diff options
author | Magnus Ahltorp <map@kth.se> | 2015-03-30 15:41:13 +0200 |
---|---|---|
committer | Magnus Ahltorp <map@kth.se> | 2015-03-31 00:40:58 +0200 |
commit | 22cefc84254cae1f57195da819eba69dbacb5a6e (patch) | |
tree | 63508f318361150ba35bbe17c18ab3e146dd20f1 | |
parent | 2d8d55bb9b6672ebe829b185beb05d4a399167f5 (diff) |
Allow non-TLS httpnopublicssl3
Closes CATLFISH-31
-rw-r--r-- | src/catlfish_sup.erl | 34 | ||||
-rw-r--r-- | src/catlfish_web.erl | 6 | ||||
-rwxr-xr-x | tools/compileconfig.py | 24 |
3 files changed, 41 insertions, 23 deletions
diff --git a/src/catlfish_sup.erl b/src/catlfish_sup.erl index 6f918cd..882a017 100644 --- a/src/catlfish_sup.erl +++ b/src/catlfish_sup.erl @@ -9,6 +9,21 @@ start_link(_Args) -> supervisor:start_link({local, ?MODULE}, ?MODULE, []). +gen_http_config(Config, SSLOptions, SSLFlag) -> + {ChildName, IpAddress, Port, Module} = Config, + {ok, IPv4Address} = + inet:parse_ipv4strict_address(IpAddress), + WebConfig = [{ip, IPv4Address}, + {port, Port}, + {ssl, SSLFlag}, + {acceptor_pool_size, application:get_env(catlfish, http_server_pool_size, 16)}, + {ssl_opts, SSLOptions} + ], + {ChildName, + {catlfish_web, start, [WebConfig, Module, ChildName]}, + permanent, 5000, + worker, dynamic}. + init([]) -> SSLOptions = [{certfile, application:get_env(catlfish, https_certfile, none)}, @@ -16,20 +31,11 @@ init([]) -> {cacertfile, application:get_env(catlfish, https_cacertfile, none)}], Servers = lists:map(fun (Config) -> - {ChildName, IpAddress, Port, Module} = Config, - {ok, IPv4Address} = - inet:parse_ipv4strict_address(IpAddress), - WebConfig = [{ip, IPv4Address}, - {port, Port}, - {ssl, true}, - {acceptor_pool_size, application:get_env(catlfish, http_server_pool_size, 16)}, - {ssl_opts, SSLOptions} - ], - {ChildName, - {catlfish_web, start, [WebConfig, Module]}, - permanent, 5000, - worker, dynamic} - end, application:get_env(catlfish, https_servers, [])), + gen_http_config(Config, SSLOptions, true) + end, application:get_env(catlfish, https_servers, [])) ++ + lists:map(fun (Config) -> + gen_http_config(Config, SSLOptions, false) + end, application:get_env(catlfish, http_servers, [])), lager:debug("Starting servers ~p", [Servers]), {ok, {{one_for_one, 3, 10}, diff --git a/src/catlfish_web.erl b/src/catlfish_web.erl index 5ee5743..f9fe6d6 100644 --- a/src/catlfish_web.erl +++ b/src/catlfish_web.erl @@ -2,14 +2,14 @@ %%% See LICENSE for licensing information. -module(catlfish_web). --export([start/2, loop/2]). +-export([start/3, loop/2]). -start(Options, Module) -> +start(Options, Module, Name) -> lager:debug("Starting catlfish web server: ~p", [Module]), Loop = fun (Req) -> ?MODULE:loop(Req, Module) end, - mochiweb_http:start([{name, Module}, {loop, Loop} | Options]). + mochiweb_http:start([{name, Name}, {loop, Loop} | Options]). add_auth(Path, {Code, Headers, Data}) -> diff --git a/tools/compileconfig.py b/tools/compileconfig.py index 88d6b51..4996994 100755 --- a/tools/compileconfig.py +++ b/tools/compileconfig.py @@ -77,7 +77,7 @@ def get_node_config(nodename, config): sys.exit(1) return (nodetype, nodeconfig) -def gen_https_servers(nodetype, nodeconfig, bind_address, bind_publicaddress): +def gen_http_servers(nodetype, nodeconfig, bind_address, bind_publicaddress, bind_publichttpaddress): if bind_address: (host, port) = parse_address(bind_address) else: @@ -90,12 +90,22 @@ def gen_https_servers(nodetype, nodeconfig, bind_address, bind_publicaddress): (_, publicport) = parse_address(nodeconfig["publicaddress"]) publichost = "0.0.0.0" - return [(Symbol("external_https_api"), publichost, publicport, Symbol("v1")), - (Symbol("frontend_https_api"), host, port, Symbol("frontend"))] + http_servers = [] + https_servers = [] + if bind_publichttpaddress: + (publichttphost, publichttpport) = parse_address(bind_publichttpaddress) + http_servers.append((Symbol("external_http_api"), publichttphost, publichttpport, Symbol("v1"))) + https_servers.append((Symbol("external_https_api"), publichost, publicport, Symbol("v1"))) + https_servers.append((Symbol("frontend_https_api"), host, port, Symbol("frontend"))) + return (http_servers, + https_servers) + elif nodetype == "storagenodes": - return [(Symbol("storage_https_api"), host, port, Symbol("storage"))] + return ([], + [(Symbol("storage_https_api"), host, port, Symbol("storage"))]) elif nodetype == "signingnodes": - return [(Symbol("signing_https_api"), host, port, Symbol("signing"))] + return ([], + [(Symbol("signing_https_api"), host, port, Symbol("signing"))]) def allowed_clients_frontend(mergenodenames): return [ @@ -145,13 +155,14 @@ def gen_config(nodename, config, localconfig): paths = localconfig["paths"] bind_address = localconfig.get("addresses", {}).get(nodename) bind_publicaddress = localconfig.get("publicaddresses", {}).get(nodename) + bind_publichttpaddress = localconfig.get("publichttpaddresses", {}).get(nodename) options = localconfig.get("options", []) configfile = open(paths["configdir"] + nodename + ".config", "w") print >>configfile, "%% catlfish configuration file (-*- erlang -*-)" (nodetype, nodeconfig) = get_node_config(nodename, config) - https_servers = gen_https_servers(nodetype, nodeconfig, bind_address, bind_publicaddress) + (http_servers, https_servers) = gen_http_servers(nodetype, nodeconfig, bind_address, bind_publicaddress, bind_publichttpaddress=bind_publichttpaddress) catlfishconfig = [] plopconfig = [] @@ -163,6 +174,7 @@ def gen_config(nodename, config, localconfig): catlfishconfig += [ (Symbol("https_servers"), https_servers), + (Symbol("http_servers"), http_servers), (Symbol("https_certfile"), paths["https_certfile"]), (Symbol("https_keyfile"), paths["https_keyfile"]), (Symbol("https_cacertfile"), paths["https_cacertfile"]), |