Metadata-Version: 2.4
Name: sstp-server
Version: 0.7.2
Summary: Secure Socket Tunneling Protocol (SSTP) VPN server.
Author-email: Shell Chen <me@sorz.org>
License-Expression: MIT
Project-URL: Repository, https://github.com/sorz/sstp-server
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Console
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Topic :: Internet
Classifier: Topic :: Internet :: Proxy Servers
Requires-Python: >=3.12
Description-Content-Type: text/x-rst
License-File: LICENSE
Dynamic: license-file

sstp-server
============
|PyPI version|

A Secure Socket Tunneling Protocol (SSTP) server implemented by Python.


Requirements
------------

* Python >= 3.12
* pppd

**Crypto Binding** is supported using *SSTP ppp API* plug-in
sstp-pppd-plugin.so from
`sstp-client <http://sstp-client.sourceforge.net/>`_.

Install
-------

For a quick test, you can use `uv <https://docs.astral.sh/uv/>`_ to run it:
::

    uvx --from sstp-server sstpd --help


Run unreleased GitHub version with uvx:
::

    uvx --from git+https://github.com/sorz/sstp-server sstpd --help


Traditional pip install is also possible:
::

    pip install sstp-server
    sstpd --help


For a production deployment, you may want create virutal env fisrt,
then run sstpd with a service manager e.g. systemd.

Arch Linux user may install
`sstp-server <https://aur.archlinux.org/packages/sstp-server/>`_
package from AUR.

If you share the authentication with services other than SSTP
(for example, a RADIUS server that serve both a SSTP and WiFi
authentication), `crypto binding <https://docs.microsoft.com/en-us/openspecs/
windows_protocols/ms-sstp/89a68310-0b1e-451b-af9c-0c9ce500bb2e>`_
is required to prevent MITM attacks. Crypto binding is enabled
automatically if `sstp-pppd-plugin.so` is avaliable, see
`#37 <https://github.com/sorz/sstp-server/pull/37
#issuecomment-761107420>`_ for instructions.

Usage
-----

Create pppd configure file `/etc/ppp/options.sstpd`,

A example:
::

        name sstpd
        require-mschap-v2
        nologfd
        nodefaultroute
        ms-dns 8.8.8.8
        ms-dns 8.8.4.4

Start server:

.. code:: bash

    sudo sstpd -p 443 -c cert.pem -k key.pem --local 10.0.0.1 --remote 10.0.0.0/24

Or:

.. code:: bash

    sudo sstpd -f /path/to/sstpd-server.ini -s site1

Known Issues
------------

- High CPU usage, may not suitable for high thougthput applications.



.. |PyPI version| image:: https://img.shields.io/pypi/v/sstp-server.svg?style=flat
        :target: https://pypi.python.org/pypi/sstp-server
