Move generate_ssl_keys() out of RPCServer

This commit is contained in:
Andrew Resch 2009-08-03 21:34:07 +00:00
commit 706c52dd1b

View file

@ -334,11 +334,12 @@ class RPCServer(component.Component):
if not os.path.exists(ssl_dir): if not os.path.exists(ssl_dir):
# The ssl folder doesn't exist so we need to create it # The ssl folder doesn't exist so we need to create it
os.makedirs(ssl_dir) os.makedirs(ssl_dir)
self.__generate_ssl_keys() generate_ssl_keys()
else: else:
for f in ("daemon.pkey", "daemon.cert"): for f in ("daemon.pkey", "daemon.cert"):
if not os.path.exists(os.path.join(ssl_dir, f)): if not os.path.exists(os.path.join(ssl_dir, f)):
self.__generate_ssl_keys() generate_ssl_keys()
break
try: try:
reactor.listenSSL(port, self.factory, ServerContextFactory(), interface=hostname) reactor.listenSSL(port, self.factory, ServerContextFactory(), interface=hostname)
@ -402,36 +403,36 @@ class RPCServer(component.Component):
(RPC_EVENT, event.name, event.args) (RPC_EVENT, event.name, event.args)
) )
def __generate_ssl_keys(self): def generate_ssl_keys():
""" """
This method generates a new SSL key/cert. This method generates a new SSL key/cert.
""" """
digest = "md5" digest = "md5"
# Generate key pair # Generate key pair
pkey = crypto.PKey() pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 1024) pkey.generate_key(crypto.TYPE_RSA, 1024)
# Generate cert request # Generate cert request
req = crypto.X509Req() req = crypto.X509Req()
subj = req.get_subject() subj = req.get_subject()
setattr(subj, "CN", "Deluge Daemon") setattr(subj, "CN", "Deluge Daemon")
req.set_pubkey(pkey) req.set_pubkey(pkey)
req.sign(pkey, digest) req.sign(pkey, digest)
# Generate certificate # Generate certificate
cert = crypto.X509() cert = crypto.X509()
cert.set_serial_number(0) cert.set_serial_number(0)
cert.gmtime_adj_notBefore(0) cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(60*60*24*365*5) # Five Years cert.gmtime_adj_notAfter(60*60*24*365*5) # Five Years
cert.set_issuer(req.get_subject()) cert.set_issuer(req.get_subject())
cert.set_subject(req.get_subject()) cert.set_subject(req.get_subject())
cert.set_pubkey(req.get_pubkey()) cert.set_pubkey(req.get_pubkey())
cert.sign(pkey, digest) cert.sign(pkey, digest)
# Write out files # Write out files
ssl_dir = deluge.configmanager.get_config_dir("ssl") ssl_dir = deluge.configmanager.get_config_dir("ssl")
open(os.path.join(ssl_dir, "daemon.pkey"), "w").write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)) open(os.path.join(ssl_dir, "daemon.pkey"), "w").write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
open(os.path.join(ssl_dir, "daemon.cert"), "w").write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert)) open(os.path.join(ssl_dir, "daemon.cert"), "w").write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
# Make the files only readable by this user # Make the files only readable by this user
for f in ("daemon.pkey", "daemon.cert"): for f in ("daemon.pkey", "daemon.cert"):
os.chmod(os.path.join(ssl_dir, f), stat.S_IREAD | stat.S_IWRITE) os.chmod(os.path.join(ssl_dir, f), stat.S_IREAD | stat.S_IWRITE)