2017-08-23 15:42:19 -06:00
|
|
|
/*
|
2017-03-24 16:45:26 -07:00
|
|
|
* Copyright (C) 2016 Charybdis Development Team
|
|
|
|
* Copyright (C) 2016 Jason Volk <jason@zemos.net>
|
|
|
|
*
|
|
|
|
* Permission to use, copy, modify, and/or distribute this software for any
|
|
|
|
* purpose with or without fee is hereby granted, provided that the above
|
|
|
|
* copyright notice and this permission notice is present in all copies.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
|
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
|
|
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
|
|
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
|
|
|
|
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
|
|
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
|
|
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
|
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
|
|
|
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
|
|
* POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
*/
|
|
|
|
|
2017-09-20 19:31:54 -07:00
|
|
|
#include <ircd/asio.h>
|
2017-03-24 16:45:26 -07:00
|
|
|
|
|
|
|
namespace ircd {
|
|
|
|
|
|
|
|
struct listener::acceptor
|
|
|
|
{
|
2017-08-23 15:42:19 -06:00
|
|
|
using error_code = boost::system::error_code;
|
|
|
|
|
2017-03-24 16:45:26 -07:00
|
|
|
static log::log log;
|
|
|
|
|
|
|
|
std::string name;
|
|
|
|
size_t backlog;
|
|
|
|
asio::ssl::context ssl;
|
|
|
|
ip::tcp::endpoint ep;
|
|
|
|
ip::tcp::acceptor a;
|
|
|
|
|
|
|
|
explicit operator std::string() const;
|
2017-08-23 15:42:19 -06:00
|
|
|
void configure(const json::object &opts);
|
|
|
|
|
|
|
|
// Handshake stack
|
|
|
|
bool handshake_error(const error_code &ec);
|
|
|
|
void handshake(const error_code &ec, std::shared_ptr<socket>) noexcept;
|
2017-03-24 16:45:26 -07:00
|
|
|
|
2017-08-23 15:42:19 -06:00
|
|
|
// Acceptance stack
|
|
|
|
bool accept_error(const error_code &ec);
|
|
|
|
void accept(const error_code &ec, std::shared_ptr<socket>) noexcept;
|
2017-03-24 16:45:26 -07:00
|
|
|
|
2017-08-23 15:42:19 -06:00
|
|
|
// Accept next
|
|
|
|
void next();
|
|
|
|
|
|
|
|
acceptor(const json::object &opts);
|
2017-03-24 16:45:26 -07:00
|
|
|
~acceptor() noexcept;
|
|
|
|
};
|
|
|
|
|
|
|
|
} // namespace ircd
|
|
|
|
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
|
|
//
|
|
|
|
// ircd::listener
|
|
|
|
//
|
|
|
|
|
2017-08-16 13:27:22 -06:00
|
|
|
ircd::listener::listener(const std::string &opts)
|
|
|
|
:listener{json::object{opts}}
|
|
|
|
{
|
|
|
|
}
|
|
|
|
|
2017-08-23 15:42:19 -06:00
|
|
|
ircd::listener::listener(const json::object &opts)
|
2017-03-24 16:45:26 -07:00
|
|
|
:acceptor{std::make_unique<struct acceptor>(opts)}
|
|
|
|
{
|
|
|
|
}
|
|
|
|
|
|
|
|
ircd::listener::~listener()
