To support websockify's BaseTokenAPI token plugin: https://git.io/fjpXb.
Resolves:
```
WebSocket server settings:
- Listen on :80
- No SSL/TLS support (no cert file)
- proxying from :80 to targets generated by BaseTokenAPI
172.17.0.1 - - [02/Sep/2019 16:55:46] code 405, message Method Not
Allowed
handler exception: No module named requests
```
As websockify has been updated over the years, there is no longer:
- `LICENSE.txt` (removed in 368ec2c)
- `*.html` (removed in 368ec2c)
I have also opted to remove `README.md` as I do not believe it is
necessary to be inside the container.
Since the time of authoring this PR, Alpine has since gained numpy
support. This commit updates the Dockerfile to use mainline Alpine and
use `apk`'s py-numpy package.
We're splitting the repository into multiple ones. This one will
only retain the Python stuff (and rebind, used by websocketproxy).
Only once license is needed after this, so use the standard COPYING
filename.
getaddrinfo() gladly allows unicode for the host, but the port must
be in ascii (e.g. "https"). Make sure this is properly converted
before we pass it on.
Patch by @caderize on GitHub.
This file allows an easy invocation of websockify as a module, which is handy when running into shebang issues (https://github.com/pypa/virtualenv/issues/596).
With this patch, `python -m websockify ...` has just the same behavior as `./run ...`.
Most installations will not have redis or simplejson installed, so
avoid having them as a hard requirement unless actually using the
TokenRedis plugin.
We should only start the server if we are the main module, and not
imported some other way. This is important for multiprocessing to
work correctly on Windows.
We can't get the inheritence right in non-trivial cases as a regular
base class, so change it to be a mix-in that is to be combined with
one of the existing request handlers from the Python library.
--ssl-version takes two possible values (tlsv1_1, tlsv1_2). Defaults
to tlsv1_1.
--ssl-ciphers takes allowed ciphers in the same format as
`openssl ciphers`.
Added options for 1.3 and the default ssl config
The change adds two options to WebSockifyServer. The first is a list of
SSL ciphers. The second is SSL options (intended use is to force a
specific TLS version).
Those two options allow for greater security of WebSocket Proxy.
Brooks Swinnerton