Added backend code for ssl support (init.py, webstart.py)

2026-05-20 18:45:32 +01:00 · 2013-08-24 09:20:37 +05:30
parent 28e1380c3a
commit a5c087465c
3 changed files with 52 additions and 2 deletions
--- a/Headphones.py
+++ b/Headphones.py
@@ -152,6 +152,9 @@ def main():
                    'http_host':        headphones.HTTP_HOST,
                    'http_root':        headphones.HTTP_ROOT,
                    'http_proxy':       headphones.HTTP_PROXY,
+                    'enable_https':     headphones.ENABLE_HTTPS,
+                    'https_cert':       headphones.HTTPS_CERT,
+                    'https_key':        headphones.HTTPS_KEY,
                    'http_username':    headphones.HTTP_USERNAME,
                    'http_password':    headphones.HTTP_PASSWORD,
            })
--- a/headphones/init.py
+++ b/headphones/init.py
@@ -73,6 +73,10 @@ HTTP_ROOT = None
 HTTP_PROXY = False
 LAUNCH_BROWSER = False

+ENABLE_HTTPS = False
+HTTPS_CERT = None
+HTTPS_KEY = None
+
 API_ENABLED = False
 API_KEY = None

@@ -304,7 +308,7 @@ def initialize():
                PROWL_ENABLED, PROWL_PRIORITY, PROWL_KEYS, PROWL_ONSNATCH, PUSHOVER_ENABLED, PUSHOVER_PRIORITY, PUSHOVER_KEYS, PUSHOVER_ONSNATCH, MIRRORLIST, \
                MIRROR, CUSTOMHOST, CUSTOMPORT, CUSTOMSLEEP, HPUSER, HPPASS, XBMC_ENABLED, XBMC_HOST, XBMC_USERNAME, XBMC_PASSWORD, XBMC_UPDATE, \
                XBMC_NOTIFY, NMA_ENABLED, NMA_APIKEY, NMA_PRIORITY, NMA_ONSNATCH, SYNOINDEX_ENABLED, ALBUM_COMPLETION_PCT, PREFERRED_BITRATE_HIGH_BUFFER, \
-                PREFERRED_BITRATE_LOW_BUFFER, PREFERRED_BITRATE_ALLOW_LOSSLESS, CACHE_SIZEMB, JOURNAL_MODE, UMASK
+                PREFERRED_BITRATE_LOW_BUFFER, PREFERRED_BITRATE_ALLOW_LOSSLESS, CACHE_SIZEMB, JOURNAL_MODE, UMASK, ENABLE_HTTPS, HTTPS_CERT, HTTPS_KEY

        if __INITIALIZED__:
            return False
@@ -345,6 +349,9 @@ def initialize():
        HTTP_PASSWORD = check_setting_str(CFG, 'General', 'http_password', '')
        HTTP_ROOT = check_setting_str(CFG, 'General', 'http_root', '/')
        HTTP_PROXY = bool(check_setting_int(CFG, 'General', 'http_proxy', 0))
+        ENABLE_HTTPS = bool(check_setting_int(CFG, 'General', 'enable_https', 0))
+        HTTPS_CERT = check_setting_str(CFG, 'General', 'https_cert', 'server.crt')
+        HTTPS_KEY = check_setting_str(CFG, 'General', 'https_key', 'server.key')
        LAUNCH_BROWSER = bool(check_setting_int(CFG, 'General', 'launch_browser', 1))
        API_ENABLED = bool(check_setting_int(CFG, 'General', 'api_enabled', 0))
        API_KEY = check_setting_str(CFG, 'General', 'api_key', '')
@@ -679,9 +686,14 @@ def launch_browser(host, port, root):

    if host == '0.0.0.0':
        host = 'localhost'
+        
+    if ENABLE_HTTPS:
+        protocol = 'https'
+    else:
+        protocol = 'http'

    try:
-        webbrowser.open('http://%s:%i%s' % (host, port, root))
+        webbrowser.open('%s://%s:%i%s' % (protocol, host, port, root))
    except Exception, e:
        logger.error('Could not launch browser: %s' % e)

@@ -698,6 +710,9 @@ def config_write():
    new_config['General']['http_password'] = HTTP_PASSWORD
    new_config['General']['http_root'] = HTTP_ROOT
    new_config['General']['http_proxy'] = int(HTTP_PROXY)
+    new_config['General']['enable_https'] = int(ENABLE_HTTPS)
+    new_config['General']['https_cert'] = HTTPS_CERT
+    new_config['General']['https_key'] = HTTPS_KEY
    new_config['General']['launch_browser'] = int(LAUNCH_BROWSER)
    new_config['General']['api_enabled'] = int(API_ENABLED)
    new_config['General']['api_key'] = API_KEY
--- a/headphones/helpers.py
+++ b/headphones/helpers.py
@@ -345,3 +345,35 @@ def split_string(mystring):
    for each_word in mystring.split(','):
        mylist.append(each_word.strip())
    return mylist
+
+def create_https_certificates(ssl_cert, ssl_key):
+    """
+    Stolen from SickBeard (http://github.com/midgetspy/Sick-Beard):
+    Create self-signed HTTPS certificares and store in paths 'ssl_cert' and 'ssl_key'
+    """
+    try:
+        from OpenSSL import crypto #@UnresolvedImport
+        from lib.certgen import createKeyPair, createCertRequest, createCertificate, TYPE_RSA, serial #@UnresolvedImport
+    except:
+        logger.warn(u"pyopenssl module missing, please install for https access")
+        return False
+
+    # Create the CA Certificate
+    cakey = createKeyPair(TYPE_RSA, 1024)
+    careq = createCertRequest(cakey, CN='Certificate Authority')
+    cacert = createCertificate(careq, (careq, cakey), serial, (0, 60*60*24*365*10)) # ten years
+
+    cname = 'Headphones'
+    pkey = createKeyPair(TYPE_RSA, 1024)
+    req = createCertRequest(pkey, CN=cname)
+    cert = createCertificate(req, (cacert, cakey), serial, (0, 60*60*24*365*10)) # ten years
+
+    # Save the key and certificate to disk
+    try:
+        open(ssl_key, 'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
+        open(ssl_cert, 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
+    except:
+        logger.error(u"Error creating SSL key and certificate")
+        return False
+
+    return True