|
|
|
|
noexcept
|
|
|
|
{
|
|
|
|
}
|
|
|
|
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
|
|
//
|
|
|
|
// ircd::listener::acceptor
|
|
|
|
//
|
|
|
|
|
|
|
|
ircd::log::log
|
|
|
|
ircd::listener::acceptor::log
|
|
|
|
{
|
|
|
|
"listener"
|
|
|
|
};
|
|
|
|
|
2017-08-23 15:42:19 -06:00
|
|
|
ircd::listener::acceptor::acceptor(const json::object &opts)
|
2017-03-24 16:45:26 -07:00
|
|
|
try
|
|
|
|
:name
|
|
|
|
{
|
|
|
|
unquote(opts.get("name", "IRCd (ssl)"s))
|
|
|
|
}
|
|
|
|
,backlog
|
|
|
|
{
|
2017-08-23 14:49:55 -06:00
|
|
|
opts.get<size_t>("backlog", asio::socket_base::max_connections - 2)
|
2017-03-24 16:45:26 -07:00
|
|
|
}
|
|
|
|
,ssl
|
|
|
|
{
|
|
|
|
asio::ssl::context::method::sslv23_server
|
|
|
|
}
|
|
|
|
,ep
|
|
|
|
{
|
|
|
|
ip::address::from_string(unquote(opts.get("host", "127.0.0.1"s))),
|
|
|
|
opts.get<uint16_t>("port", 6667)
|
|
|
|
}
|
|
|
|
,a
|
|
|
|
{
|
|
|
|
*ircd::ios
|
|
|
|
}
|
|
|
|
{
|
2017-08-23 15:42:19 -06:00
|
|
|
static const ip::tcp::acceptor::reuse_address reuse_address{true};
|
|
|
|
|
|
|
|
configure(opts);
|
|
|
|
|
|
|
|
log.debug("%s configured listener SSL",
|
|
|
|
std::string(*this));
|
|
|
|
|
|
|
|
a.open(ep.protocol());
|
|
|
|
a.set_option(reuse_address);
|
|
|
|
log.debug("%s opened listener socket",
|
|
|
|
std::string(*this));
|
|
|
|
|
|
|
|
a.bind(ep);
|
|
|
|
log.debug("%s bound listener socket",
|
|
|
|
std::string(*this));
|
|
|
|
|
|
|
|
a.listen(backlog);
|
|
|
|
log.debug("%s listening (backlog: %lu)",
|
|
|
|
std::string(*this),
|
|
|
|
backlog);
|
|
|
|
|
|
|
|
next();
|
|
|
|
}
|
|
|
|
catch(const boost::system::system_error &e)
|
|
|
|
{
|
|
|
|
throw error("listener: %s", e.what());
|
|
|
|
}
|
|
|
|
|
|
|
|
ircd::listener::acceptor::~acceptor()
|
|
|
|
noexcept
|
|
|
|
{
|
|
|
|
a.cancel();
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
ircd::listener::acceptor::next()
|
|
|
|
try
|
|
|
|
{
|
|
|
|
auto sock(std::make_shared<ircd::socket>(ssl));
|
|
|
|
log.debug("%s: listening with next socket(%p)",
|
|
|
|
std::string(*this),
|
|
|
|
sock.get());
|
|
|
|
|
|
|
|
// The context blocks here until the next client is connected.
|
|
|
|
auto accept(std::bind(&acceptor::accept, this, ph::_1, sock));
|
|
|
|
a.async_accept(sock->sd, accept);
|
|
|
|
}
|
|
|
|
catch(const std::exception &e)
|
|
|
|
{
|
|
|
|
log.critical("%s: %s",
|
|
|
|
std::string(*this),
|
|
|
|
e.what());
|
|
|
|
|
|
|
|
if(ircd::debugmode)
|
|
|
|
throw;
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
ircd::listener::acceptor::accept(const error_code &ec,
|
|
|
|
const std::shared_ptr<socket> sock)
|
|
|
|
noexcept try
|
|
|
|
{
|
|
|
|
if(accept_error(ec))
|
|
|
|
return;
|
|
|
|
|
|
|
|
log.debug("%s: accepted %s",
|
|
|
|
std::string(*this),
|
|
|
|
string(sock->remote()));
|
|
|
|
|
2017-08-23 14:49:55 -06:00
|
|
|
/*
|
|
|
|
static const asio::socket_base::keep_alive keep_alive(true);
|
|
|
|
static const asio::socket_base::linger linger(true, 30);
|
|
|
|
sock->sd.set_option(keep_alive);
|
|
|
|
sock->sd.set_option(linger);
|
|
|
|
sock->sd.non_blocking(true);
|
|
|
|
*/
|
|
|
|
|
|
|
|
static const auto handshake_type
|
|
|
|
{
|
|
|
|
socket::handshake_type::server
|
|
|
|
};
|
|
|
|
|
|
|
|
auto handshake
|
|
|
|
{
|
|
|
|
std::bind(&acceptor::handshake, this, ph::_1, sock)
|
|
|
|
};
|
|
|
|
|
2017-08-23 15:42:19 -06:00
|
|
|
sock->ssl.async_handshake(handshake_type, handshake);
|
2017-03-24 16:45:26 -07:00
|
|
|
}
|
2017-08-23 15:42:19 -06:00
|
|
|
catch(const std::exception &e)
|
|
|
|
{
|
|
|
|
log.error("%s: in accept(): socket(%p): %s",
|
|
|
|
std::string(*this),
|
|
|
|
sock.get(),
|
|
|
|
e.what());
|
|
|
|
next();
|
|
|
|
}
|
|
|
|
|
|
|
|
bool
|
|
|
|
ircd::listener::acceptor::accept_error(const error_code &ec)
|
2017-03-24 16:45:26 -07:00
|
|
|
{
|
2017-08-23 15:42:19 -06:00
|
|
|
switch(ec.value())
|
|
|
|
{
|
|
|
|
using namespace boost::system::errc;
|
|
|
|
|
|
|
|
case success:
|
|
|
|
return false;
|
|
|
|
|
|
|
|
case operation_canceled:
|
|
|
|
return true;
|
|
|
|
|
|
|
|
default:
|
|
|
|
throw boost::system::system_error(ec);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
ircd::listener::acceptor::handshake(const error_code &ec,
|
|
|
|
const std::shared_ptr<socket> sock)
|
|
|
|
noexcept try
|
|
|
|
{
|
|
|
|
if(handshake_error(ec))
|
|
|
|
return;
|
|
|
|
|
|
|
|
log.debug("%s SSL handshook %s",
|
|
|
|
std::string(*this),
|
|
|
|
string(sock->remote()));
|
|
|
|
|
|
|
|
add_client(sock);
|
2017-08-23 14:49:55 -06:00
|
|
|
next();
|
2017-08-23 15:42:19 -06:00
|
|
|
}
|
|
|
|
catch(const std::exception &e)
|
|
|
|
{
|
|
|
|
log.error("%s: in handshake(): socket(%p)[%s]: %s",
|
|
|
|
std::string(*this),
|
|
|
|
sock.get(),
|
|
|
|
string(sock->remote()),
|
|
|
|
e.what());
|
|
|
|
}
|
|
|
|
|
|
|
|
bool
|
|
|
|
ircd::listener::acceptor::handshake_error(const error_code &ec)
|
|
|
|
{
|
|
|
|
switch(ec.value())
|
|
|
|
{
|
|
|
|
using namespace boost::system::errc;
|
|
|
|
|
|
|
|
case success:
|
|
|
|
return false;
|
|
|
|
|
|
|
|
case operation_canceled:
|
|
|
|
return true;
|
|
|
|
|
|
|
|
default:
|
|
|
|
throw boost::system::system_error(ec);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
ircd::listener::acceptor::configure(const json::object &opts)
|
|
|
|
{
|
|
|
|
log.debug("%s preparing listener socket configuration...",
|
|
|
|
std::string(*this));
|
2017-03-24 16:45:26 -07:00
|
|
|
|
2017-08-23 15:13:57 -06:00
|
|
|
ssl.set_options
|
|
|
|
(
|
2017-08-23 15:42:19 -06:00
|
|
|
ssl.default_workarounds
|
