[CalendarServer-changes] [1246] CalendarServer/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Thu Feb 22 20:12:50 PST 2007
Revision: 1246
http://trac.macosforge.org/projects/calendarserver/changeset/1246
Author: wsanchez at apple.com
Date: 2007-02-22 20:12:49 -0800 (Thu, 22 Feb 2007)
Log Message:
-----------
Get rid of SSLEnable and SSLOnly.
Leave HTTPPort or SSLPort unset in order to disable the corresponding protocol.
Modified Paths:
--------------
CalendarServer/trunk/conf/caldavd-test-logged.plist
CalendarServer/trunk/conf/caldavd-test.plist
CalendarServer/trunk/conf/caldavd.plist
CalendarServer/trunk/twistedcaldav/cluster.py
CalendarServer/trunk/twistedcaldav/config.py
CalendarServer/trunk/twistedcaldav/directory/principal.py
CalendarServer/trunk/twistedcaldav/tap.py
Modified: CalendarServer/trunk/conf/caldavd-test-logged.plist
===================================================================
--- CalendarServer/trunk/conf/caldavd-test-logged.plist 2007-02-23 03:24:26 UTC (rev 1245)
+++ CalendarServer/trunk/conf/caldavd-test-logged.plist 2007-02-23 04:12:49 UTC (rev 1246)
@@ -43,12 +43,6 @@
<key>SSLPort</key>
<integer>8443</integer>
- <key>SSLEnable</key>
- <true/>
-
- <key>SSLOnly</key>
- <false/>
-
<key>SSLPrivateKey</key>
<string>conf/server.pem</string>
Modified: CalendarServer/trunk/conf/caldavd-test.plist
===================================================================
--- CalendarServer/trunk/conf/caldavd-test.plist 2007-02-23 03:24:26 UTC (rev 1245)
+++ CalendarServer/trunk/conf/caldavd-test.plist 2007-02-23 04:12:49 UTC (rev 1246)
@@ -43,12 +43,6 @@
<key>SSLPort</key>
<integer>8443</integer>
- <key>SSLEnable</key>
- <true/>
-
- <key>SSLOnly</key>
- <false/>
-
<key>Username</key>
<string></string>
Modified: CalendarServer/trunk/conf/caldavd.plist
===================================================================
--- CalendarServer/trunk/conf/caldavd.plist 2007-02-23 03:24:26 UTC (rev 1245)
+++ CalendarServer/trunk/conf/caldavd.plist 2007-02-23 04:12:49 UTC (rev 1246)
@@ -48,12 +48,6 @@
<key>SSLPort</key>
<integer>8443</integer>
- <key>SSLEnable</key>
- <true/>
-
- <key>SSLOnly</key>
- <false/>
-
<key>SSLPrivateKey</key>
<string>/etc/certificates/Default.key</string>
Modified: CalendarServer/trunk/twistedcaldav/cluster.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/cluster.py 2007-02-23 03:24:26 UTC (rev 1245)
+++ CalendarServer/trunk/twistedcaldav/cluster.py 2007-02-23 04:12:49 UTC (rev 1246)
@@ -121,10 +121,10 @@
process.getCommandLine(),
env=parentEnv)
- if not config.SSLOnly:
+ if config.HTTPPort:
hosts.append(process.getHostLine())
- if config.SSLEnable:
+ if config.SSLPort:
sslHosts.append(process.getHostLine(ssl=True))
if (config.MultiProcess['LoadBalancer']['Enabled'] and
@@ -135,7 +135,7 @@
config.BindAddresses = ['']
for bindAddress in config.BindAddresses:
- if not config.SSLOnly:
+ if config.HTTPPort:
services.append(serviceTemplate % {
'name': 'http',
'bindAddress': bindAddress,
@@ -145,7 +145,7 @@
'hosts': '\n'.join(hosts)
})
- if config.SSLEnable:
+ if config.SSLPort:
services.append(serviceTemplate % {
'name': 'https',
'bindAddress': bindAddress,
Modified: CalendarServer/trunk/twistedcaldav/config.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/config.py 2007-02-23 03:24:26 UTC (rev 1245)
+++ CalendarServer/trunk/twistedcaldav/config.py 2007-02-23 04:12:49 UTC (rev 1246)
@@ -32,8 +32,8 @@
# load balancer or proxy which forwards connections to the server.
#
"ServerHostName": "localhost", # Network host name.
