From ca31d356e44e19649eeb8340eb1451ea3f477cfa Mon Sep 17 00:00:00 2001 From: Stefan Radomski Date: Tue, 30 May 2017 21:10:39 +0200 Subject: Reintroduced HTTPS support --- CMakeLists.txt | 27 ++++++- config.h.in | 1 + contrib/openssl/gen-keys.sh | 3 + contrib/openssl/uscxml.cert | 39 ++++++++++ contrib/openssl/uscxml.key | 51 +++++++++++++ src/uscxml/server/HTTPServer.cpp | 160 ++++++++++++++++----------------------- src/uscxml/server/HTTPServer.h | 3 +- 7 files changed, 187 insertions(+), 97 deletions(-) create mode 100755 contrib/openssl/gen-keys.sh create mode 100644 contrib/openssl/uscxml.cert create mode 100644 contrib/openssl/uscxml.key diff --git a/CMakeLists.txt b/CMakeLists.txt index 7906396..6e9ca8e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -295,10 +295,23 @@ find_package(LibEvent) if (LIBEVENT_FOUND) include_directories(${LIBEVENT_INCLUDE_DIR}) list (APPEND USCXML_CORE_LIBS ${LIBEVENT_LIBRARIES}) + + include(CheckCXXSourceCompiles) + set(CMAKE_REQUIRED_INCLUDES ${LIBEVENT_INCLUDE_DIR}) + set(CMAKE_REQUIRED_LIBRARIES ${LIBEVENT_LIBRARIES}) + check_cxx_source_compiles(" + #include + struct bufferevent* cb(struct event_base *base, void *arg) { return NULL; } + int main(){ evhttp_set_bevcb((struct evhttp*)NULL, cb, (void*)NULL); } + " LIBEVENT_HAS_BEVCB) + if (NOT LIBEVENT_HAS_BEVCB) + message(STATUS "libevent (< 2.1) does not feature evhttp_set_bevcb, not building HTTPS support") + endif() else() message(STATUS "--> will download and compile") include("${CMAKE_MODULE_PATH}/BuildLibEvent.cmake") if (LIBEVENT_BUILT) + SET(LIBEVENT_HAS_BEVCB YES) include_directories(${LIBEVENT_INCLUDE_DIR}) list (APPEND USCXML_CORE_LIBS ${LIBEVENT_LIBRARIES}) list (APPEND USCXML_PREREQS libevent) @@ -306,13 +319,25 @@ else() message(FATAL_ERROR "Could neither find nor build libevent") endif() endif() +if (";${LIBEVENT_LIBRARIES};" MATCHES "openssl") + # see https://stackoverflow.com/a/23326955/990120 + set(EVENT_SSL_FOUND ON) +endif() if (UNIX) list (APPEND USCXML_CORE_LIBS "pthread") endif() +#OpenSSL +find_package(OpenSSL) +if (OPENSSL_FOUND) + include_directories(${OPENSSL_INCLUDE_DIR}) + list (APPEND USCXML_CORE_LIBS ${OPENSSL_LIBRARIES}) +endif() + + -# uriparser +# uriparser - part of contrib now # find_package(uriparser) # if(URIPARSER_FOUND) # include_directories(${URIPARSER_INCLUDE_DIRS}) diff --git a/config.h.in b/config.h.in index b1132f9..69af116 100644 --- a/config.h.in +++ b/config.h.in @@ -98,6 +98,7 @@ #cmakedefine OPENSSL_FOUND #cmakedefine OPENSSL_HAS_ELIPTIC_CURVES #cmakedefine EVENT_SSL_FOUND +#cmakedefine LIBEVENT_HAS_BEVCB #cmakedefine EXPECT_FOUND #cmakedefine TCL_FOUND diff --git a/contrib/openssl/gen-keys.sh b/contrib/openssl/gen-keys.sh new file mode 100755 index 0000000..f4b8402 --- /dev/null +++ b/contrib/openssl/gen-keys.