openmw-tes3mp/apps/master/SimpleWeb/https_server.hpp

#pragma once

#include "base_server.hpp"

#ifdef USE_STANDALONE_ASIO
#include <asio/ssl.hpp>
#else
#include <boost/asio/ssl.hpp>
#endif

#include <algorithm>
#include <openssl/ssl.h>

namespace SimpleWeb {
    using HTTPS = asio::ssl::stream<asio::ip::tcp::socket>;

    template <>
    class Server<HTTPS> : public ServerBase<HTTPS> {
        std::string session_id_context;
        bool set_session_id_context = false;

    public:
        Server(const std::string &cert_file, const std::string &private_key_file, const std::string &verify_file = std::string())
                : ServerBase<HTTPS>::ServerBase(443), context(asio::ssl::context::tlsv12) {
            context.use_certificate_chain_file(cert_file);
            context.use_private_key_file(private_key_file, asio::ssl::context::pem);

            if(verify_file.size() > 0) {
                context.load_verify_file(verify_file);
                context.set_verify_mode(asio::ssl::verify_peer | asio::ssl::verify_fail_if_no_peer_cert | asio::ssl::verify_client_once);
                set_session_id_context = true;
            }
        }

        void start() override {
            if(set_session_id_context) {
                // Creating session_id_context from address:port but reversed due to small SSL_MAX_SSL_SESSION_ID_LENGTH
                session_id_context = std::to_string(config.port) + ':';
                session_id_context.append(config.address.rbegin(), config.address.rend());
                SSL_CTX_set_session_id_context(context.native_handle(), reinterpret_cast<const unsigned char *>(session_id_context.data()),
                                               std::min<size_t>(session_id_context.size(), SSL_MAX_SSL_SESSION_ID_LENGTH));
            }
            ServerBase::start();
        }

    protected:
        asio::ssl::context context;

        void accept() override {
            auto session = std::make_shared<Session>(create_connection(*io_service, context));

            acceptor->async_accept(session->connection->socket->lowest_layer(), [this, session](const error_code &ec) {
                auto lock = session->connection->handler_runner->continue_lock();
                if(!lock)
                    return;

                if(ec != asio::error::operation_aborted)
                    this->accept();

                if(!ec) {
                    asio::ip::tcp::no_delay option(true);
                    error_code ec;
                    session->connection->socket->lowest_layer().set_option(option, ec);

                    session->connection->set_timeout(config.timeout_request);
                    session->connection->socket->async_handshake(asio::ssl::stream_base::server, [this, session](const error_code &ec) {
                        session->connection->cancel_timeout();
                        auto lock = session->connection->handler_runner->continue_lock();
                        if(!lock)
                            return;
                        if(!ec)
                            this->read_request_and_content(session);
                        else if(this->on_error)
                            this->on_error(session->request, ec);
                    });
                }
                else if(this->on_error)
                    this->on_error(session->request, ec);
            });
        }
    };
} // namespace SimpleWeb
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`#pragma once`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00
			`#include "base_server.hpp"`
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00
			`#ifdef USE_STANDALONE_ASIO`
			`#include <asio/ssl.hpp>`
			`#else`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00			`#include <boost/asio/ssl.hpp>`
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`#endif`

[Master] Add RestAPI 2017-05-19 16:02:12 +00:00			`#include <algorithm>`
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`#include <openssl/ssl.h>`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`namespace SimpleWeb {`
			`using HTTPS = asio::ssl::stream<asio::ip::tcp::socket>;`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`template <>`
			`class Server<HTTPS> : public ServerBase<HTTPS> {`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00			`std::string session_id_context;`
			`bool set_session_id_context = false;`
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00			`public:`
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`Server(const std::string &cert_file, const std::string &private_key_file, const std::string &verify_file = std::string())`
			`: ServerBase<HTTPS>::ServerBase(443), context(asio::ssl::context::tlsv12) {`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00			`context.use_certificate_chain_file(cert_file);`
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`context.use_private_key_file(private_key_file, asio::ssl::context::pem);`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`if(verify_file.size() > 0) {`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00			`context.load_verify_file(verify_file);`
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`context.set_verify_mode(asio::ssl::verify_peer \| asio::ssl::verify_fail_if_no_peer_cert \| asio::ssl::verify_client_once);`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00			`set_session_id_context = true;`
			`}`
			`}`

[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`void start() override {`
			`if(set_session_id_context) {`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00			`// Creating session_id_context from address:port but reversed due to small SSL_MAX_SSL_SESSION_ID_LENGTH`
			`session_id_context = std::to_string(config.port) + ':';`
			`session_id_context.append(config.address.rbegin(), config.address.rend());`
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`SSL_CTX_set_session_id_context(context.native_handle(), reinterpret_cast<const unsigned char *>(session_id_context.data()),`
			`std::min<size_t>(session_id_context.size(), SSL_MAX_SSL_SESSION_ID_LENGTH));`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00			`}`
			`ServerBase::start();`
			`}`

			`protected:`
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`asio::ssl::context context;`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`void accept() override {`
			`auto session = std::make_shared<Session>(create_connection(*io_service, context));`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`acceptor->async_accept(session->connection->socket->lowest_layer(), [this, session](const error_code &ec) {`
			`auto lock = session->connection->handler_runner->continue_lock();`
			`if(!lock)`
			`return;`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`if(ec != asio::error::operation_aborted)`
			`this->accept();`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`if(!ec) {`
			`asio::ip::tcp::no_delay option(true);`
			`error_code ec;`
			`session->connection->socket->lowest_layer().set_option(option, ec);`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`session->connection->set_timeout(config.timeout_request);`
			`session->connection->socket->async_handshake(asio::ssl::stream_base::server, [this, session](const error_code &ec) {`
			`session->connection->cancel_timeout();`
			`auto lock = session->connection->handler_runner->continue_lock();`
			`if(!lock)`
			`return;`
			`if(!ec)`
			`this->read_request_and_content(session);`
			`else if(this->on_error)`
			`this->on_error(session->request, ec);`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00			`});`
			`}`
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`else if(this->on_error)`
			`this->on_error(session->request, ec);`
[Master] Add RestAPI 2017-05-19 16:02:12 +00:00			`});`
			`}`
			`};`
[Master] Backport SimpleWeb 2017-09-12 12:21:32 +00:00			`} // namespace SimpleWeb`