package org.cacert.gigi;
import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.InputStream;
import java.io.IOException;
+import java.net.HttpURLConnection;
import java.net.InetSocketAddress;
import java.security.GeneralSecurityException;
import java.security.Key;
String proto = httpFields.getStringField("X-Real-Proto");
String cert = httpFields.getStringField("X-Client-Cert");
request.setSecure("https".equals(proto));
- System.out.println(request.isSecure());
request.setScheme(proto);
if ( !"https".equals(proto)) {
cert = null;
public static void main(String[] args) throws Exception {
System.setProperty("jdk.tls.ephemeralDHKeySize", "4096");
- new Launcher().boot();
+ InputStream in;
+ if (args.length >= 1) {
+ in = new FileInputStream(new File(args[0]));
+ } else {
+ in = System.in;
+ }
+ new Launcher().boot(in);
}
Server s;
GigiConfig conf;
- public synchronized void boot() throws Exception {
+ public synchronized void boot(InputStream in) throws Exception {
Locale.setDefault(Locale.ENGLISH);
TimeZone.setDefault(TimeZone.getTimeZone("UTC"));
+ HttpURLConnection.setFollowRedirects(false);
- conf = GigiConfig.parse(System.in);
+ conf = GigiConfig.parse(in);
ServerConstants.init(conf.getMainProps());
initEmails(conf);
if (conf.getMainProps().getProperty("proxy", "false").equals("true")) {
httpConfig.addCustomizer(new ExtendedForwarded());
s.setConnectors(new Connector[] {
- ConnectorsLauncher.createConnector(conf, s, httpConfig, false)
+ ConnectorsLauncher.createConnector(conf, s, httpConfig, false)
});
} else {
HttpConfiguration httpsConfig = createHttpConfiguration();
private void initEmails(GigiConfig conf) throws GeneralSecurityException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
KeyStore privateStore = conf.getPrivateStore();
- Certificate mail = privateStore.getCertificate("mail");
- Key k = privateStore.getKey("mail", conf.getPrivateStorePw().toCharArray());
+ Certificate mail = null;
+ Key k = null;
+ if (privateStore != null && privateStore.containsAlias("mail")) {
+ mail = privateStore.getCertificate("mail");
+ k = privateStore.getKey("mail", conf.getPrivateStorePw().toCharArray());
+ }
EmailProvider.initSystem(conf.getMainProps(), mail, k);
}
ContextHandler ch = generateGigiServletContext(webAppServlet);
ch.setVirtualHosts(new String[] {
- ServerConstants.getWwwHostName()
+ ServerConstants.getWwwHostName()
});
ContextHandler chSecure = generateGigiServletContext(webAppServlet);
chSecure.setVirtualHosts(new String[] {
- ServerConstants.getSecureHostName()
+ ServerConstants.getSecureHostName()
});
HandlerList hl = new HandlerList();
hw.setHandler(rh);
ServletContextHandler servlet = new ServletContextHandler(ServletContextHandler.SESSIONS);
- servlet.setInitParameter(SessionManager.__SessionCookieProperty, "CACert-Session");
+ servlet.setInitParameter(SessionManager.__SessionCookieProperty, "SomeCA-Session");
servlet.addServlet(webAppServlet, "/*");
ErrorPageErrorHandler epeh = new ErrorPageErrorHandler();
epeh.addErrorPage(404, "/error");
ContextHandler ch = new ContextHandler();
ch.setHandler(rh);
ch.setVirtualHosts(new String[] {
- ServerConstants.getStaticHostName()
+ ServerConstants.getStaticHostName()
});
return ch;
ServletContextHandler sch = new ServletContextHandler();
sch.addVirtualHosts(new String[] {
- ServerConstants.getApiHostName()
+ ServerConstants.getApiHostName()
});
sch.addServlet(new ServletHolder(new GigiAPI()), "/*");
return sch;
projects / gigi.git / blobdiff