[CalendarServer-changes] [6207] CalendarServer/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Mon Aug 30 14:54:44 PDT 2010
Revision: 6207
http://trac.macosforge.org/projects/calendarserver/changeset/6207
Author: sagen at apple.com
Date: 2010-08-30 14:54:42 -0700 (Mon, 30 Aug 2010)
Log Message:
-----------
Adds an "EnableSSL" plist key so that admin tools don't have to fiddle with the port settings.
Modified Paths:
--------------
CalendarServer/trunk/calendarserver/tap/caldav.py
CalendarServer/trunk/calendarserver/tap/test/test_caldav.py
CalendarServer/trunk/conf/caldavd-apple.plist
CalendarServer/trunk/conf/caldavd-test.plist
CalendarServer/trunk/twistedcaldav/directory/opendirectorybacker.py
CalendarServer/trunk/twistedcaldav/stdconfig.py
Modified: CalendarServer/trunk/calendarserver/tap/caldav.py
===================================================================
--- CalendarServer/trunk/calendarserver/tap/caldav.py 2010-08-30 20:53:34 UTC (rev 6206)
+++ CalendarServer/trunk/calendarserver/tap/caldav.py 2010-08-30 21:54:42 UTC (rev 6207)
@@ -545,20 +545,21 @@
if config.InheritFDs or config.InheritSSLFDs:
# Inherit sockets to call accept() on them individually.
- for fd in config.InheritSSLFDs:
- fd = int(fd)
+ if config.EnableSSL:
+ for fd in config.InheritSSLFDs:
+ fd = int(fd)
- try:
- contextFactory = self.createContextFactory()
- except SSLError, e:
- log.error("Unable to set up SSL context factory: %s" % (e,))
- else:
- MaxAcceptSSLServer(
- fd, httpFactory,
- contextFactory,
- backlog=config.ListenBacklog,
- inherit=True
- ).setServiceParent(service)
+ try:
+ contextFactory = self.createContextFactory()
+ except SSLError, e:
+ log.error("Unable to set up SSL context factory: %s" % (e,))
+ else:
+ MaxAcceptSSLServer(
+ fd, httpFactory,
+ contextFactory,
+ backlog=config.ListenBacklog,
+ inherit=True
+ ).setServiceParent(service)
for fd in config.InheritFDs:
fd = int(fd)
@@ -613,24 +614,25 @@
elif config.SSLPort != 0:
config.BindSSLPorts = [config.SSLPort]
- for port in config.BindSSLPorts:
- self.log_info("Adding SSL server at %s:%s"
- % (bindAddress, port))
+ if config.EnableSSL:
+ for port in config.BindSSLPorts:
+ self.log_info("Adding SSL server at %s:%s"
+ % (bindAddress, port))
- try:
- contextFactory = self.createContextFactory()
- except SSLError, e:
- self.log_error("Unable to set up SSL context factory: %s"
- % (e,))
- self.log_error("Disabling SSL port: %s" % (port,))
- else:
- httpsService = MaxAcceptSSLServer(
- int(port), httpFactory,
- contextFactory, interface=bindAddress,
- backlog=config.ListenBacklog,
- inherit=False
- )
- httpsService.setServiceParent(service)
+ try:
+ contextFactory = self.createContextFactory()
+ except SSLError, e:
+ self.log_error("Unable to set up SSL context factory: %s"
+ % (e,))
+ self.log_error("Disabling SSL port: %s" % (port,))
+ else:
+ httpsService = MaxAcceptSSLServer(
+ int(port), httpFactory,
+ contextFactory, interface=bindAddress,
+ backlog=config.ListenBacklog,
+ inherit=False
+ )
+ httpsService.setServiceParent(service)
for port in config.BindHTTPPorts:
@@ -808,8 +810,10 @@
config.BindSSLPorts = [config.SSLPort]
if config.UseMetaFD:
- for ports, description in [(config.BindSSLPorts, "SSL"),
- (config.BindHTTPPorts, "TCP")]:
+ portsList = [(config.BindHTTPPorts, "TCP")]
+ if config.EnableSSL:
+ portsList.append((config.BindSSLPorts, "SSL"))
+ for ports, description in portsList:
for port in ports:
cl.addPortService(description, port, bindAddress, config.ListenBacklog)
else:
@@ -827,9 +831,10 @@
sock = _openSocket(bindAddress, int(portNum))
inheritFDs.append(sock.fileno())
- for portNum in config.BindSSLPorts:
- sock = _openSocket(bindAddress, int(portNum))
- inheritSSLFDs.append(sock.fileno())
+ if config.EnableSSL:
+ for portNum in config.BindSSLPorts:
+ sock = _openSocket(bindAddress, int(portNum))
+ inheritSSLFDs.append(sock.fileno())
for p in xrange(0, config.MultiProcess.ProcessCount):
if config.UseMetaFD:
Modified: CalendarServer/trunk/calendarserver/tap/test/test_caldav.py
===================================================================
--- CalendarServer/trunk/calendarserver/tap/test/test_caldav.py 2010-08-30 20:53:34 UTC (rev 6206)
+++ CalendarServer/trunk/calendarserver/tap/test/test_caldav.py 2010-08-30 21:54:42 UTC (rev 6207)
@@ -290,6 +290,7 @@
self.config.ProcessType = "Slave"
self.config.SSLPrivateKey = pemFile
self.config.SSLCertificate = pemFile
+ self.config.EnableSSL = True
self.config.Memcached.Pools.Default.ClientEnabled = False
self.config.Memcached.Pools.Default.ServerEnabled = False
self.config.DirectoryAddressBook.Enabled = False
Modified: CalendarServer/trunk/conf/caldavd-apple.plist
