search

jczic / MicroWebSrv

A micro HTTP Web server that supports WebSockets, html/python language templating and routing handlers, for MicroPython (used on Pycom modules & ESP32)
https://github.com/jczic/MicroWebSrv
MIT License
640 stars 115 forks source link

HTTPS and WSS support #55

Closed vtamas00 closed 4 years ago

vtamas00 commented 5 years ago

Are you planning to extend the features with secure operation? How big effort to implement the SSL handsake to this project?

ghost commented 5 years ago

I added SSL to microWebSrv.py myself and experienced no issues so far.

Basically all that I did, was wrapping client from client, cliAddr = self._server.accept() with ussl.wrap_socket.

Here is my version of microWebSrv.py Note, that I also use a certificate and a key from separate files.

Here is some output using curl to connect to an esp32 using SSL:

$ curl -v -k https://doorlock004/ -H "Authorization: Token ********************"                                                                                                                                                                                                       
* TCP_NODELAY set
* Connected to doorlock004 port 443 (#0)                                                                                                                                       
* ALPN, offering h2                                                                                                                                                                           
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):                                                                                                                                             
* TLSv1.3 (IN), TLS handshake, Server hello (2):                                                                                                                                              
* TLSv1.2 (IN), TLS handshake, Certificate (11):                                                                                                                                              
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):                                                                                                                                      
* TLSv1.2 (IN), TLS handshake, Server finished (14):                                                                                                                                          
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):                                                                                                                                     
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):                                                                                                                                                
* TLSv1.2 (IN), TLS handshake, Finished (20):                                                                                                                                                 
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=DE; ST=MV; L=Rostock; O=Fraunhofer IGD-R; OU=ITSC; CN=doorlock004
*  start date: Feb  7 14:20:13 2019 GMT
*  expire date: Feb  7 14:20:13 2020 GMT
*  issuer: C=DE; ST=MV; L=Rostock; O=Fraunhofer IGD-R; OU=ITSC; CN=doorlock004
*  SSL certificate verify result: self signed certificate (18), continuing anyway.
> GET / HTTP/1.1
> Host: doorlock004
> User-Agent: curl/7.61.0
> Accept: */*
> Authorization: Token ********************
> 
< HTTP/1.1 200 OK                                                                                                                                                                             
< Content-Type: text/html; charset=UTF-8                                                                                                                                                      
< Content-Length: 230
< Server: MicroWebSrv by JC`zic                                                                                                                                                               
< Connection: close                                                                                                                                                                           
< 
        <!DOCTYPE html>
        <html lang=en>
        <head>
                <meta charset="UTF-8" />
            <title>I am doorlook004</title>
        </head>
        <body>
        <h1> I am doorlook004</h1>
        </body>
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):                                                                                                                                                 
        </html></body>
vtamas00 commented 5 years ago

Thanks, very nice, I will try it out!

jczic commented 4 years ago

Hello,

I released a fully new version (v2.0) of my web server here : github.com/jczic/MicroWebSrv2. Open source MIT, fully asynchronous, more robust, more fast and more efficient! It is delivered with a good documentation.

Thank you for your support and feedback. ☺️

Jean-Christophe Bos

Le lun. 1 juil. 2019 à 13:39, vtamas00 notifications@github.com a écrit :

Thanks, very nice, I will try it out!

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/jczic/MicroWebSrv/issues/55?email_source=notifications&email_token=AAD2ALDZ2GIFYXN4D664PKLP5HUFLA5CNFSM4HVVGC32YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODY53GYY#issuecomment-507229027, or mute the thread https://github.com/notifications/unsubscribe-auth/AAD2ALF7BGGYNEUKKXDISCTP5HUFLANCNFSM4HVVGC3Q .

--

Sincèrement,