From 13ee4c473823f478e2f2479bb0266ae3ffad0cc0 Mon Sep 17 00:00:00 2001 From: Adam Hopkins Date: Mon, 21 Feb 2022 22:37:10 +0200 Subject: [PATCH] Allow for TLS certs to be created on HTTP/1.1 dev servers --- sanic/cli/app.py | 2 ++ sanic/cli/arguments.py | 11 ++++++++++- sanic/http/tls.py | 2 +- sanic/mixins/runner.py | 9 ++++++--- 4 files changed, 19 insertions(+), 5 deletions(-) diff --git a/sanic/cli/app.py b/sanic/cli/app.py index 45916a3f..a0b08b24 100644 --- a/sanic/cli/app.py +++ b/sanic/cli/app.py @@ -175,6 +175,7 @@ Or, a path to a directory to run as a simple HTTP server: "unix": self.args.unix, "verbosity": self.args.verbosity or 0, "workers": self.args.workers, + "auto_cert": self.args.auto_cert, } for maybe_arg in ("auto_reload", "dev"): @@ -184,4 +185,5 @@ Or, a path to a directory to run as a simple HTTP server: if self.args.path: kwargs["auto_reload"] = True kwargs["reload_dir"] = self.args.path + return kwargs diff --git a/sanic/cli/arguments.py b/sanic/cli/arguments.py index 8cfa131c..e6662a57 100644 --- a/sanic/cli/arguments.py +++ b/sanic/cli/arguments.py @@ -249,7 +249,16 @@ class DevelopmentGroup(Group): "--dev", dest="dev", action="store_true", - help=("debug + auto reload."), + help=("debug + auto reload"), + ) + self.container.add_argument( + "--auto-cert", + dest="auto_cert", + action="store_true", + help=( + "Create a temporary TLS certificate for local development " + "(requires mkcert)" + ), ) diff --git a/sanic/http/tls.py b/sanic/http/tls.py index 7429740c..387f669a 100644 --- a/sanic/http/tls.py +++ b/sanic/http/tls.py @@ -234,7 +234,7 @@ def get_ssl_context(app: Sanic, ssl: Optional[SSLContext]) -> SSLContext: if app.state.mode is Mode.PRODUCTION: raise SanicException( - "Cannot run Sanic as an HTTP/3 server in PRODUCTION mode " + "Cannot run Sanic as an HTTPS server in PRODUCTION mode " "without passing a TLS certificate. If you are developing " "locally, please enable DEVELOPMENT mode and Sanic will " "generate a localhost TLS certificate. For more information " diff --git a/sanic/mixins/runner.py b/sanic/mixins/runner.py index 6f288ff1..3b25d4ea 100644 --- a/sanic/mixins/runner.py +++ b/sanic/mixins/runner.py @@ -95,6 +95,7 @@ class RunnerMixin(metaclass=SanicMeta): fast: bool = False, verbosity: int = 0, motd_display: Optional[Dict[str, str]] = None, + auto_cert: bool = False, ) -> None: """ Run the HTTP Server and listen until keyboard interrupt or term @@ -154,6 +155,7 @@ class RunnerMixin(metaclass=SanicMeta): fast=fast, verbosity=verbosity, motd_display=motd_display, + auto_cert=auto_cert, ) self.__class__.serve(primary=self) # type: ignore @@ -182,6 +184,7 @@ class RunnerMixin(metaclass=SanicMeta): fast: bool = False, verbosity: int = 0, motd_display: Optional[Dict[str, str]] = None, + auto_cert: bool = False, ) -> None: if version == 3 and self.state.server_info: raise RuntimeError( @@ -267,6 +270,7 @@ class RunnerMixin(metaclass=SanicMeta): protocol=protocol, backlog=backlog, register_sys_signals=register_sys_signals, + auto_cert=auto_cert, ) self.state.server_info.append( ApplicationServerInfo(settings=server_settings) @@ -411,6 +415,7 @@ class RunnerMixin(metaclass=SanicMeta): backlog: int = 100, register_sys_signals: bool = True, run_async: bool = False, + auto_cert: bool = False, ) -> Dict[str, Any]: """Helper function used by `run` and `create_server`.""" if self.config.PROXIES_COUNT and self.config.PROXIES_COUNT < 0: @@ -427,9 +432,7 @@ class RunnerMixin(metaclass=SanicMeta): version = HTTP(version) ssl = process_to_context(ssl) - if version is HTTP.VERSION_3: - # TODO: - # - Add API option to allow localhost TLS also on HTTP/1.1 + if version is HTTP.VERSION_3 or auto_cert: if TYPE_CHECKING: self = cast(Sanic, self) ssl = get_ssl_context(self, ssl)