mirror of
https://git.deluge-torrent.org/deluge
synced 2025-08-07 17:08:42 +00:00
Move generate_ssl_keys() out of RPCServer
This commit is contained in:
parent
ac9be780cf
commit
706c52dd1b
1 changed files with 33 additions and 32 deletions
|
@ -334,11 +334,12 @@ class RPCServer(component.Component):
|
||||||
if not os.path.exists(ssl_dir):
|
if not os.path.exists(ssl_dir):
|
||||||
# The ssl folder doesn't exist so we need to create it
|
# The ssl folder doesn't exist so we need to create it
|
||||||
os.makedirs(ssl_dir)
|
os.makedirs(ssl_dir)
|
||||||
self.__generate_ssl_keys()
|
generate_ssl_keys()
|
||||||
else:
|
else:
|
||||||
for f in ("daemon.pkey", "daemon.cert"):
|
for f in ("daemon.pkey", "daemon.cert"):
|
||||||
if not os.path.exists(os.path.join(ssl_dir, f)):
|
if not os.path.exists(os.path.join(ssl_dir, f)):
|
||||||
self.__generate_ssl_keys()
|
generate_ssl_keys()
|
||||||
|
break
|
||||||
|
|
||||||
try:
|
try:
|
||||||
reactor.listenSSL(port, self.factory, ServerContextFactory(), interface=hostname)
|
reactor.listenSSL(port, self.factory, ServerContextFactory(), interface=hostname)
|
||||||
|
@ -402,36 +403,36 @@ class RPCServer(component.Component):
|
||||||
(RPC_EVENT, event.name, event.args)
|
(RPC_EVENT, event.name, event.args)
|
||||||
)
|
)
|
||||||
|
|
||||||
def __generate_ssl_keys(self):
|
def generate_ssl_keys():
|
||||||
"""
|
"""
|
||||||
This method generates a new SSL key/cert.
|
This method generates a new SSL key/cert.
|
||||||
"""
|
"""
|
||||||
digest = "md5"
|
digest = "md5"
|
||||||
# Generate key pair
|
# Generate key pair
|
||||||
pkey = crypto.PKey()
|
pkey = crypto.PKey()
|
||||||
pkey.generate_key(crypto.TYPE_RSA, 1024)
|
pkey.generate_key(crypto.TYPE_RSA, 1024)
|
||||||
|
|
||||||
# Generate cert request
|
# Generate cert request
|
||||||
req = crypto.X509Req()
|
req = crypto.X509Req()
|
||||||
subj = req.get_subject()
|
subj = req.get_subject()
|
||||||
setattr(subj, "CN", "Deluge Daemon")
|
setattr(subj, "CN", "Deluge Daemon")
|
||||||
req.set_pubkey(pkey)
|
req.set_pubkey(pkey)
|
||||||
req.sign(pkey, digest)
|
req.sign(pkey, digest)
|
||||||
|
|
||||||
# Generate certificate
|
# Generate certificate
|
||||||
cert = crypto.X509()
|
cert = crypto.X509()
|
||||||
cert.set_serial_number(0)
|
cert.set_serial_number(0)
|
||||||
cert.gmtime_adj_notBefore(0)
|
cert.gmtime_adj_notBefore(0)
|
||||||
cert.gmtime_adj_notAfter(60*60*24*365*5) # Five Years
|
cert.gmtime_adj_notAfter(60*60*24*365*5) # Five Years
|
||||||
cert.set_issuer(req.get_subject())
|
cert.set_issuer(req.get_subject())
|
||||||
cert.set_subject(req.get_subject())
|
cert.set_subject(req.get_subject())
|
||||||
cert.set_pubkey(req.get_pubkey())
|
cert.set_pubkey(req.get_pubkey())
|
||||||
cert.sign(pkey, digest)
|
cert.sign(pkey, digest)
|
||||||
|
|
||||||
# Write out files
|
# Write out files
|
||||||
ssl_dir = deluge.configmanager.get_config_dir("ssl")
|
ssl_dir = deluge.configmanager.get_config_dir("ssl")
|
||||||
open(os.path.join(ssl_dir, "daemon.pkey"), "w").write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
|
open(os.path.join(ssl_dir, "daemon.pkey"), "w").write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
|
||||||
open(os.path.join(ssl_dir, "daemon.cert"), "w").write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
|
open(os.path.join(ssl_dir, "daemon.cert"), "w").write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
|
||||||
# Make the files only readable by this user
|
# Make the files only readable by this user
|
||||||
for f in ("daemon.pkey", "daemon.cert"):
|
for f in ("daemon.pkey", "daemon.cert"):
|
||||||
os.chmod(os.path.join(ssl_dir, f), stat.S_IREAD | stat.S_IWRITE)
|
os.chmod(os.path.join(ssl_dir, f), stat.S_IREAD | stat.S_IWRITE)
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue