Merge pull request #139 from cudeso/master

SSL for Flask server
pull/140/head
Alexandre Dulaunoy 2019-11-13 20:46:34 +01:00 committed by GitHub
commit 28200e4862
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 0 deletions

View File

@ -2,6 +2,10 @@
host = localhost host = localhost
port = 8001 port = 8001
debug = False debug = False
ssl = False
# If you set SSL to True with a cert/key then an adhoc (self-signed) certificate is created
# ssl_cert = cert.pem
# ssl_key = key.pem
[Auth] [Auth]
auth_enabled = False auth_enabled = False

View File

@ -10,3 +10,4 @@ pycountry
zmq zmq
requests requests
halo halo
pyopenssl

View File

@ -35,6 +35,14 @@ logger.setLevel(logging.ERROR)
server_host = cfg.get("Server", "host") server_host = cfg.get("Server", "host")
server_port = cfg.getint("Server", "port") server_port = cfg.getint("Server", "port")
server_debug = cfg.get("Server", "debug") server_debug = cfg.get("Server", "debug")
server_ssl = cfg.get("Server", "ssl")
try:
server_ssl_cert = cfg.get("Server", "ssl_cert")
server_ssl_key = cfg.get("Server", "ssl_key")
except:
server_ssl_cert = None
server_ssl_key = None
pass
auth_host = cfg.get("Auth", "misp_fqdn") auth_host = cfg.get("Auth", "misp_fqdn")
auth_enabled = cfg.getboolean("Auth", "auth_enabled") auth_enabled = cfg.getboolean("Auth", "auth_enabled")
auth_ssl_verify = cfg.getboolean("Auth", "ssl_verify") auth_ssl_verify = cfg.getboolean("Auth", "ssl_verify")
@ -877,8 +885,17 @@ def getGenericTrendingOvertime():
if __name__ == '__main__': if __name__ == '__main__':
try: try:
if bool(server_ssl) is True:
if server_ssl_cert and server_ssl_key:
server_ssl_context = (server_ssl_cert, server_ssl_key)
else:
server_ssl_context = 'adhoc'
else:
server_ssl_context = None
app.run(host=server_host, app.run(host=server_host,
port=server_port, port=server_port,
ssl_context=server_ssl_context,
debug=server_debug, debug=server_debug,
threaded=True) threaded=True)
except OSError as error: except OSError as error: