From 8cf9ba34e9b87c49f4ef173da59783a5db9085ee Mon Sep 17 00:00:00 2001
From: Concedo <39025047+LostRuins@users.noreply.github.com>
Date: Thu, 19 Mar 2026 12:43:11 +0800
Subject: [PATCH] fixed SSL in routermode

---
 koboldcpp.py | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/koboldcpp.py b/koboldcpp.py
index a2c92e365..9835ae421 100755
--- a/koboldcpp.py
+++ b/koboldcpp.py
@@ -3782,7 +3782,9 @@ class KcppProxyHandler(http.server.BaseHTTPRequestHandler):
             conn = http.client.HTTPConnection('localhost', upstream_port, timeout=600)
             conn.request( self.command, self.path, body=body, headers=headers)
             resp = conn.getresponse()
-        except OSError:
+        except OSError as e:
+            if args.debugmode:
+                print(f"OSError has occurred: {e}")
             html_502 = """
             <!DOCTYPE html>
             <html lang="en">
@@ -3870,7 +3872,17 @@ class KcppProxyHttpServer(http.server.HTTPServer):
 
 def run_router_proxy(proxy_port, upstream_port):
     server = KcppProxyHttpServer(("", proxy_port), KcppProxyHandler, upstream_port)
-    print(f"KoboldCpp Proxy starting on port {proxy_port}, forwarding to port {upstream_port}",flush=True)
+    global args, sslvalid
+    if args.ssl and sslvalid:
+        import ssl
+        certpath = os.path.abspath(args.ssl[0])
+        keypath = os.path.abspath(args.ssl[1])
+        context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
+        context.load_cert_chain(certfile=certpath, keyfile=keypath)
+        server.socket = context.wrap_socket(server.socket, server_side=True)
+        print(f"KoboldCpp Proxy starting on port {proxy_port} (SSL/HTTPS), forwarding to port {upstream_port}",flush=True)
+    else:
+        print(f"KoboldCpp Proxy starting on port {proxy_port}, forwarding to port {upstream_port}",flush=True)
     proxy_thread = threading.Thread(target=server.serve_forever, daemon=True)
     proxy_thread.start()
     return server  # Return the server object in case you need to shut it down later
@@ -5783,7 +5795,7 @@ def RunServerMultiThreaded(addr, port, server_handler):
         ipv6_sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
         ipv6_sock.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, 1)
 
-    if args.ssl and sslvalid:
+    if args.ssl and sslvalid and not args.routermode: #if routermode, ssl is already offloaded
         import ssl
         certpath = os.path.abspath(args.ssl[0])
         keypath = os.path.abspath(args.ssl[1])