2017-08-23 14:49:55 -06:00
|
|
|
//| ssl.no_tlsv1
|
|
|
|
//| ssl.no_tlsv1_1
|
|
|
|
| ssl.no_tlsv1_2
|
|
|
|
//| ssl.no_sslv2
|
|
|
|
| ssl.no_sslv3
|
|
|
|
//| ssl.single_dh_use
|
2017-08-23 15:13:57 -06:00
|
|
|
);
|
|
|
|
|
2017-08-23 15:42:19 -06:00
|
|
|
//TODO: XXX
|
2017-08-23 15:13:57 -06:00
|
|
|
ssl.set_password_callback([this]
|
|
|
|
(const auto &size, const auto &purpose)
|
|
|
|
{
|
|
|
|
log.debug("%s asking for password with purpose '%s' (size: %zu)",
|
|
|
|
std::string(*this),
|
|
|
|
purpose,
|
|
|
|
size);
|
|
|
|
|
2017-08-23 15:42:19 -06:00
|
|
|
//XXX: TODO
|
2017-08-23 15:13:57 -06:00
|
|
|
return "foobar";
|
|
|
|
});
|
|
|
|
|
|
|
|
if(opts.has("ssl_certificate_chain_file"))
|
|
|
|
{
|
|
|
|
const std::string filename
|
|
|
|
{
|
|
|
|
unquote(opts["ssl_certificate_chain_file"])
|
|
|
|
};
|
|
|
|
|
|
|
|
ssl.use_certificate_chain_file(filename);
|
|
|
|
log.info("%s using certificate chain file '%s'",
|
|
|
|
std::string(*this),
|
|
|
|
filename);
|
|
|
|
}
|
|
|
|
|
|
|
|
if(opts.has("ssl_certificate_file_pem"))
|
2017-03-24 16:45:26 -07:00
|
|
|
{
|
2017-04-02 21:01:37 -07:00
|
|
|
const std::string filename
|
|
|
|
{
|
2017-08-23 15:13:57 -06:00
|
|
|
unquote(opts["ssl_certificate_file_pem"])
|
2017-04-02 21:01:37 -07:00
|
|
|
};
|
|
|
|
|
2017-03-24 16:45:26 -07:00
|
|
|
ssl.use_certificate_file(filename, asio::ssl::context::pem);
|
|
|
|
log.info("%s using certificate file '%s'",
|
|
|
|
std::string(*this),
|
|
|
|
filename);
|
|
|
|
}
|
|
|
|
|
2017-08-23 15:13:57 -06:00
|
|
|
if(opts.has("ssl_private_key_file_pem"))
|
2017-03-24 16:45:26 -07:00
|
|
|
{
|
2017-04-02 21:01:37 -07:00
|
|
|
const std::string filename
|
|
|
|
{
|
2017-08-23 15:13:57 -06:00
|
|
|
unquote(opts["ssl_private_key_file_pem"])
|
2017-04-02 21:01:37 -07:00
|
|
|
};
|
|
|
|
|
2017-03-24 16:45:26 -07:00
|
|
|
ssl.use_private_key_file(filename, asio::ssl::context::pem);
|
|
|
|
log.info("%s using private key file '%s'",
|
|
|
|
std::string(*this),
|
|
|
|
filename);
|
|
|
|
}
|
|
|
|
|
2017-08-23 15:13:57 -06:00
|
|
|
if(opts.has("ssl_tmp_dh_file"))
|
|
|
|
{
|
|
|
|
const std::string filename
|
|
|
|
{
|
|
|
|
unquote(opts["ssl_tmp_dh_file"])
|
|
|
|
};
|
|
|
|
|
|
|
|
ssl.use_tmp_dh_file(filename);
|
|
|
|
log.info("%s using tmp dh file '%s'",
|
|
|
|
std::string(*this),
|
|
|
|
filename);
|
|
|
|
}
|
2017-03-24 16:45:26 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
ircd::listener::acceptor::operator std::string()
|
|
|
|
const
|
|
|
|
{
|
|
|
|
std::string ret(256, char());
|
|
|
|
const auto length
|
|
|
|
{
|
|
|
|
fmt::snprintf(&ret.front(), ret.size(), "'%s' @ [%s]:%u",
|
|
|
|
name,
|
|
|
|
string(ep.address()),
|
|
|
|
ep.port())
|
|
|
|
};
|
|
|
|
|
|
|
|
ret.resize(length);
|
|
|
|
return ret;
|
|
|
|
}
|