[CalendarServer-changes] [3505] CalendarServer/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Wed Dec 10 18:42:50 PST 2008
Revision: 3505
http://trac.macosforge.org/projects/calendarserver/changeset/3505
Author: sagen at apple.com
Date: 2008-12-10 18:42:50 -0800 (Wed, 10 Dec 2008)
Log Message:
-----------
Allow non-SSL ports to redirect to SSL ports
Modified Paths:
--------------
CalendarServer/trunk/calendarserver/tap/caldav.py
CalendarServer/trunk/conf/caldavd-test.plist
CalendarServer/trunk/conf/caldavd.plist
CalendarServer/trunk/twistedcaldav/config.py
CalendarServer/trunk/twistedcaldav/httpfactory.py
Modified: CalendarServer/trunk/calendarserver/tap/caldav.py
===================================================================
--- CalendarServer/trunk/calendarserver/tap/caldav.py 2008-12-10 20:55:34 UTC (rev 3504)
+++ CalendarServer/trunk/calendarserver/tap/caldav.py 2008-12-11 02:42:50 UTC (rev 3505)
@@ -46,6 +46,7 @@
from twisted.web2.dav import auth
from twisted.web2.auth.basic import BasicCredentialFactory
from twisted.web2.server import Site
+from twisted.web2.channel import HTTPFactory
from twext.internet.ssl import ChainingOpenSSLContextFactory
@@ -64,7 +65,7 @@
from twistedcaldav.directory.aggregate import AggregateDirectoryService
from twistedcaldav.directory.sudo import SudoDirectoryService
from twistedcaldav.directory.wiki import WikiDirectoryService
-from twistedcaldav.httpfactory import HTTP503LoggingFactory
+from twistedcaldav.httpfactory import HTTP503LoggingFactory, RedirectRequest
from twistedcaldav.static import CalendarHomeProvisioningFile
from twistedcaldav.static import IScheduleInboxFile
from twistedcaldav.static import TimezoneServiceFile
@@ -648,16 +649,7 @@
elif config.SSLPort != 0:
config.BindSSLPorts = [config.SSLPort]
- for port in config.BindHTTPPorts:
- self.log_info("Adding server at %s:%s" % (bindAddress, port))
-
- httpService = TCPServer(
- int(port), channel,
- interface=bindAddress,
- backlog=config.ListenBacklog,
- )
- httpService.setServiceParent(service)
-
+ successfulSSLPorts = []
for port in config.BindSSLPorts:
self.log_info("Adding SSL server at %s:%s"
% (bindAddress, port))
@@ -680,7 +672,28 @@
backlog=config.ListenBacklog,
)
httpsService.setServiceParent(service)
+ successfulSSLPorts.append(int(port))
+ for port in config.BindHTTPPorts:
+
+ if config.RedirectNonSSL and successfulSSLPorts:
+ # Redirect non-SSL ports to the first ssl port
+ RedirectRequest.port = successfulSSLPorts[0]
+ self.log_info("Redirecting %s:%s to %s" %
+ (bindAddress, port, RedirectRequest.port))
+ TCPServer(int(port), HTTPFactory(RedirectRequest),
+ interface=bindAddress, backlog=config.ListenBacklog,
+ ).setServiceParent(service)
+
+ else:
+ # Set up non-SSL port
+ self.log_info("Adding server at %s:%s" %
+ (bindAddress, port))
+ TCPServer(int(port), channel,
+ interface=bindAddress, backlog=config.ListenBacklog,
+ ).setServiceParent(service)
+
+
# Change log level back to what it was before
setLogLevelForNamespace(None, oldLogLevel)
Modified: CalendarServer/trunk/conf/caldavd-test.plist
===================================================================
--- CalendarServer/trunk/conf/caldavd-test.plist 2008-12-10 20:55:34 UTC (rev 3504)
+++ CalendarServer/trunk/conf/caldavd-test.plist 2008-12-11 02:42:50 UTC (rev 3505)
@@ -43,6 +43,9 @@
<key>SSLPort</key>
<integer>8443</integer>
+ <!-- Redirect non-SSL ports to an SSL port -->
+ <key>RedirectNonSSL</key>
+ <false/>
<!--
Network address configuration information
Modified: CalendarServer/trunk/conf/caldavd.plist
===================================================================
--- CalendarServer/trunk/conf/caldavd.plist 2008-12-10 20:55:34 UTC (rev 3504)
+++ CalendarServer/trunk/conf/caldavd.plist 2008-12-11 02:42:50 UTC (rev 3505)
@@ -45,7 +45,11 @@
<integer>8443</integer>
-->
+ <!-- Redirect non-SSL ports to an SSL port (if configured for SSL) -->
+ <key>RedirectNonSSL</key>
+ <false/>
+
<!--
Network address configuration information
Modified: CalendarServer/trunk/twistedcaldav/config.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/config.py 2008-12-10 20:55:34 UTC (rev 3504)
+++ CalendarServer/trunk/twistedcaldav/config.py 2008-12-11 02:42:50 UTC (rev 3505)
@@ -91,6 +91,7 @@
"ServerHostName": "", # Network host name.
"HTTPPort": 0, # HTTP port (0 to disable HTTP)
"SSLPort" : 0, # SSL port (0 to disable HTTPS)
+ "RedirectNonSSL" : False, # If True, all nonSSL requests redirected to an SSL Port
# Note: we'd use None above, but that confuses the command-line parser.
Modified: CalendarServer/trunk/twistedcaldav/httpfactory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/httpfactory.py 2008-12-10 20:55:34 UTC (rev 3504)
+++ CalendarServer/trunk/twistedcaldav/httpfactory.py 2008-12-11 02:42:50 UTC (rev 3505)
@@ -16,7 +16,8 @@
from twisted.internet import protocol
from twisted.python import log
-from twisted.web2.channel.http import HTTPFactory
+from twisted.web2.channel.http import HTTPFactory, HTTPChannel
+from twisted.web2.http import Request, RedirectResponse
from twistedcaldav.config import config
@@ -54,3 +55,17 @@
for arg,value in self.protocolArgs.iteritems():
setattr(p, arg, value)
return p
+
+
+class RedirectRequest(Request):
+ """ Use 301 redirects to send client to SSL port """
+
+ port = 443
+
+ def process(self):
+ if self.port == 443:
+ location = "https://%s%s" % (config.ServerHostName, self.uri)
+ else:
+ location = "https://%s:%d%s" % (config.ServerHostName, self.port,
+ self.uri)
+ self.writeResponse(RedirectResponse(location))
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20081210/e36a2ff7/attachment-0001.html>
More information about the calendarserver-changes
mailing list