- "HTTPPort": 8008, # HTTP port
- "SSLPort": 8443, # SSL port
+ "HTTPPort": None, # HTTP port (None to disable HTTP)
+ "SSLPort" : None, # SSL port (None to disable HTTPS)
#
# Network address configuration information
@@ -48,8 +48,8 @@
# Data store
#
"DocumentRoot": "/Library/CalendarServer/Documents",
- "UserQuota": 104857600, # User quota (in bytes)
- "MaximumAttachmentSize": 1048576, # Attachment size limit (in bytes)
+ "UserQuota" : 104857600, # User quota (in bytes)
+ "MaximumAttachmentSize": 1048576, # Attachment size limit (in bytes)
#
# Directory service
@@ -85,16 +85,14 @@
# Logging
#
"Verbose": False,
- "AccessLogFile": "/var/log/caldavd/access.log", # Apache-style access log
- "ErrorLogFile": "/var/log/caldavd/error.log", # Server activity log
+ "AccessLogFile" : "/var/log/caldavd/access.log", # Apache-style access log
+ "ErrorLogFile" : "/var/log/caldavd/error.log", # Server activity log
"ServerStatsFile": "/Library/CalendarServer/Documents/stats.plist",
- "PIDFile": "/var/run/caldavd.pid",
+ "PIDFile" : "/var/run/caldavd.pid",
#
# SSL
#
- "SSLOnly": True, # Disables HTTP
- "SSLEnable": True, # Enables SSL
"SSLCertificate": "/etc/certificates/Default.crt", # Public key
"SSLPrivateKey": "/etc/certificates/Default.key", # Private key
Modified: CalendarServer/trunk/twistedcaldav/directory/principal.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/principal.py 2007-02-23 03:24:26 UTC (rev 1245)
+++ CalendarServer/trunk/twistedcaldav/directory/principal.py 2007-02-23 04:12:49 UTC (rev 1246)
@@ -444,9 +444,9 @@
# the directory record provides.
addresses = set(self.record.calendarUserAddresses)
addresses.add(self.principalURL())
- if not config.SSLOnly:
+ if config.HTTPPort:
addresses.add("http://%s:%s%s" % (config.ServerHostName, config.HTTPPort, self.principalURL(),))
- if config.SSLEnable:
+ if config.SSLPort:
addresses.add("https://%s:%s%s" % (config.ServerHostName, config.SSLPort, self.principalURL(),))
addresses.add("urn:uuid:%s" % (self.principalUID(),))
Modified: CalendarServer/trunk/twistedcaldav/tap.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/tap.py 2007-02-23 03:24:26 UTC (rev 1245)
+++ CalendarServer/trunk/twistedcaldav/tap.py 2007-02-23 04:12:49 UTC (rev 1246)
@@ -162,7 +162,7 @@
gname=config.Groupname)
# Verify that ssl certs exist if needed
- if config.SSLEnable:
+ if config.SSLPort:
self.checkFile(
config.SSLPrivateKey,
"SSL Private key",
@@ -430,31 +430,37 @@
config.BindAddresses = [""]
for bindAddress in config.BindAddresses:
- if not config.SSLOnly:
- if not config.BindHTTPPorts:
+ if config.BindHTTPPorts:
+ if not config.HTTPPort:
+ raise UsageError("HTTPPort required if BindHTTPPorts is not empty")
+ elif config.HTTPPort:
config.BindHTTPPorts = [config.HTTPPort]
- for port in config.BindHTTPPorts:
- log.msg("Adding server at %s:%s" % (bindAddress, port))
-
- httpService = internet.TCPServer(int(port), channel, interface=bindAddress)
- httpService.setServiceParent(service)
+ if config.BindSSLPorts:
+ if not config.SSLPort:
+ raise UsageError("SSLPort required if BindSSLPorts is not empty")
+ elif config.SSLPort:
+ config.BindSSLPorts = [config.SSLPort]
- if config.SSLEnable:
+ if config.BindSSLPorts:
from twisted.internet.ssl import DefaultOpenSSLContextFactory
- if not config.BindSSLPorts:
- config.BindSSLPorts = [config.SSLPort]
- for port in config.BindSSLPorts:
- log.msg("Adding SSL server at %s:%s" % (bindAddress, port))
+ for port in config.BindHTTPPorts:
+ log.msg("Adding server at %s:%s" % (bindAddress, port))
- httpsService = internet.SSLServer(
- int(port), channel,
- DefaultOpenSSLContextFactory(config.SSLPrivateKey, config.SSLCertificate),
- interface=bindAddress
- )
- httpsService.setServiceParent(service)
+ httpService = internet.TCPServer(int(port), channel, interface=bindAddress)
+ httpService.setServiceParent(service)
+
+ for port in config.BindSSLPorts:
+ log.msg("Adding SSL server at %s:%s" % (bindAddress, port))
+ httpsService = internet.SSLServer(
+ int(port), channel,
+ DefaultOpenSSLContextFactory(config.SSLPrivateKey, config.SSLCertificate),
+ interface=bindAddress
+ )
+ httpsService.setServiceParent(service)
+
return service
makeService_slave = makeService_singleprocess
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20070222/0eeec992/attachment.html
More information about the calendarserver-changes
mailing list