Etusivu Tutki Apua
Kirjaudu sisään
mirrors
/
Radicale
peilaus alkaen https://github.com/Kozea/Radicale
1
0
Haarauta 0
Tiedostot Esitykset 0 Wiki
Selaa lähdekoodia

Merge pull request #1726 from pbiering/extend-https-info

Extend https info in log
Peter Bieringer 1 vuosi sitten
vanhempi
ebe0418a4c 36aba7a8b9
sitoutus
30664f9346
3 muutettua tiedostoa jossa 12 lisäystä ja 3 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 1 0
      CHANGELOG.md
  2. 7 2
      radicale/app/__init__.py
  3. 4 1
      radicale/server.py

+ 1 - 0
CHANGELOG.md
Näytä tiedosto 

@@ -14,6 +14,7 @@
 
 * Review: Apache reverse proxy config example
 
 * Add: on-the-fly link activation and default content adjustment in case of bundled InfCloud (tested with 0.13.1)
 
 * Adjust: [auth] imap: use AUTHENTICATE PLAIN instead of LOGIN towards remote IMAP server
 
+* Improve: log client IP on SSL error and SSL protocol+cipher if successful
 
 
 ## 3.4.1
 
 * Add: option [auth] dovecot_connection_type / dovecot_host / dovecot_port

+ 7 - 2
radicale/app/__init__.py
Näytä tiedosto 

@@ -150,6 +150,7 @@ class Application(ApplicationPartDelete, ApplicationPartHead,
 
         time_begin = datetime.datetime.now()
 
         request_method = environ["REQUEST_METHOD"].upper()
 
         unsafe_path = environ.get("PATH_INFO", "")
 
+        https = environ.get("HTTPS", "")
 
 
         """Manage a request."""
 
         def response(status: int, headers: types.WSGIResponseHeaders,
 
@@ -210,9 +211,13 @@ class Application(ApplicationPartDelete, ApplicationPartHead,
 
         depthinfo = ""
 
         if environ.get("HTTP_DEPTH"):
 
             depthinfo = " with depth %r" % environ["HTTP_DEPTH"]
 
-        logger.info("%s request for %r%s received from %s%s",
 
+        if https:
 
+            https_info = " " + environ.get("SSL_PROTOCOL", "") + " " + environ.get("SSL_CIPHER", "")
 
+        else:
 
+            https_info = ""
 
+        logger.info("%s request for %r%s received from %s%s%s",
 
                     request_method, unsafe_path, depthinfo,
 
-                    remote_host, remote_useragent)
 
+                    remote_host, remote_useragent, https_info)
 
         if self._request_header_on_debug:
 
             logger.debug("Request header:\n%s",
 
                          pprint.pformat(self._scrub_headers(environ)))

+ 4 - 1
radicale/server.py
Näytä tiedosto 

@@ -3,7 +3,7 @@
 
 # Copyright © 2008 Pascal Halter
 
 # Copyright © 2008-2017 Guillaume Ayoub
 
 # Copyright © 2017-2023 Unrud <unrud@outlook.com>
 
-# Copyright © 2024-2024 Peter Bieringer <pb@bieringer.de>
 
+# Copyright © 2024-2025 Peter Bieringer <pb@bieringer.de>
 
 #
 
 # This library is free software: you can redistribute it and/or modify
 
 # it under the terms of the GNU General Public License as published by
 
@@ -262,6 +262,9 @@ class RequestHandler(wsgiref.simple_server.WSGIRequestHandler):
 
     def get_environ(self) -> Dict[str, Any]:
 
         env = super().get_environ()
 
         if isinstance(self.connection, ssl.SSLSocket):
 
+            env["HTTPS"] = "on"
 
+            env["SSL_CIPHER"] = self.request.cipher()[0]
 
+            env["SSL_PROTOCOL"] = self.request.version()
 
             # The certificate can be evaluated by the auth module
 
             env["REMOTE_CERTIFICATE"] = self.connection.getpeercert()
 
         # Parent class only tries latin1 encoding