forked from eidheim/Simple-Web-Server
-
Notifications
You must be signed in to change notification settings - Fork 1
/
server_https.hpp
95 lines (76 loc) · 3.09 KB
/
server_https.hpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#ifndef SERVER_HTTPS_HPP
#define SERVER_HTTPS_HPP
#include "server_http.hpp"
#ifdef USE_STANDALONE_ASIO
#include <asio/ssl.hpp>
#else
#include <boost/asio/ssl.hpp>
#endif
#include <algorithm>
#include <openssl/ssl.h>
namespace SimpleWeb {
using HTTPS = asio::ssl::stream<asio::ip::tcp::socket>;
template <>
class Server<HTTPS> : public ServerBase<HTTPS> {
bool set_session_id_context = false;
public:
Server(const std::shared_ptr<asio::ssl::context> &context, int verify_flags)
: ServerBase<HTTPS>::ServerBase(443), context(context) {
if(verify_flags & asio::ssl::verify_peer) {
context->set_verify_mode(verify_flags);
set_session_id_context = true;
}
}
protected:
std::shared_ptr<asio::ssl::context> context;
void after_bind() override {
if(set_session_id_context) {
// Creating session_id_context from address:port but reversed due to small SSL_MAX_SSL_SESSION_ID_LENGTH
auto session_id_context = std::to_string(acceptor->local_endpoint().port()) + ':';
session_id_context.append(config.address.rbegin(), config.address.rend());
SSL_CTX_set_session_id_context(context->native_handle(), reinterpret_cast<const unsigned char *>(session_id_context.data()),
std::min<std::size_t>(session_id_context.size(), SSL_MAX_SSL_SESSION_ID_LENGTH));
}
}
void accept() override {
auto connection = create_connection(*io_service, *context);
acceptor->async_accept(connection->socket->lowest_layer(), [this, connection](const error_code &ec) {
auto lock = connection->handler_runner->continue_lock();
if(!lock)
return;
if(ec != asio::error::operation_aborted)
this->accept();
auto session = std::make_shared<Session>(config.max_request_streambuf_size, connection);
if(!ec) {
asio::ip::tcp::no_delay option(true);
error_code ec;
session->connection->socket->lowest_layer().set_option(option, ec);
session->connection->set_timeout(config.timeout_request);
session->connection->socket->async_handshake(asio::ssl::stream_base::server, [this, session](const error_code &ec) {
session->connection->cancel_timeout();
auto lock = session->connection->handler_runner->continue_lock();
if(!lock)
return;
if(!ec)
this->read(session);
else if(this->on_error)
this->on_error(session->request, ec);
});
}
else if(this->on_error)
this->on_error(session->request, ec);
});
}
void find_resource(const std::shared_ptr<Session> &session) override {
if(!verify || verify(session->connection->socket->native_handle())) {
ServerBase<HTTPS>::find_resource(session);
return;
}
write(session, on_verify_failed);
}
public:
std::function<int(SSL *)> verify;
std::function<void(std::shared_ptr<Response>, std::shared_ptr<Request>)> on_verify_failed;
};
} // namespace SimpleWeb
#endif /* SERVER_HTTPS_HPP */