===================================================================
--- CalendarServer/trunk/conf/caldavd-apple.plist 2010-08-30 20:53:34 UTC (rev 6206)
+++ CalendarServer/trunk/conf/caldavd-apple.plist 2010-08-30 21:54:42 UTC (rev 6207)
@@ -34,9 +34,11 @@
<key>ServerHostName</key>
<string></string> <!-- The hostname clients use when connecting -->
+ <!-- Enable Calendars -->
<key>EnableCalDAV</key>
- <true/>
+ <false/>
+ <!-- Enable AddressBooks -->
<key>EnableCardDAV</key>
<false/>
@@ -44,13 +46,15 @@
<key>HTTPPort</key>
<integer>8008</integer>
- <!-- SSL port [0 = disable HTTPS] -->
+ <!-- SSL port -->
<!-- (Must also configure SSLCertificate and SSLPrivateKey below) -->
- <!--
<key>SSLPort</key>
<integer>8443</integer>
- -->
+ <!-- Enable listening on SSL port(s) -->
+ <key>EnableSSL</key>
+ <false/>
+
<!-- Redirect non-SSL ports to an SSL port (if configured for SSL) -->
<key>RedirectHTTPToHTTPS</key>
<false/>
@@ -70,11 +74,15 @@
<!-- List of port numbers to bind to for HTTP [empty = same as "Port"] -->
<key>BindHTTPPorts</key>
<array>
+ <integer>8008</integer>
+ <integer>8800</integer>
</array>
<!-- List of port numbers to bind to for SSL [empty = same as "SSLPort"] -->
<key>BindSSLPorts</key>
<array>
+ <integer>8443</integer>
+ <integer>8843</integer>
</array>
@@ -208,7 +216,7 @@
<!-- Anonymous read access for root resource -->
<key>EnableAnonymousReadRoot</key>
- <true/>
+ <false/>
<!-- Anonymous read access for resource hierarchy -->
<key>EnableAnonymousReadNav</key>
Modified: CalendarServer/trunk/conf/caldavd-test.plist
===================================================================
--- CalendarServer/trunk/conf/caldavd-test.plist 2010-08-30 20:53:34 UTC (rev 6206)
+++ CalendarServer/trunk/conf/caldavd-test.plist 2010-08-30 21:54:42 UTC (rev 6207)
@@ -34,6 +34,14 @@
<key>ServerHostName</key>
<string></string> <!-- The hostname clients use when connecting -->
+ <!-- Enable Calendars -->
+ <key>EnableCalDAV</key>
+ <true/>
+
+ <!-- Enable AddressBooks -->
+ <key>EnableCardDAV</key>
+ <true/>
+
<!-- HTTP port [0 = disable HTTP] -->
<key>HTTPPort</key>
<integer>8008</integer>
@@ -43,6 +51,10 @@
<key>SSLPort</key>
<integer>8443</integer>
+ <!-- Enable listening on SSL port(s) -->
+ <key>EnableSSL</key>
+ <true/>
+
<!-- Redirect non-SSL ports to an SSL port (if configured for SSL) -->
<key>RedirectHTTPToHTTPS</key>
<false/>
@@ -62,11 +74,15 @@
<!-- List of port numbers to bind to for HTTP [empty = same as "Port"] -->
<key>BindHTTPPorts</key>
<array>
+ <integer>8008</integer>
+ <integer>8800</integer>
</array>
<!-- List of port numbers to bind to for SSL [empty = same as "SSLPort"] -->
<key>BindSSLPorts</key>
<array>
+ <integer>8443</integer>
+ <integer>8843</integer>
</array>
@@ -303,7 +319,7 @@
<!-- Anonymous read access for root resource -->
<key>EnableAnonymousReadRoot</key>
- <true/>
+ <false/>
<!-- Anonymous read access for resource hierarchy -->
<key>EnableAnonymousReadNav</key>
Modified: CalendarServer/trunk/twistedcaldav/directory/opendirectorybacker.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/opendirectorybacker.py 2010-08-30 20:53:34 UTC (rev 6206)
+++ CalendarServer/trunk/twistedcaldav/directory/opendirectorybacker.py 2010-08-30 21:54:42 UTC (rev 6207)
@@ -85,7 +85,7 @@
peopleNode = "/Search/Contacts",
queryUserRecords=True,
userNode = "/Search",
- maxDSQueryRecords = 150, # maximum number of records requested for any ds query
+ maxDSQueryRecords = 0, # maximum number of records requested for any ds query
queryDSLocal = False, #query in DSLocal -- debug
dsLocalCacheTimeout = 30,
Modified: CalendarServer/trunk/twistedcaldav/stdconfig.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/stdconfig.py 2010-08-30 20:53:34 UTC (rev 6206)
+++ CalendarServer/trunk/twistedcaldav/stdconfig.py 2010-08-30 21:54:42 UTC (rev 6207)
@@ -99,7 +99,7 @@
"peopleNode": "/Search/Contacts",
"queryUserRecords": True,
"userNode": "/Search/Contacts",
- "maxDSQueryRecords":150,
+ "maxDSQueryRecords":0,
"queryDSLocal": False,
"ignoreSystemRecords": True,
"dsLocalCacheTimeout":30,
@@ -130,6 +130,7 @@
"ServerHostName": "", # Network host name.
"HTTPPort": 0, # HTTP port (0 to disable HTTP)
"SSLPort" : 0, # SSL port (0 to disable HTTPS)
+ "EnableSSL" : False, # Whether to listen on SSL port(s)
"RedirectHTTPToHTTPS" : False, # If True, all nonSSL requests redirected to an SSL Port
"SSLMethod" : "SSLv3_METHOD", # SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, TLSv1_METHOD
"SSLCiphers" : "ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM",
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20100830/d7dc84cc/attachment-0001.html>
More information about the calendarserver-changes
mailing list