diff --git a/.gitignore b/.gitignore index 43416c37..61dbd535 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,7 @@ xmlrpc.log* /proxies.txt /dbconfig.py venv/ + +*.crt + +keys/ diff --git a/DataHandler.py b/DataHandler.py index 7c53810b..2c676e6a 100644 --- a/DataHandler.py +++ b/DataHandler.py @@ -30,6 +30,7 @@ def __init__(self): self.dispatcher = None self.console_buffer = [] self.port = 8200 + self.ssl_port = 8243 self.natport = self.port + 1 self.min_spring_version = '*' self.agreementfile = 'agreement.txt' diff --git a/certificate.py b/certificate.py index 0535bc50..cad0f176 100644 --- a/certificate.py +++ b/certificate.py @@ -34,9 +34,18 @@ def create_self_signed_cert(filename): cert.set_pubkey(k) cert.sign(k, 'sha1') + cert_file = crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode("UTF-8") + key_file = crypto.dump_privatekey(crypto.FILETYPE_PEM, k).decode("UTF-8") + with open(filename, 'wt') as certfile: - certfile.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode("UTF-8")) - certfile.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, k).decode("UTF-8")) + certfile.write(cert_file) + certfile.write(key_file) + + with open("keys/server.crt", 'wt') as crt: + crt.write(cert_file) + + with open("keys/server.key", 'wt') as key: + key.write(key_file) -#create_self_signed_cert("server.key") +# create_self_signed_cert("server.key") diff --git a/requirements.txt b/requirements.txt index 468126b4..3bc4e88a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,3 +3,4 @@ mysqlclient==1.3.10 pyOpenSSL==18.0.0 SQLAlchemy==1.1.9 Twisted==17.1.0 +service_identity \ No newline at end of file diff --git a/server.py b/server.py index eb5f439c..fc7c3edb 100755 --- a/server.py +++ b/server.py @@ -7,8 +7,10 @@ # thread was renamed to _thread in python 3 import _thread +from OpenSSL import SSL + import traceback, signal, socket, sys, logging -from twisted.internet import reactor +from twisted.internet import reactor, ssl from twisted.internet import task sys.path.append("protocol") @@ -56,16 +58,15 @@ def sighup(sig, frame): _root.init() + try: reactor.listenTCP(_root.port, twistedserver.ChatFactory(_root)) + reactor.listenSSL(_root.ssl_port, twistedserver.ChatFactory(_root), + ssl.DefaultOpenSSLContextFactory('keys/server.key', 'keys/server.crt')) print('Started lobby server!') print('Connect the lobby client to') print(' public: %s:%d' %(_root.online_ip, _root.port)) print(' private: %s:%d' %(_root.local_ip, _root.port)) - recent_registration_loop = task.LoopingCall(_root.decrement_recent_registrations) - recent_registration_loop.start(60*20) - recent_rename_loop = task.LoopingCall(_root.decrement_recent_renames) - recent_rename_loop.start(60*60*24*7) reactor.run() except KeyboardInterrupt: diff --git a/tests/testsslclient.py b/tests/testsslclient.py new file mode 100644 index 00000000..86556379 --- /dev/null +++ b/tests/testsslclient.py @@ -0,0 +1,29 @@ +from twisted.internet import ssl, reactor +from twisted.internet.protocol import ClientFactory, Protocol + + +class EchoClient(Protocol): + def connectionMade(self): + print("connection made") + + def dataReceived(self, data): + print("Server said:", data) + self.transport.loseConnection() + + +class EchoClientFactory(ClientFactory): + protocol = EchoClient + + def clientConnectionFailed(self, connector, reason): + print("Connection failed - goodbye!") + reactor.stop() + + def clientConnectionLost(self, connector, reason): + print("Connection lost - goodbye!") + reactor.stop() + + +if __name__ == '__main__': + factory = EchoClientFactory() + reactor.connectSSL('localhost', 8243, factory, ssl.ClientContextFactory()) + reactor.run()