diff options
| author | Gluzskiy Alexandr <sss@sss.chaoslab.ru> | 2015-08-09 08:16:50 +0300 |
|---|---|---|
| committer | Gluzskiy Alexandr <sss@sss.chaoslab.ru> | 2015-08-09 08:16:50 +0300 |
| commit | 704bf55df5fae51bf0e8d86679ee7f34e22553d2 (patch) | |
| tree | 68385079dec7204d8c646d4937e93d68cd4cbd42 | |
| parent | 5a4cbe950cd653385fc6e93aa860542b01bdf1bc (diff) | |
client-qt:
socket wraper to work with both ssl and plain connection
server:
socket wraper to work with both ssl and plain connection
bit of config related changes
ssl support (untested)
| -rw-r--r-- | client-qt/udm-client-qt/client_session.cpp | 123 | ||||
| -rw-r--r-- | client-qt/udm-client-qt/client_session.h | 6 | ||||
| -rw-r--r-- | server/docs/udm.conf.sample | 18 | ||||
| -rw-r--r-- | server/include/config.h | 55 | ||||
| -rw-r--r-- | server/include/main.h | 16 | ||||
| -rw-r--r-- | server/include/server.h | 2 | ||||
| -rw-r--r-- | server/include/server_session.h | 12 | ||||
| -rw-r--r-- | server/include/socket_wraper.h | 105 | ||||
| -rw-r--r-- | server/src/api_core.cpp | 1 | ||||
| -rw-r--r-- | server/src/main.cpp | 10 | ||||
| -rw-r--r-- | server/src/modules_handler.cpp | 6 | ||||
| -rw-r--r-- | server/src/server.cpp | 19 | ||||
| -rw-r--r-- | server/src/server_session.cpp | 44 | ||||
| -rw-r--r-- | server/udm-server.cbp | 4 |
14 files changed, 347 insertions, 74 deletions
diff --git a/client-qt/udm-client-qt/client_session.cpp b/client-qt/udm-client-qt/client_session.cpp index d01d0f5..b5c6181 100644 --- a/client-qt/udm-client-qt/client_session.cpp +++ b/client-qt/udm-client-qt/client_session.cpp @@ -49,17 +49,93 @@ std::shared_ptr<char*> pack_msg(client_msg *msg, int *size_) } +class socket_wraper +{ +public: + socket_wraper(boost::asio::ssl::stream<boost::asio::ip::tcp::socket> *s) : is_ssl(true) + { + socket_ssl_ = s; + } + + socket_wraper(tcp::socket *s) : is_ssl(false) + { + socket_ = s; + } + + void operator=(boost::asio::ssl::stream<boost::asio::ip::tcp::socket> *s) + { + socket_ssl_ = s; + is_ssl = true; + } + void operator=(tcp::socket *s) + { + socket_ = s; + is_ssl = false; + } + + boost::asio::ip::tcp::socket& get_socket() + { + return *socket_; + } + + boost::asio::ssl::stream<boost::asio::ip::tcp::socket>& get_ssl_socket() + { + return *socket_ssl_; + } + template<typename MutableBufferSequence> std::size_t read_some(const MutableBufferSequence & buffers) + { + if(is_ssl) + return socket_ssl_->read_some(buffers); + else + return socket_->read_some(buffers); + } + template<typename MutableBufferSequence> std::size_t read_some(const MutableBufferSequence & buffers, boost::system::error_code & ec) + { + if(is_ssl) + return socket_ssl_->read_some(buffers, ec); + else + return socket_->read_some(buffers, ec); + } + + template<typename MutableBufferSequence, typename ReadHandler> void async_read_some(const MutableBufferSequence & buffers, ReadHandler handler) + { + if(is_ssl) + socket_ssl_->async_read_some(buffers, handler); + else + socket_->async_read_some(buffers, handler); + } + + template<typename ConstBufferSequence, typename WriteHandler> void async_write_some(const ConstBufferSequence & buffers, WriteHandler handler) + { + if(is_ssl) + socket_ssl_->async_write_some(buffers, handler); + else + socket_->async_write_some(buffers, handler); + } + ~socket_wraper() + { + if(is_ssl) + delete socket_ssl_; + else + delete socket_; + } +private: + bool is_ssl; + tcp::socket *socket_; + boost::asio::ssl::stream<boost::asio::ip::tcp::socket> *socket_ssl_; + +}; + + client_session::client_session(QObject *parent, boost::asio::io_service *io_service) : QObject(parent), io_service_(*io_service) { - socket_ssl_ = nullptr; - ssl_enabled = false; } -tcp::socket& client_session::socket() +/*tcp::socket& client_session::socket() { return *socket_; -} +} */ void client_session::client_connect(QString host, QString password, int port) { @@ -79,12 +155,9 @@ void client_session::client_connect(QString host, QString password, int port) boost::asio::ip::tcp::resolver::query query(host.toUtf8().data(), port_buf); boost::asio::ip::tcp::resolver::iterator it = r.resolve(query); - socket_ = new tcp::socket(io_service_); + socket_ = new socket_wraper(new tcp::socket(io_service_)); - if(!ssl_enabled) - boost::asio::async_connect(*socket_, it, boost::bind(&client_session::handle_connect, this, boost::asio::placeholders::error)); - else - boost::asio::async_connect(socket_ssl_->lowest_layer(), it, boost::bind(&client_session::handle_connect, this, boost::asio::placeholders::error)); + boost::asio::async_connect(socket_->get_socket(), it, boost::bind(&client_session::handle_connect, this, boost::asio::placeholders::error)); // socket_.async_connect(ep, boost::bind(&client_session::handle_connect, this, boost::asio::placeholders::error)); io_service_.run(); } @@ -93,13 +166,14 @@ void client_session::client_connect_ssl(QString host, QString password, int port { ssl_enabled = true; this->pasword = password; - boost::asio::ssl::context ctx(boost::asio::ssl::context::tlsv12); + boost::asio::ssl::context ctx(boost::asio::ssl::context::tlsv12_client); ctx.load_verify_file(ssl_ca.toUtf8().data()); ctx.use_certificate_file(ssl_crt.toUtf8().data(), boost::asio::ssl::context::pem); ctx.use_private_key_file(ssl_key.toUtf8().data(), boost::asio::ssl::context::pem); - socket_ssl_ = new boost::asio::ssl::stream<boost::asio::ip::tcp::socket>(io_service_, ctx); + auto socket_ssl_ = new boost::asio::ssl::stream<boost::asio::ip::tcp::socket>(io_service_, ctx); socket_ssl_->set_verify_mode(boost::asio::ssl::verify_peer); socket_ssl_->set_verify_callback(boost::bind(&client_session::verify_certificate, this, _1, _2 )); + socket_ = new socket_wraper(socket_ssl_); char port_buf[6]; snprintf(port_buf, 5, "%d", port); @@ -107,7 +181,7 @@ void client_session::client_connect_ssl(QString host, QString password, int port boost::asio::ip::tcp::resolver::query query(host.toUtf8().data(), port_buf); boost::asio::ip::tcp::resolver::iterator it = r.resolve(query); - boost::asio::async_connect(socket_ssl_->lowest_layer(), it, boost::bind(&client_session::handle_connect, this, boost::asio::placeholders::error)); + boost::asio::async_connect(socket_->get_ssl_socket().lowest_layer(), it, boost::bind(&client_session::handle_connect, this, boost::asio::placeholders::error)); } bool client_session::verify_certificate(bool preverified, boost::asio::ssl::verify_context& /*&ctx*/) @@ -144,10 +218,7 @@ void client_session::handle_connect(const boost::system::error_code &e) emit client_connected(true, QString::fromStdString(e.message())); //listen for messages from server recv_data_ = new char[4]; - if(!ssl_enabled) - boost::asio::async_read(*socket_, boost::asio::buffer(recv_data_, 4), boost::bind(&client_session::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); - else - boost::asio::async_read(*socket_ssl_, boost::asio::buffer(recv_data_, 4), boost::bind(&client_session::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); + boost::asio::async_read(*socket_, boost::asio::buffer(recv_data_, 4), boost::bind(&client_session::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); } } @@ -161,10 +232,7 @@ void client_session::handle_read(const boost::system::error_code& error, size_t delete [] recv_data_; char *buf = new char[size]; boost::system::error_code ec; - if(!ssl_enabled) - socket_->read_some(boost::asio::buffer(buf, size), ec); - else - socket_ssl_->read_some(boost::asio::buffer(buf, size), ec); + boost::asio::read(*socket_, boost::asio::buffer(buf, size), ec); if(ec) { @@ -189,10 +257,7 @@ void client_session::handle_read(const boost::system::error_code& error, size_t //check if someone connected to signal and delete message if noone //this will be limited to only one client connection because client will need to delete message manually recv_data_ = new char[4]; - if(!ssl_enabled) - boost::asio::async_read(*socket_, boost::asio::buffer(recv_data_, 4), boost::bind(&client_session::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); - else - boost::asio::async_read(*socket_ssl_, boost::asio::buffer(recv_data_, 4), boost::bind(&client_session::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); + boost::asio::async_read(*socket_, boost::asio::buffer(recv_data_, 4), boost::bind(&client_session::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); } // if(!parsed) else @@ -212,10 +277,7 @@ void client_session::send_message(client_msg &msg) { int size = 0; std::shared_ptr<char*> ptr = pack_msg(&msg, &size); - if(!ssl_enabled) - boost::asio::async_write(*socket_, boost::asio::buffer(*ptr, size), boost::bind(&client_session::handle_write, this, boost::asio::placeholders::error)); - else - boost::asio::async_write(*socket_ssl_, boost::asio::buffer(*ptr, size), boost::bind(&client_session::handle_write, this, boost::asio::placeholders::error)); + boost::asio::async_write(*socket_, boost::asio::buffer(*ptr, size), boost::bind(&client_session::handle_write, this, boost::asio::placeholders::error)); } void client_session::handle_write(const boost::system::error_code& error) @@ -231,10 +293,7 @@ client_session::~client_session() { //TODO: correct thread termination, reimplement io_service_.stop(); - if(ssl_enabled) - delete socket_ssl_; - else - delete socket_; + delete socket_; boost::asio::io_service *s = &io_service_; delete s; //emit terminate_thread(); diff --git a/client-qt/udm-client-qt/client_session.h b/client-qt/udm-client-qt/client_session.h index d50c972..4b7cfb3 100644 --- a/client-qt/udm-client-qt/client_session.h +++ b/client-qt/udm-client-qt/client_session.h @@ -35,6 +35,7 @@ using boost::asio::ip::tcp; class server_msg; +class socket_wraper; class client_session : public QObject { @@ -44,7 +45,7 @@ public: ~client_session(); // boost::asio::io_service &io_service(); - tcp::socket& socket(); +// tcp::socket& socket(); signals: void client_connected(bool success, QString error_text); //we are in threads, no links here @@ -65,8 +66,7 @@ private: bool ssl_enabled; char *recv_data_; boost::asio::io_service &io_service_; - tcp::socket *socket_; - boost::asio::ssl::stream<boost::asio::ip::tcp::socket> *socket_ssl_; + socket_wraper *socket_; QString pasword; QByteArray password_sha512; }; diff --git a/server/docs/udm.conf.sample b/server/docs/udm.conf.sample index 35086e0..6b5b031 100644 --- a/server/docs/udm.conf.sample +++ b/server/docs/udm.conf.sample @@ -1,4 +1,14 @@ -default_download_directory ~/udm_downloads ; default directory to store downloads -default_metadata_module flat_files_metadata ; first loaded metadata module used by default if not set -default_data_storage_module <not set> ; first loaded data_storage module used by default if not set -daemon 0 ; for to background on startup (0 or 1) +; this is config file example + +server ;section for core server settings +{ + ;default_download_directory ~/udm_downloads ; default directory to store downloads + ;default_metadata_module flat_files_metadata ; first loaded metadata module used by default if not set + ;default_data_storage_module <not set> ; first loaded data_storage module used by default if not set + ;daemon false ; for to background on startup (0 or 1) + ;verbosiry false; set server log level (higher is more noisy, also affects