From 63bb7bbdad8c7b21630cedaea2f2b82aa62fd59d Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Mon, 30 Mar 2015 15:41:13 +0200 Subject: Allow non-TLS http Closes CATLFISH-31 --- src/catlfish_sup.erl | 34 ++++++++++++++++++++-------------- tools/compileconfig.py | 25 +++++++++++++++++++------ 2 files changed, 39 insertions(+), 20 deletions(-) diff --git a/src/catlfish_sup.erl b/src/catlfish_sup.erl index 6f918cd..8a8322d 100644 --- a/src/catlfish_sup.erl +++ b/src/catlfish_sup.erl @@ -9,6 +9,21 @@ start_link(_Args) -> supervisor:start_link({local, ?MODULE}, ?MODULE, []). +gen_http_config(Config, SSLFlag) -> + {ChildName, IpAddress, Port, Module} = Config, + {ok, IPv4Address} = + inet:parse_ipv4strict_address(IpAddress), + WebConfig = [{ip, IPv4Address}, + {port, Port}, + {ssl, SSLFlag}, + {acceptor_pool_size, application:get_env(catlfish, http_server_pool_size, 16)}, + {ssl_opts, SSLOptions} + ], + {ChildName, + {catlfish_web, start, [WebConfig, Module]}, + permanent, 5000, + worker, dynamic}. + init([]) -> SSLOptions = [{certfile, application:get_env(catlfish, https_certfile, none)}, @@ -16,20 +31,11 @@ init([]) -> {cacertfile, application:get_env(catlfish, https_cacertfile, none)}], Servers = lists:map(fun (Config) -> - {ChildName, IpAddress, Port, Module} = Config, - {ok, IPv4Address} = - inet:parse_ipv4strict_address(IpAddress), - WebConfig = [{ip, IPv4Address}, - {port, Port}, - {ssl, true}, - {acceptor_pool_size, application:get_env(catlfish, http_server_pool_size, 16)}, - {ssl_opts, SSLOptions} - ], - {ChildName, - {catlfish_web, start, [WebConfig, Module]}, - permanent, 5000, - worker, dynamic} - end, application:get_env(catlfish, https_servers, [])), + gen_http_config(Config, true) + end, application:get_env(catlfish, https_servers, [])) ++ + lists:map(fun (Config) -> + gen_http_config(Config, false) + end, application:get_env(catlfish, http_servers, [])), lager:debug("Starting servers ~p", [Servers]), {ok, {{one_for_one, 3, 10}, diff --git a/tools/compileconfig.py b/tools/compileconfig.py index 88d6b51..f3e858b 100755 --- a/tools/compileconfig.py +++ b/tools/compileconfig.py @@ -77,7 +77,7 @@ def get_node_config(nodename, config): sys.exit(1) return (nodetype, nodeconfig) -def gen_https_servers(nodetype, nodeconfig, bind_address, bind_publicaddress): +def gen_http_servers(nodetype, nodeconfig, bind_address, bind_publicaddress, public_https): if bind_address: (host, port) = parse_address(bind_address) else: @@ -90,12 +90,22 @@ def gen_https_servers(nodetype, nodeconfig, bind_address, bind_publicaddress): (_, publicport) = parse_address(nodeconfig["publicaddress"]) publichost = "0.0.0.0" - return [(Symbol("external_https_api"), publichost, publicport, Symbol("v1")), - (Symbol("frontend_https_api"), host, port, Symbol("frontend"))] + http_servers = [] + https_servers = [] + if public_https: + https_servers.append((Symbol("external_https_api"), publichost, publicport, Symbol("v1"))) + else: + http_servers.append((Symbol("external_http_api"), publichost, publicport, Symbol("v1"))) + https_servers.append((Symbol("frontend_https_api"), host, port, Symbol("frontend"))) + return (http_servers, + https_servers) + elif nodetype == "storagenodes": - return [(Symbol("storage_https_api"), host, port, Symbol("storage"))] + return ([], + [(Symbol("storage_https_api"), host, port, Symbol("storage"))]) elif nodetype == "signingnodes": - return [(Symbol("signing_https_api"), host, port, Symbol("signing"))] + return ([], + [(Symbol("signing_https_api"), host, port, Symbol("signing"))]) def allowed_clients_frontend(mergenodenames): return [ @@ -150,8 +160,10 @@ def gen_config(nodename, config, localconfig): configfile = open(paths["configdir"] + nodename + ".config", "w") print >>configfile, "%% catlfish configuration file (-*- erlang -*-)" + public_https = "nopublichttps" not in options + (nodetype, nodeconfig) = get_node_config(nodename, config) - https_servers = gen_https_servers(nodetype, nodeconfig, bind_address, bind_publicaddress) + (http_servers, https_servers) = gen_http_servers(nodetype, nodeconfig, bind_address, bind_publicaddress, public_https=public_https) catlfishconfig = [] plopconfig = [] @@ -163,6 +175,7 @@ def gen_config(nodename, config, localconfig): catlfishconfig += [ (Symbol("https_servers"), https_servers), + (Symbol("http_servers"), http_servers), (Symbol("https_certfile"), paths["https_certfile"]), (Symbol("https_keyfile"), paths["https_keyfile"]), (Symbol("https_cacertfile"), paths["https_cacertfile"]), -- cgit v1.1