ssl for simple server

web/webserver.py

@@ -2,19 +2,46 @@
 
 import sys, os
 import http.server
+import ssl
+import subprocess
+import tempfile
 from http.server import SimpleHTTPRequestHandler
 
+
 def setup_options():
-    ''' Create command line options '''
+    """Create command line options"""
     from argparse import ArgumentParser
 
     parser = ArgumentParser()
-    parser.add_argument("-p",type=int,dest="port",default=8000,
+    parser.add_argument(
-                          help="Server port (Default: %(default)s)")
+        "-s",
-    parser.add_argument("-a",type=str,dest="address",default="",
+        dest="ssl",
-                          help="Server bind address. Use localhost for privacy. Defaults to all interfaces.")
+        default=False,
-    parser.add_argument("rootpath",type=str,action="store",default=os.path.abspath('.'),nargs='?',
+        action="store_true",
-                              help="Root path of the server")
+        help="Enable self signed SSL (Default: %(default)s)",
+    )
+    parser.add_argument(
+        "-p",
+        type=int,
+        dest="port",
+        default=8000,
+        help="Server port (Default: %(default)s)",
+    )
+    parser.add_argument(
+        "-a",
+        type=str,
+        dest="address",
+        default="",
+        help="Server bind address. Use localhost for privacy. Defaults to all interfaces.",
+    )
+    parser.add_argument(
+        "rootpath",
+        type=str,
+        action="store",
+        default=os.path.abspath("."),
+        nargs="?",
+        help="Root path of the server",
+    )
     options = parser.parse_args()
     if not os.path.exists(options.rootpath):
         parser.error("Path does not exist")
@@ -22,6 +49,19 @@ def setup_options():
     return options
 
 
+def makekey():
+
+    tf = tempfile.NamedTemporaryFile(delete=False)
+    tf.close
+    p = subprocess.run(
+        "openssl req -new -x509 -keyout {tf} -out {tf} -days 365 -subj /CN=localhost -nodes".format(
+            tf=tf.name
+        ),
+        shell=True,
+    )
+    return tf.name
+
+
 def serve(options):
     """Run the web server"""
     HandlerClass = SimpleHTTPRequestHandler
@@ -34,9 +74,13 @@ def serve(options):
 
     HandlerClass.protocol_version = Protocol
     httpd = ServerClass(server_address, HandlerClass)
-
+    ssl_char = ""
+    if options.ssl:
+        keyfile = makekey()
+        httpd.socket = ssl.wrap_socket(httpd.socket, server_side=True, certfile=keyfile)
+        ssl_char = "s"
     sa = httpd.socket.getsockname()
-    print(("Serving http://"+ sa[0]+ ":"+ str(sa[1])+ "/"))
+    print("Serving http{}://{}:{}/".format(ssl_char, sa[0], str(sa[1])))
     try:
         httpd.serve_forever()
     except KeyboardInterrupt:
@@ -44,10 +88,10 @@ def serve(options):
     except OSError:
         httpd.server_close()
 
+    if options.ssl:
+        os.remove(keyfile)
+
+
 if __name__ == "__main__":
     options = setup_options()
     serve(options)
-
-
-
-