMe.op.server:
|
||||||
|
raise RuntimeError("Server missing!!!")
|
||||||
|
gMe.op.server.serve_forever()
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
print("INFO:Run:Shuting down...")
|
print("INFO:Run:Shuting down...")
|
||||||
if (gMe['server']):
|
if gMe.op.server:
|
||||||
gMe['server'].server_close()
|
gMe.op.server.server_close()
|
||||||
sys.exit(0)
|
sys.exit(0)
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
print(f"ERRR:Run:Exiting:Exception:{exc}")
|
print(f"ERRR:Run:Exiting:Exception:{exc}")
|
||||||
if (gMe['server']):
|
if gMe.op.server:
|
||||||
gMe['server'].server_close()
|
gMe.op.server.server_close()
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue