repos / irgramd / commitdiff
summary | shortlog | log | tree | commit | commitdiff | headdiff
unified | plain | darcs
irc: Add TLS/SSL support
patch b720e14a8bf28c93658226f9f94140364906bf23
Author: E. Bosch <presidev@AT@gmail.com>
Date: Wed Dec 8 01:39:32 CET 2021
* irc: Add TLS/SSL support
diff -rN -u old-irgramd/irgramd new-irgramd/irgramd
--- old-irgramd/irgramd 2024-11-22 22:47:52.032015254 +0100
+++ new-irgramd/irgramd 2024-11-22 22:47:52.032015254 +0100
@@ -6,6 +6,7 @@
import tornado.options
import tornado.tcpserver
+import ssl
# Local modules
@@ -15,12 +16,28 @@
# IRC Telegram Daemon
class IRCTelegramd(tornado.tcpserver.TCPServer):
- def __init__(self, address=None, port=6667, config_dir=None, **settings):
- tornado.tcpserver.TCPServer.__init__(self)
-
+ def __init__(self, address=None, port=None, config_dir=None, **settings):
self.logger = logging.getLogger()
+ effective_port = port
+
+ if settings['tls']:
+ if not settings['tls_cert']: # error
+ self.logger.error('TLS configured but certificate not present')
+ exit(1)
+ tls_context = ssl.create_default_context(purpose=ssl.Purpose.CLIENT_AUTH)
+ tls_context.load_cert_chain(settings['tls_cert'], settings['tls_key'])
+ if not effective_port:
+ effective_port = 6697
+ self.logger.info('TLS configured')
+ else:
+ tls_context = None
+ if not effective_port:
+ effective_port = 6667
+
+ tornado.tcpserver.TCPServer.__init__(self, ssl_options=tls_context)
+
self.address = address or '127.0.0.1'
- self.port = port
+ self.port = effective_port
self.config_dir = config_dir or os.path.expanduser('~/.config/irgramd')
self.irc_handler = None
self.tg_handler = None
@@ -46,8 +63,11 @@
if __name__ == '__main__':
tornado.options.define('address', default=None, help='Address to listen on.')
- tornado.options.define('port', default=6667, help='Port to listen on.')
+ tornado.options.define('port', default=None, help='Port to listen on. (default 6667, default with TLS 6697)')
tornado.options.define('config_dir', default=None, help='Configuration directory')
+ tornado.options.define('tls', default=False, help='Use TLS/SSL encrypted connection for IRC server')
+ tornado.options.define('tls_cert', default=None, help='IRC server certificate chain for TLS/SSL, also can contain private key if not defined with `tls_key`')
+ tornado.options.define('tls_key', default=None, help='IRC server private key for TLS/SSL')
tornado.options.parse_command_line()
options = tornado.options.options.as_dict()