diff options
| author | James E.H. Turner <jturner@gemini.edu> | 2016-09-28 21:58:41 -0400 |
|---|---|---|
| committer | James E.H. Turner <jturner@gemini.edu> | 2016-09-28 21:58:41 -0400 |
| commit | 70e4227f580a7464f413d8ac7242d90af8004a68 (patch) | |
| tree | 74a4b30ebcebf3dbccb407f2610fc557392f083f /scripts | |
| parent | 3db56b2d83f73a2763a6ad2a0a505bc646ec0573 (diff) | |
| download | astroconda-iraf-helpers-70e4227f580a7464f413d8ac7242d90af8004a68.tar.gz | |
Serve IRAF package tarballs with plain HTTP for now, to avoid complaints about SSL certificate verification and because I don't think SSL is actually a promising mechanism for cross-site authentication anyway (the password would probably need to be stored in the recipe's meta.yaml).
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/ac_source_server | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/scripts/ac_source_server b/scripts/ac_source_server index d7fb0f3..9bd82b0 100755 --- a/scripts/ac_source_server +++ b/scripts/ac_source_server @@ -6,15 +6,19 @@ # To get this working: # - Define an "astroconda-source" alias for the host where the local tarballs # are located. +# - Start this script in the directory containing the source tarballs. +# +# The original SSL version also required these things, but I've reverted to +# using plain HTTP for now, commenting out the SSL bits: # - Place an SSL certificate file, "astroconda.pem", in the same directory as # the source tarballs. -# - Start this script in the directory containing the source tarballs. -# - Point each client build machine to a copy of the SSL certificate like so: -# conda config --set ssl_verify /path/to/astroconda.pem. +# - Point each client build machine to a copy of an SSL certificate store: +# conda config --set ssl_verify /path/to/file.crt (not properly tested) +# or conda config --set ssl_verify false (less safe) import BaseHTTPServer import SimpleHTTPServer -import ssl +# import ssl # It seems common practice to use port 4443 for unprivileged HTTPS services but # 4440 is unassigned and less likely to conflict with any other HTTPS service: @@ -24,11 +28,11 @@ httpd = BaseHTTPServer.HTTPServer( ('', port), SimpleHTTPServer.SimpleHTTPRequestHandler ) -httpd.socket = ssl.wrap_socket( - httpd.socket, - certfile='astroconda.pem', # cert. kept in CWD with source tarballs - server_side=True -) +# httpd.socket = ssl.wrap_socket( +# httpd.socket, +# certfile='astroconda.pem', # cert. kept in CWD with source tarballs +# server_side=True +# ) httpd.serve_forever() |