modules) + ;enable_encription 0; use tls encryption for client<-> server connection + ;ssl_certificate /path/to/cert/file.pem ; path to server certificate + ;ssl_key /path/to/key/file.pem ; server certificate key + ;ssl_dh /path/to/dh/file ; dh parameters for ssl encryption +} diff --git a/server/include/config.h b/server/include/config.h new file mode 100644 index 0000000..2afbde3 --- /dev/null +++ b/server/include/config.h @@ -0,0 +1,55 @@ +/* + Copyright © 2015 Gluzskiy Alexandr (sss) + + This file is part of Unknown Download Manager (UDM). + + UDM is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 2 of the License, or + (at your option) any later version. + + UDM is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with UDM. If not, see <http://www.gnu.org/licenses/>. + +*/ + + +#ifndef CONFIG_H_INCLUDED +#define CONFIG_H_INCLUDED + +#include <boost/property_tree/ptree.hpp> +#include <boost/property_tree/info_parser.hpp> + +namespace bpt = boost::property_tree; + +class module_metadata_storage; + +struct settings_s +{ + settings_s() + { + verbosity = 0; + } + short verbosity; +}; + +struct runtime_config_s +{ + //TODO: define metadata and data storage modules per module alongside with default ones + bpt::ptree config_file; + module_metadata_storage *default_metadata_storage; + settings_s settings; + runtime_config_s() + { + default_metadata_storage = nullptr; + } +}; + + + +#endif diff --git a/server/include/main.h b/server/include/main.h index 71769b8..4921e36 100644 --- a/server/include/main.h +++ b/server/include/main.h @@ -24,22 +24,6 @@ #include "api_module_metadata_storage.h" -#include <boost/property_tree/ptree.hpp> -#include <boost/property_tree/info_parser.hpp> - -namespace bpt = boost::property_tree; - -struct runtime_config_s{ - //TODO: define metadata and data storage modules per module alongside with default ones - bpt::ptree config_file; - module_metadata_storage *default_metadata_storage; - short verbosity; - runtime_config_s() - { - verbosity = 0; - default_metadata_storage = nullptr; - } -}; diff --git a/server/include/server.h b/server/include/server.h index 83d3b5b..c4ccc97 100644 --- a/server/include/server.h +++ b/server/include/server.h @@ -23,6 +23,7 @@ #define SERVER_H #include <boost/asio.hpp> +#include <boost/asio/ssl.hpp> //TODO ssl @@ -40,6 +41,7 @@ private: boost::asio::io_service& io_service_; boost::asio::ip::tcp::acceptor acceptor_; + boost::asio::ssl::context *context_; }; diff --git a/server/include/server_session.h b/server/include/server_session.h index 0f7fe62..330e0a9 100644 --- a/server/include/server_session.h +++ b/server/include/server_session.h @@ -23,28 +23,32 @@ #define SERVER_SESSION_H #include <boost/asio.hpp> +#include <boost/asio/ssl.hpp> class client_msg; class server_msg; - +class socket_wraper; class server_session { public: - server_session(boost::asio::io_service &s); + server_session(boost::asio::io_service &s, boost::asio::ssl::context *c = nullptr); void run(); void send_message(server_msg *msg); - boost::asio::ip::tcp::socket& socket(); + socket_wraper* socket(); virtual ~server_session(); protected: private: void handle_read(const boost::system::error_code& error, size_t bytes_transferred); void handle_write(const boost::system::error_code& error); void handle_write_no_read(const boost::system::error_code& error); + void handle_handshake(const boost::system::error_code& error); void handle_command(client_msg *msg); char *recv_data_; - boost::asio::ip::tcp::socket socket_; + socket_wraper *socket_; + boost::asio::io_service &io_service_; + boost::asio::ssl::context *context_; }; diff --git a/server/include/socket_wraper.h b/server/include/socket_wraper.h new file mode 100644 index 0000000..ed929ca --- /dev/null +++ b/server/include/socket_wraper.h @@ -0,0 +1,105 @@ +/* + Copyright © 2015 Gluzskiy Alexandr (sss) + + This file is part of Unknown Download Manager (UDM). + + UDM is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 2 of the License, or + (at your option) any later version. + + UDM is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with UDM. If not, see <http://www.gnu.org/licenses/>. + +*/ + +#ifndef SOCKET_H_INCLUDED +#define SOCKET_H_INCLUDED + +#include <boost/asio.hpp> +#include <boost/asio/ssl.hpp> + +class socket_wraper +{ +public: + socket_wraper(boost::asio::ssl::stream<boost::asio::ip::tcp::socket> *s) : is_ssl(true) + { + socket_ssl_ = s; + } + + socket_wraper(boost::asio::ip::tcp::socket *s) : is_ssl(false) + { + socket_ = s; + } + + void operator=(boost::asio::ssl::stream<boost::asio::ip::tcp::socket> *s) + { + socket_ssl_ = s; + is_ssl = true; + } + void operator=(boost::asio::ip::tcp::socket *s) + { + socket_ = s; + is_ssl = false; + } + + boost::asio::ip::tcp::socket& get_socket() + { + return *socket_; + } + + boost::asio::ssl::stream<boost::asio::ip::tcp::socket>& get_ssl_socket() + { + return *socket_ssl_; + } + template<typename MutableBufferSequence> std::size_t read_some(const MutableBufferSequence & buffers) + { + if(is_ssl) + return socket_ssl_->read_some(buffers); + else + return socket_->read_some(buffers); + } + template<typename MutableBufferSequence> std::size_t read_some(const MutableBufferSequence & buffers, boost::system::error_code & ec) + { + if(is_ssl) + return socket_ssl_->read_some(buffers, ec); + else + return socket_->read_some(buffers, ec); + } + + template<typename MutableBufferSequence, typename ReadHandler> void async_read_some(const MutableBufferSequence & buffers, ReadHandler handler) + { + if(is_ssl) + socket_ssl_->async_read_some(buffers, handler); + else + socket_->async_read_some(buffers, handler); + } + + template<typename ConstBufferSequence, typename WriteHandler> void async_write_some(const ConstBufferSequence & buffers, WriteHandler handler) + { + if(is_ssl) + socket_ssl_->async_write_some(buffers, handler); + else + socket_->async_write_some(buffers, handler); + } + ~socket_wraper() + { + if(is_ssl) + delete socket_ssl_; + else + delete socket_; + } +private: + bool is_ssl; + boost::asio::ip::tcp::socket *socket_; + boost::asio::ssl::stream<boost::asio::ip::tcp::socket> *socket_ssl_; + +}; + + +#endif diff --git a/server/src/api_core.cpp b/server/src/api_core.cpp index c8f0032..66df614 100644 --- a/server/src/api_core.cpp +++ b/server/src/api_core.cpp @@ -23,6 +23,7 @@ #include "main.h" #include "api_module_base.h" #include <boost/foreach.hpp> +#include "config.h" extern runtime_config_s runtime_config; diff --git a/server/src/main.cpp b/server/src/main.cpp index a876b42..efbd92b 100644 --- a/server/src/main.cpp +++ b/server/src/main.cpp @@ -27,7 +27,7 @@ #include "utilities.h" #include "server.h" #include "main.h" - +#include "config.h" core_api *module_api = nullptr; @@ -76,9 +76,13 @@ int main(int argc, char *argv[]) else std::cerr<<"failed to load config: \"" + config_path + "\", file does not exists or is not regular file\n"; } + //load all config variables here + runtime_config.settings.verbosity = runtime_config.config_file.get<short>("server.verbosity", 0); + daemon = runtime_config.config_file.get<bool>("server.daemon", false); + //override config from command line here if(vm.count("verbosity")) { - runtime_config.verbosity = vm["verbosity"].as<short>(); + runtime_config.settings.verbosity = vm["verbosity"].as<short>(); } if(vm.count("help")) @@ -129,7 +133,7 @@ int main(int argc, char *argv[]) modules->load_modules(); } - std::string default_metadata_module_name = runtime_config.config_file.get<std::string>("default_metadata_module", ""); + std::string