Fix: SSL support

ralphwetzel · Jan 6, 2017 · 773ba39 · 773ba39
1 parent 62201ce
commit 773ba39
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 11 deletions.
diff --git a/theonionbox/theonionbox.py b/theonionbox/theonionbox.py
@@ -1874,15 +1874,16 @@ def shutdown(self):
 # https://fgallaire.github.io/wsgiserver/
 class WSGIserver(ServerAdapter):
 
-    server = None
+    # server = None
 
     def run(self, handler):
         from tob.wsgiserver import WSGIServer
-        self.server = WSGIServer(handler, host=self.host, port=self.port)
+        self.server = WSGIServer(handler, self.host, self.port, **self.options)
         self.server.start()
 
     def shutdown(self):
-        self.server.stop()
+        if self.server is not None:
+            self.server.stop()
 
 
 # This job runs at midnight to add a notification to the log
@@ -2060,19 +2061,19 @@ def exit_procedure(quit=True):
     # good time to launch the housekeeping for the first time!
     session_housekeeping()
 
-    boxLog.notice('Ready to listen on http://{}:{}/'.format(tob_server.host, tob_server.port))
+    http_or_https = 'http' if box_ssl is False else 'https'
+    boxLog.notice('Ready to listen on {}://{}:{}/'.format(http_or_https, tob_server.host, tob_server.port))
 
     try:
         if box_debug is True:
             run(theonionbox, server=tob_server, host=box_host, port=box_port)
         else:
             run(theonionbox, server=tob_server, host=box_host, port=box_port, quiet=True)
     except KeyboardInterrupt:
-        # print('Here we are!')
         pass
     except Exception as exc:
-        print(exc)
+        raise exc
     finally:
         exit_procedure(False)
-#        boxLog.notice("Fine!")
+
 
diff --git a/theonionbox/tob/wsgiserver.py b/theonionbox/tob/wsgiserver.py
@@ -1776,9 +1776,9 @@ def __init__(self, certfile, keyfile, ca_certs=None):
         if hasattr(ssl, 'create_default_context'):
             self.context = ssl.create_default_context(
                 purpose=ssl.Purpose.CLIENT_AUTH,
-                cafile=certificate_chain
+                cafile=self.certificate_chain
             )
-            self.context.load_cert_chain(certificate, private_key)
+            self.context.load_cert_chain(self.certificate, self.private_key)
 
     def bind(self, sock):
         """Wrap and return the given socket."""
@@ -1804,10 +1804,10 @@ def wrap(self, sock):
                 # the 'ping' isn't SSL.
                 return None, {}
             elif e.errno == ssl.SSL_ERROR_SSL:
-                if e.args[1].endswith('http request'):
+                if e.args[1].find('http request') > 0:
                     # The client is speaking HTTP to an HTTPS server.
                     raise NoSSLError
-                elif e.args[1].endswith('unknown protocol'):
+                elif e.args[1].find('unknown protocol') > 0:
                     # The client is speaking some non-HTTP protocol.
                     # Drop the conn.
                     return None, {}