222 |
222 |
|
223 |
223 |
|
224 |
224 |
def GenericMain(daemon_name, optionparser, dirs, check_fn, exec_fn,
|
225 |
|
multithreaded=False):
|
|
225 |
multithreaded=False,
|
|
226 |
default_ssl_cert=None, default_ssl_key=None):
|
226 |
227 |
"""Shared main function for daemons.
|
227 |
228 |
|
228 |
229 |
@type daemon_name: string
|
... | ... | |
240 |
241 |
runs the daemon itself.
|
241 |
242 |
@type multithreaded: bool
|
242 |
243 |
@param multithreaded: Whether the daemon uses threads
|
|
244 |
@type default_ssl_cert: string
|
|
245 |
@param default_ssl_cert: Default SSL certificate path
|
|
246 |
@type default_ssl_key: string
|
|
247 |
@param default_ssl_key: Default SSL key path
|
243 |
248 |
|
244 |
249 |
"""
|
245 |
250 |
optionparser.add_option("-f", "--foreground", dest="fork",
|
... | ... | |
262 |
267 |
default_bind_address),
|
263 |
268 |
default=default_bind_address, metavar="ADDRESS")
|
264 |
269 |
|
265 |
|
if daemon_name in constants.DAEMONS_SSL:
|
266 |
|
default_cert, default_key = constants.DAEMONS_SSL[daemon_name]
|
|
270 |
if default_ssl_key is not None and default_ssl_cert is not None:
|
267 |
271 |
optionparser.add_option("--no-ssl", dest="ssl",
|
268 |
272 |
help="Do not secure HTTP protocol with SSL",
|
269 |
273 |
default=True, action="store_false")
|
270 |
274 |
optionparser.add_option("-K", "--ssl-key", dest="ssl_key",
|
271 |
|
help="SSL key",
|
272 |
|
default=default_key, type="string")
|
|
275 |
help=("SSL key path (default: %s)" %
|
|
276 |
default_ssl_key),
|
|
277 |
default=default_ssl_key, type="string",
|
|
278 |
metavar="SSL_KEY_PATH")
|
273 |
279 |
optionparser.add_option("-C", "--ssl-cert", dest="ssl_cert",
|
274 |
|
help="SSL certificate",
|
275 |
|
default=default_cert, type="string")
|
|
280 |
help=("SSL certificate path (default: %s)" %
|
|
281 |
default_ssl_cert),
|
|
282 |
default=default_ssl_cert, type="string",
|
|
283 |
metavar="SSL_CERT_PATH")
|
276 |
284 |
|
277 |
285 |
# Disable the use of fork(2) if the daemon uses threads
|
278 |
286 |
utils.no_fork = multithreaded
|
279 |
287 |
|
280 |
288 |
options, args = optionparser.parse_args()
|
281 |
289 |
|
282 |
|
if hasattr(options, 'ssl') and options.ssl:
|
283 |
|
if not (options.ssl_cert and options.ssl_key):
|
284 |
|
print >> sys.stderr, "Need key and certificate to use ssl"
|
285 |
|
sys.exit(constants.EXIT_FAILURE)
|
286 |
|
for fname in (options.ssl_cert, options.ssl_key):
|
287 |
|
if not os.path.isfile(fname):
|
288 |
|
print >> sys.stderr, "Need ssl file %s to run" % fname
|
|
290 |
if getattr(options, "ssl", False):
|
|
291 |
ssl_paths = {
|
|
292 |
"certificate": options.ssl_cert,
|
|
293 |
"key": options.ssl_key,
|
|
294 |
}
|
|
295 |
|
|
296 |
for name, path in ssl_paths.iteritems():
|
|
297 |
if not os.path.isfile(path):
|
|
298 |
print >> sys.stderr, "SSL %s file '%s' was not found" % (name, path)
|
289 |
299 |
sys.exit(constants.EXIT_FAILURE)
|
290 |
300 |
|
|
301 |
# TODO: By initiating http.HttpSslParams here we would only read the files
|
|
302 |
# once and have a proper validation (isfile returns False on directories)
|
|
303 |
# at the same time.
|
|
304 |
|
291 |
305 |
if check_fn is not None:
|
292 |
306 |
check_fn(options, args)
|
293 |
307 |
|