default_metadata_module_name = runtime_config.config_file.get<std::string>("server.default_metadata_module", ""); if(default_metadata_module_name == "") { if(!modules->get_metadata_modules().empty()) diff --git a/server/src/modules_handler.cpp b/server/src/modules_handler.cpp index 818539b..d69fabf 100644 --- a/server/src/modules_handler.cpp +++ b/server/src/modules_handler.cpp @@ -30,11 +30,9 @@ +#include "config.h" - -namespace bpt = boost::property_tree; - extern runtime_config_s runtime_config; @@ -131,7 +129,7 @@ std::string modules_handler::list_modules_single_type_internal(const std::list<m buf += (*i)->get_module_info().name; buf += "\n\tDescription: " +(*i)->get_module_info().description; buf += "\n\tVersion: " + (*i)->get_module_info().version; - if(runtime_config.verbosity >= 1) + if(runtime_config.settings.verbosity >= 1) { buf += "\n\tAvailable options:"; for(auto i1 = (*i)->get_module_info().default_settings.begin(), end = (*i)->get_module_info().default_settings.end(); i1 != end; ++i1) diff --git a/server/src/server.cpp b/server/src/server.cpp index 2436fda..818cc10 100644 --- a/server/src/server.cpp +++ b/server/src/server.cpp @@ -24,20 +24,37 @@ #include "server.h" #include "server_session.h" #include "utilities.h" +#include "config.h" #include "../../protocol/udm.pb.h" +#include "socket_wraper.h" + +extern runtime_config_s runtime_config; server::server(boost::asio::io_service& io_service, short port) : io_service_(io_service), acceptor_(io_service, boost::asio::ip::tcp::endpoint(boost::asio::ip::tcp::v4(), port)) { + if(runtime_config.config_file.get<bool>("server.enable_encryption", false)) + { + //TODO: validate encryption files path's + context_ = new boost::asio::ssl::context(boost::asio::ssl::context::tlsv12_server); + context_->set_options(boost::asio::ssl::context::single_dh_use); + //context_.set_password_callback(boost::bind(&server::get_password, this)); //TODO: add password support + context_->use_certificate_chain_file(runtime_config.config_file.get<std::string>("ssl_certificate", "")); //must be set + context_->use_private_key_file(runtime_config.config_file.get<std::string>("ssl_key", ""), boost::asio::ssl::context::pem); //must be set + context_->use_tmp_dh_file(runtime_config.config_file.get<std::string>("ssl_dh", "")); //must be set + } start_accept(); } void server::start_accept() { server_session* new_session = new server_session(io_service_); - acceptor_.async_accept(new_session->socket(), boost::bind(&server::handle_accept, this, new_session, boost::asio::placeholders::error)); + if(runtime_config.config_file.get<bool>("server.enable_encryption", false)) + acceptor_.async_accept(new_session->socket()->get_ssl_socket().lowest_layer(), boost::bind(&server::handle_accept, this, new_session, boost::asio::placeholders::error)); + else + acceptor_.async_accept(new_session->socket()->get_socket(), boost::bind(&server::handle_accept, this, new_session, boost::asio::placeholders::error)); } void server::handle_accept(server_session* new_session, const boost::system::error_code& error) diff --git a/server/src/server_session.cpp b/server/src/server_session.cpp index 3fc3fb4..234f130 100644 --- a/server/src/server_session.cpp +++ b/server/src/server_session.cpp @@ -24,11 +24,19 @@ #include "server_session.h" #include "../../protocol/udm.pb.h" #include "utilities.h" +#include "config.h" +#include "socket_wraper.h" -server_session::server_session(boost::asio::io_service &s) : socket_(s) +extern runtime_config_s runtime_config; + + + + +server_session::server_session(boost::asio::io_service &s, boost::asio::ssl::context *c) : io_service_(s), context_(c) { } -boost::asio::ip::tcp::socket& server_session::socket() + +socket_wraper* server_session::socket() { return