st-relay tweaks

pmattes · Aug 20, 2024 · e5fa668 · e5fa668
1 parent 1af8be2
commit e5fa668
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 15 deletions.
diff --git a/st-relay/README.md b/st-relay/README.md
@@ -18,12 +18,16 @@ By default, st-relay sends log messages of level WARNING and above to its standa
 If the platform supports IPv6-mapped addresses (e.g., Linux), then listening on **::** (the IPv6 any-host address) will allow both IPv4 and IPv6 connections to be accepted by the same st-relay instance. Otherwise, separate instances of st-relay will need to be created to accept IPv4 and IPv6 connections.
 
 ## Options
+### --cert *cert*
+Pathname of the server certificate file. (required)
+### --key *key*
+Pathname of the server certificate key file. (required)
 ### --fromadress *address*
-Listen for connections on *address*. The default is **::** (the IPv6 any-host address).
+Listen for connections on *address*. The default is **::**, the IPv6 any-host address.
 ### --fromport *port*
 Listen for connections on *port*. The default is **8023**.
 ### --toaddress *address*
-Relay connections to *address*. The default is **::1** (the IPv6 loopback address).
+Relay connections to *address*. The default is **::1**, the IPv6 loopback address.
 ### --toport *port*
 Relay connections to *port*. The default is **3270**.
 ### --log *level*
@@ -32,7 +36,3 @@ Log messages at *level* and above. Possible values are **DEBUG**, **INFO**, **WA
 Send log messages to the specified *filename* (a full path) instead of to standard output. The file will be rotated when it reaches 128 Kbytes, and at most 10 copies will be kept.
 ### --tls *mode*
 Operate in the specified TLS negotiation mode. **none** means no TLS support; the relay is completely passive. **immediate** means that the client must create a TLS tunnel immediately; there is no TELNET negotiation. **negotiated** (the default) means that st-relay operates as described above under *Protocol negotiation*.
-### --cert *cert*
-Specifies the pathname of the server certificate file.
-### --key *key*
-Specified the pathname of the server certificate key file.
diff --git a/st-relay/__main__.py b/st-relay/__main__.py
@@ -83,7 +83,7 @@ def __init__(self, port: int, opts: Dict[str, Any]):
         self.opts = oopts.oopts(opts)
         self.logger = logging.getLogger()
         self.relaysocket = None
-        if (self.opts.get('logfile') != None):
+        if (self.opts.get('logfile') != None and self.opts.get('logfile') != 'stdout'):
             ch = logging.handlers.RotatingFileHandler(self.opts.get('logfile'), maxBytes=128*1024, backupCount=10)
         else:
             ch = logging.StreamHandler()
@@ -104,7 +104,8 @@ def __init__(self, port: int, opts: Dict[str, Any]):
         s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
         s.bind((address, port))
         s.listen()
-        self.logger.info(f'st-relay: listening on {addr} port {port}')
+        addr_text = str(addr) if addr.version == 4 else f'[{addr}]'
+        self.logger.info(f'st-relay: listening on {addr_text}/{port}')
         t = threading.Thread(target=self.accept, args=[s], name='listen')
         t.start()
         self.servers.append(t)
@@ -238,19 +239,16 @@ def exit_signal(signum, frame):
         exit_event.set()
 
     parser = argparse.ArgumentParser(description='TELNET STARTTLS wrapper relay')
+    parser.add_argument('--cert', default=None, action='store', help='server certificate path', required=True)
+    parser.add_argument('--key', default=None, action='store', help='server key path', required=True)
     parser.add_argument('--fromaddress', default='::', help='address to listen on (::)')
     parser.add_argument('--fromport', type=int, default=8023, action='store', help='port to listen on (8023)')
     parser.add_argument('--toaddress', default='::1', help='address to connect to (::1)')
     parser.add_argument('--toport', type=int, default=3270, action='store', help='port to connect to (3270)')
     parser.add_argument('--log', default='WARNING', choices=['NONE', 'DEBUG', 'INFO', 'WARNING', 'ERROR'], help='logging level (WARNING)')
-    parser.add_argument('--logfile', default=None, action='store', help='pathname of log file')
-    parser.add_argument('--tls', type=argconv(none=target_tls.none, immediate=target_tls.immediate, negotiated=target_tls.negotiated), default=target_tls.negotiated, help='TLS type {none, immediate, negotiated} (negotiated)')
-    parser.add_argument('--cert', default=None, action='store', help='server certificate path')
-    parser.add_argument('--key', default=None, action='store', help='server key path')
+    parser.add_argument('--logfile', default=None, action='store', help='pathname of log file (stdout)')
+    parser.add_argument('--tls', type=argconv(none=target_tls.none, immediate=target_tls.immediate, negotiated=target_tls.negotiated), default=target_tls.negotiated, help='TLS type {none,immediate,negotiated} (negotiated)')
     opts = vars(parser.parse_args())
-    if opts['cert'] == None or opts['key'] == None:
-        print("--cert and --key are mandatory")
-        exit(1)
     signal.signal(signal.SIGINT, exit_signal)
     signal.signal(signal.SIGTERM, exit_signal)
     with relay(opts['fromport'], opts) as server: