Skip to content

Https and SIGINT handling#201

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
tetofonta wants to merge 4 commits into
base:master
Choose a base branch
from
Open

Https and SIGINT handling #201

tetofonta wants to merge 4 commits into from

Conversation

@tetofonta
Copy link

@tetofontatetofonta commented Nov 12, 2017

When using remi on a network can be useful to use https protocol for security reasons: this can be done by calling "ssl.warp_socket(...)" over the HTTPServer created socket.
Also, when developing application, is useful to terminate the process with CTRL+C key, so it can be done by allowing user to specify if SIGINT needs to be ignored.

@dddomodossola
Copy link
Collaborator

dddomodossola commented Nov 12, 2017

Hello @tetofonta , thank you so much for contributing to remi project. I will see at your pull req in about a week, I'm abroad right now. ;-)

@PURPORC
Copy link
Contributor

PURPORC commented Nov 16, 2017

In order to secure any form inputs, the websocket connection would need to be secured. Using wss:// as the protocol that the javascript part connects to.

I have a branch which secures both sockets. Unfortunately in a clumsy way so I never created a PR for it.

@dddomodossola
Copy link
Collaborator

dddomodossola commented Dec 15, 2017

@tetofonta I merged your code to a branch called tetofonta-https. I a near future I will merge it to master, after a bit of debugging.
@PURPORC have you the possibility to contribute on securing websockets? :-)

@dddomodossola
Copy link
Collaborator

dddomodossola commented Jan 10, 2018

@tetofonta Made some tests but without success. I got this error:

remi.server INFO Started httpserver https://127.0.0.1:8073/
remi.request ERROR PC14 code 400, message Bad request syntax ('\x16\x03\x01\x00\xae\x01\x00\x00\xaa\x03\x03R\x1d\xa2G\xbcT\xbd\x10\xb7i\xbd\xb6\x02\xdf\xde\xaf')
remi.request ERROR PC14 code 400, message Bad request syntax ('\x16\x03\x01\x00\xae\x01\x00\x00\xaa\x03\x03\xd9\xd7\xd1\xbb\xabI\x01\xa5j}D\x149\xbc\xd8\xa9\x9d\x06@-\x8e!4i4\x8a\xf4\xa2\x96\xc7')
remi.request DEBUG PC14 "��� «� ¬��R�óG╝T¢�Ài¢Â�▀Ì»" 400 -
remi.request DEBUG PC14 "��� «� ¬��┘ÎÐ╗½I�Ñj}D�9╝Ï®Ø�@-Ä!4i4è¶óûÃ" 400 -

Does this work for you? Can you give me some advices?

@tetofonta
Copy link
Author

tetofonta commented Jan 11, 2018

No idea about what's happened, it works fine for me.
I've tried right now, no errors from ssl.
Anyway I've recommited my working code with a bash script for certificate generation.

@dddomodossola
Copy link
Collaborator

dddomodossola commented Jan 11, 2018

@tetofonta Done some more testing. It appears that your https fix is ok but REQUIRES wss (secured websocket) to work correctly. This is because unsecure websocket is not allowed under https.
I've tested @PURPORC implementation and works fine, but have to be reworked a bit.

Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tetofonta@dddomodossola@PURPORC