2022-12-11 13:57:19 +03:00
|
|
|
#!/usr/bin/env python
|
|
|
|
# usage: ./server.py <port> <cert_file> <Client certificate authentication>
|
|
|
|
# Start the server with or without client certificate authentication
|
|
|
|
import flask
|
|
|
|
import sys
|
|
|
|
import ssl
|
2021-02-06 14:15:32 +03:00
|
|
|
|
2022-12-11 13:57:19 +03:00
|
|
|
app1 = flask.Flask("SSL Server")
|
2021-02-06 14:15:32 +03:00
|
|
|
|
2022-02-05 08:56:33 +03:00
|
|
|
|
2022-12-11 13:57:19 +03:00
|
|
|
@app1.route("/hello")
|
2021-02-06 14:15:32 +03:00
|
|
|
def hello():
|
|
|
|
return "Hello World!"
|
|
|
|
|
2022-02-05 08:56:33 +03:00
|
|
|
|
2022-12-11 13:57:19 +03:00
|
|
|
def start_server(port, cert_file, use_client_certificate_authentication):
|
|
|
|
ssl_context = get_ssl_context(cert_file, use_client_certificate_authentication)
|
|
|
|
app1.run(port=port, ssl_context=ssl_context)
|
|
|
|
|
|
|
|
|
|
|
|
def get_ssl_context(cert_file, use_client_certificate_authentication):
|
|
|
|
ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
|
|
|
|
if use_client_certificate_authentication:
|
|
|
|
ssl_context.verify_mode = ssl.CERT_REQUIRED
|
|
|
|
ssl_context.load_verify_locations("ssl/ca/cert.pem")
|
|
|
|
ssl_context.load_cert_chain(cert_file, "ssl/server/key.pem")
|
|
|
|
return ssl_context
|
|
|
|
|
|
|
|
|
|
|
|
def print_usage_and_exit():
|
|
|
|
print(
|
|
|
|
"usage: ./server.py <port> <cert_file> <use_client_certificate_authentication>"
|
|
|
|
)
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
|
|
def main():
|
|
|
|
if len(sys.argv) < 4:
|
|
|
|
print_usage_and_exit()
|
|
|
|
|
|
|
|
port = int(sys.argv[1])
|
|
|
|
cert_file = sys.argv[2]
|
|
|
|
if sys.argv[3] == "true":
|
|
|
|
use_client_certificate_authentication = True
|
|
|
|
elif sys.argv[3] == "false":
|
|
|
|
use_client_certificate_authentication = False
|
|
|
|
else:
|
|
|
|
print_usage_and_exit()
|
|
|
|
|
|
|
|
print("Starting SSL Server")
|
|
|
|
print(" port: " + str(port))
|
|
|
|
print(" cert file: " + cert_file)
|
|
|
|
print(
|
|
|
|
" using client Certificate Authentication: "
|
|
|
|
+ ("yes" if use_client_certificate_authentication else "no")
|
|
|
|
)
|
|
|
|
start_server(port, cert_file, use_client_certificate_authentication)
|
|
|
|
|
|
|
|
|
2021-02-06 14:15:32 +03:00
|
|
|
if __name__ == "__main__":
|
2022-12-11 13:57:19 +03:00
|
|
|
main()
|