1 #ifndef SERVER_HTTPS_HPP
2 #define SERVER_HTTPS_HPP
4 #include "server_http.hpp"
5 #include <boost/asio/ssl.hpp>
6 #include <openssl/ssl.h>
10 typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> HTTPS;
13 class Server<HTTPS> : public ServerBase<HTTPS> {
14 std::string session_id_context;
15 bool set_session_id_context=false;
17 DEPRECATED Server(unsigned short port, size_t thread_pool_size, const std::string& cert_file, const std::string& private_key_file,
18 long timeout_request=5, long timeout_content=300,
19 const std::string& verify_file=std::string()) :
20 Server(cert_file, private_key_file, verify_file) {
22 config.thread_pool_size=thread_pool_size;
23 config.timeout_request=timeout_request;
24 config.timeout_content=timeout_content;
27 Server(const std::string& cert_file, const std::string& private_key_file, const std::string& verify_file=std::string()):
28 ServerBase<HTTPS>::ServerBase(443), context(boost::asio::ssl::context::tlsv12) {
29 context.use_certificate_chain_file(cert_file);
30 context.use_private_key_file(private_key_file, boost::asio::ssl::context::pem);
32 if(verify_file.size()>0) {
33 context.load_verify_file(verify_file);
34 context.set_verify_mode(boost::asio::ssl::verify_peer | boost::asio::ssl::verify_fail_if_no_peer_cert |
35 boost::asio::ssl::verify_client_once);
36 set_session_id_context=true;
41 if(set_session_id_context) {
42 // Creating session_id_context from address:port but reversed due to small SSL_MAX_SSL_SESSION_ID_LENGTH
43 session_id_context=std::to_string(config.port)+':';
44 session_id_context.append(config.address.rbegin(), config.address.rend());
45 SSL_CTX_set_session_id_context(context.native_handle(), reinterpret_cast<const unsigned char*>(session_id_context.data()),
46 std::min<size_t>(session_id_context.size(), SSL_MAX_SSL_SESSION_ID_LENGTH));
52 boost::asio::ssl::context context;
55 //Create new socket for this connection
56 //Shared_ptr is used to pass temporary objects to the asynchronous functions
57 auto socket=std::make_shared<HTTPS>(*io_service, context);
59 acceptor->async_accept((*socket).lowest_layer(), [this, socket](const boost::system::error_code& ec) {
60 //Immediately start accepting a new connection (if io_service hasn't been stopped)
61 if (ec != boost::asio::error::operation_aborted)
66 boost::asio::ip::tcp::no_delay option(true);
67 socket->lowest_layer().set_option(option);
69 //Set timeout on the following boost::asio::ssl::stream::async_handshake
70 auto timer=get_timeout_timer(socket, config.timeout_request);
71 socket->async_handshake(boost::asio::ssl::stream_base::server, [this, socket, timer]
72 (const boost::system::error_code& ec) {
76 read_request_and_content(socket);
78 on_error(std::shared_ptr<Request>(new Request(*socket)), ec);
82 on_error(std::shared_ptr<Request>(new Request(*socket)), ec);
89 #endif /* SERVER_HTTPS_HPP */