forked from eidheim/Simple-Web-Server
-
Notifications
You must be signed in to change notification settings - Fork 0
/
server_https.hpp
90 lines (75 loc) · 3.98 KB
/
server_https.hpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
#ifndef SERVER_HTTPS_HPP
#define SERVER_HTTPS_HPP
#include "server_http.hpp"
#include <boost/asio/ssl.hpp>
#include <openssl/ssl.h>
#include <algorithm>
namespace SimpleWeb {
typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> HTTPS;
template<>
class Server<HTTPS> : public ServerBase<HTTPS> {
std::string session_id_context;
bool set_session_id_context=false;
public:
DEPRECATED Server(unsigned short port, size_t thread_pool_size, const std::string& cert_file, const std::string& private_key_file,
long timeout_request=5, long timeout_content=300,
const std::string& verify_file=std::string()) :
Server(cert_file, private_key_file, verify_file) {
config.port=port;
config.thread_pool_size=thread_pool_size;
config.timeout_request=timeout_request;
config.timeout_content=timeout_content;
}
Server(const std::string& cert_file, const std::string& private_key_file, const std::string& verify_file=std::string()):
ServerBase<HTTPS>::ServerBase(443), context(boost::asio::ssl::context::tlsv12) {
context.use_certificate_chain_file(cert_file);
context.use_private_key_file(private_key_file, boost::asio::ssl::context::pem);
if(verify_file.size()>0) {
context.load_verify_file(verify_file);
context.set_verify_mode(boost::asio::ssl::verify_peer | boost::asio::ssl::verify_fail_if_no_peer_cert |
boost::asio::ssl::verify_client_once);
set_session_id_context=true;
}
}
void start() {
if(set_session_id_context) {
// Creating session_id_context from address:port but reversed due to small SSL_MAX_SSL_SESSION_ID_LENGTH
session_id_context=std::to_string(config.port)+':';
session_id_context.append(config.address.rbegin(), config.address.rend());
SSL_CTX_set_session_id_context(context.native_handle(), reinterpret_cast<const unsigned char*>(session_id_context.data()),
std::min<size_t>(session_id_context.size(), SSL_MAX_SSL_SESSION_ID_LENGTH));
}
ServerBase::start();
}
protected:
boost::asio::ssl::context context;
void accept() {
//Create new socket for this connection
//Shared_ptr is used to pass temporary objects to the asynchronous functions
auto socket=std::make_shared<HTTPS>(*io_service, context);
acceptor->async_accept((*socket).lowest_layer(), [this, socket](const boost::system::error_code& ec) {
//Immediately start accepting a new connection (if io_service hasn't been stopped)
if (ec != boost::asio::error::operation_aborted)
accept();
if(!ec) {
boost::asio::ip::tcp::no_delay option(true);
socket->lowest_layer().set_option(option);
//Set timeout on the following boost::asio::ssl::stream::async_handshake
auto timer=get_timeout_timer(socket, config.timeout_request);
socket->async_handshake(boost::asio::ssl::stream_base::server, [this, socket, timer]
(const boost::system::error_code& ec) {
if(timer)
timer->cancel();
if(!ec)
read_request_and_content(socket);
else if(on_error)
on_error(std::shared_ptr<Request>(new Request(*socket)), ec);
});
}
else if(on_error)
on_error(std::shared_ptr<Request>(new Request(*socket)), ec);
});
}
};
}
#endif /* SERVER_HTTPS_HPP */