socket_; } @@ -36,11 +44,33 @@ boost::asio::ip::tcp::socket& server_session::socket() void server_session::run() { - recv_data_ = new char[4]; - boost::asio::async_read(socket_, boost::asio::buffer(recv_data_, 4), boost::bind(&server_session::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); + if(runtime_config.config_file.get<bool>("server.enable_encryption", false)) + { + socket_ = new socket_wraper(new boost::asio::ssl::stream<boost::asio::ip::tcp::socket>(io_service_, *context_)); + socket_->get_ssl_socket().async_handshake(boost::asio::ssl::stream_base::server, boost::bind(&server_session::handle_handshake, this, boost::asio::placeholders::error)); + } + else + { + socket_ = new socket_wraper(new boost::asio::ip::tcp::socket(io_service_)); + recv_data_ = new char[4]; + boost::asio::async_read(*socket_, boost::asio::buffer(recv_data_, 4), boost::bind(&server_session::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); + } +} +void server_session::handle_handshake(const boost::system::error_code& error) +{ + if (!error) + { + recv_data_ = new char[4]; + boost::asio::async_read(*socket_, boost::asio::buffer(recv_data_, 4), boost::bind(&server_session::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); + } + else + { + delete this; + } } + void server_session::handle_read(const boost::system::error_code& error, size_t bytes_transferred) { if (!error) @@ -51,7 +81,7 @@ void server_session::handle_read(const boost::system::error_code& error, size_t delete [] recv_data_; char *buf = new char[size]; boost::system::error_code ec; - socket_.read_some(boost::asio::buffer(buf, size), ec); + boost::asio::read(*socket_, boost::asio::buffer(buf, size), ec); if(ec) { @@ -71,7 +101,7 @@ void server_session::handle_read(const boost::system::error_code& error, size_t //parsed = true; handle_command(&msg); recv_data_ = new char[4]; - boost::asio::async_read(socket_, boost::asio::buffer(recv_data_, 4), boost::bind(&server_session::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); + boost::asio::async_read(*socket_, boost::asio::buffer(recv_data_, 4), boost::bind(&server_session::handle_read, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); } // if(!parsed) else @@ -100,7 +130,7 @@ void server_session::send_message(server_msg *msg) { int size = 0; std::shared_ptr<char*> ptr = pack_msg(msg, &size); - boost::asio::async_write(socket_, boost::asio::buffer(*ptr, size), boost::bind(&server_session::handle_write, this, boost::asio::placeholders::error)); + boost::asio::async_write(*socket_, boost::asio::buffer(*ptr, size), boost::bind(&server_session::handle_write, this, boost::asio::placeholders::error)); } void server_session::handle_write(const boost::system::error_code& error) diff --git a/server/udm-server.cbp b/server/udm-server.cbp index 27c86bb..1d976d6 100644 --- a/server/udm-server.cbp +++ b/server/udm-server.cbp @@ -45,6 +45,8 @@ <Add library="boost_program_options" /> <Add library="boost_log" /> <Add library="pthread" /> + <Add library="crypto" /> + <Add library="ssl" /> </Linker> <ExtraCommands> <Add before="[ -d ../protocol ] || mkdir ../protocol" /> @@ -56,11 +58,13 @@ <Unit filename="include/api_module_base.h" /> <Unit filename="include/api_module_downloader.h" /> <Unit filename="include/api_module_metadata_storage.h" /> + <Unit filename="include/config.h" /> <Unit filename="include/main.h" /> <Unit filename="include/modules_handler.h" /> <Unit filename="include/protocol.h" /> <Unit filename="include/server.h" /> <Unit filename="include/server_session.h" /> + <Unit filename="include/socket_wraper.h" /> <Unit filename="include/utilities.h" /> <Unit filename="src/api_core.cpp" /> <Unit filename="src/main.cpp" /> |