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +openssl req -x509 -sha256 -nodes -newkey rsa:4096 -keyout uscxml.key -out uscxml.cert \ No newline at end of file diff --git a/contrib/openssl/uscxml.cert b/contrib/openssl/uscxml.cert new file mode 100644 index 0000000..4dcf553 --- /dev/null +++ b/contrib/openssl/uscxml.cert @@ -0,0 +1,39 @@ +-----BEGIN CERTIFICATE----- +MIIG0DCCBLigAwIBAgIJAMy07XxUokBVMA0GCSqGSIb3DQEBCwUAMIGgMQswCQYD +VQQGEwJERTEOMAwGA1UECBMFSGVzc2UxEjAQBgNVBAcTCURhcm1zdGFkdDEVMBMG +A1UEChMMVFUgRGFybXN0YWR0MRAwDgYDVQQLEwdUSyBMYWJzMRgwFgYDVQQDEw9T +dGVmYW4gUmFkb21za2kxKjAoBgkqhkiG9w0BCQEWG3JhZG9tc2tpQHRrLnR1LWRh +cm1zdGFkdC5kZTAeFw0xNzA1MzAxNzEwMTdaFw0xNzA2MjkxNzEwMTdaMIGgMQsw +CQYDVQQGEwJERTEOMAwGA1UECBMFSGVzc2UxEjAQBgNVBAcTCURhcm1zdGFkdDEV +MBMGA1UEChMMVFUgRGFybXN0YWR0MRAwDgYDVQQLEwdUSyBMYWJzMRgwFgYDVQQD +Ew9TdGVmYW4gUmFkb21za2kxKjAoBgkqhkiG9w0BCQEWG3JhZG9tc2tpQHRrLnR1 +LWRhcm1zdGFkdC5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALUa +5WvyKdqUbzyntA8HaF/ib435auGsQljNvgWlj4BlcSpM5VIA0YzvLtRvZMkj0fzw +1aKwx0FhjM/6iuIYtCbBpyU8cTVHrX/iQ0mcU0ZX9DbRq3wKA8kSH9RuMGINtccy +x6539OPtfEdBqXngQpNJyVmiGRQ4bbi18ECKxXRY2FIZlVCEeBlcY/zbI7JS675f +/vvZMA1NeB1S3ZqxxDfygtU2fVhDF93XgI6+meOcRERjdZtXaVFA8Q7eNfbkiCzm +xwCoLzCrRmg0TyyEwo89psoeAL2x8I3CS1BWxwk3WAcpZvK9w185lSLmhLu3lGAl ++qHTjiIg0ZuD5UfQQo1vzUI13oNqhw9VQvfW81ALtNAJr4jeyqGK919gDEPp22YY +OfGcHowpwyv1dKEd/UIrpySbIzewGGliH57voLwJCE51YBXC254+hRsnCTYu/o39 +wIZfW11WvdiQbXYIx9X7NKYRb9qQnDgEaXIfJqmj49TftEwLBZzdEegRFhTVTf0w +btN46RmOSjMU79dPjTj365JhEG8wRiZOB6eQCt5/G9Wbv8a8VHPM0Yii2cxSZDOc +9xwQQjlJaKOirEgCerPsY/LdAQeNFNMuZTdAE8ovU01R0v7qJRUUHD7F7YHD95CD +TSIL5r3DgvCvcbqlbNGaLFEi3iKyOhKdmQU7y4NtAgMBAAGjggEJMIIBBTAdBgNV +HQ4EFgQUmscnsqok2D5QWVHVLeWSiUOwtH0wgdUGA1UdIwSBzTCByoAUmscnsqok +2D5QWVHVLeWSiUOwtH2hgaakgaMwgaAxCzAJBgNVBAYTAkRFMQ4wDAYDVQQIEwVI +ZXNzZTESMBAGA1UEBxMJRGFybXN0YWR0MRUwEwYDVQQKEwxUVSBEYXJtc3RhZHQx +EDAOBgNVBAsTB1RLIExhYnMxGDAWBgNVBAMTD1N0ZWZhbiBSYWRvbXNraTEqMCgG +CSqGSIb3DQEJARYbcmFkb21za2lAdGsudHUtZGFybXN0YWR0LmRlggkAzLTtfFSi +QFUwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAJpDrozAVc8hojvrQ +pY31KS1Kel8pmGsn3wT2bEWkQeB8aWtYUpUFh8c7mxxpZCXdUgp4ntV5PP39TmkZ +g8FKRr3C/EsiWW2DZzV1b9H3nbwgLuckuJmAyH/kd1SEo8lh6WvGisymoLdxQ0VR +uy98XM52UBlmMqRBxaOqhUbqrI3lcbBJTGuao1whmeLsKa/kqQJKXLv/ryeRd21j +Tg6n1ATW6WemIlGouSUN38uz6dXWNx5xcOZH65LSeeADT+WXN7R9Uxx4lTzqw6MH +4DzA+rcZBy1mwdMWSDNLGrQxQVGuLwULnTU5N/CMjtfkfvatxfsI+AWpMSGc/96k +SjgqmuJgkeqa/aOyCbGg+HqdfALs4ok42SnkD0GibvlrcBsBnsjcD8IqKMu+KPTy +xCSRjddgZ1JMpsymQWW5Wci5Ajz94fGFlgXYPMsrETQXAUyc7iaEJbIzHatHzGon +fa2HewS8OPeyojkhSGm5mhCU311lQZRrgdbS2jBeCmIGERr4Fgy2k0TYWPSIocMZ +3KDhgPBYYz5wFiKnjlcEXtm1DC+bDsx1IEPzWcup0hV6su1FfLWEp9iwKaTWCoOw +UkBn+L7iDvd1EctKuyOJ7s76hoy3fQr7jSDwNRz4lk46vpGS86xgiTbdxEBZlt/v +CZAzvpw0JKlsI1zvDiEAmpHFKFg= +-----END CERTIFICATE----- diff --git a/contrib/openssl/uscxml.key b/contrib/openssl/uscxml.key new file mode 100644 index 0000000..da63c9e --- /dev/null +++ b/contrib/openssl/uscxml.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAtRrla/Ip2pRvPKe0DwdoX+Jvjflq4axCWM2+BaWPgGVxKkzl +UgDRjO8u1G9kySPR/PDVorDHQWGMz/qK4hi0JsGnJTxxNUetf+JDSZxTRlf0NtGr +fAoDyRIf1G4wYg21xzLHrnf04+18R0GpeeBCk0nJWaIZFDhtuLXwQIrFdFjYUhmV +UIR4GVxj/NsjslLrvl/++9kwDU14HVLdmrHEN/KC1TZ9WEMX3deAjr6Z45xERGN1 +m1dpUUDxDt419uSILObHAKgvMKtGaDRPLITCjz2myh4AvbHwjcJLUFbHCTdYBylm +8r3DXzmVIuaEu7eUYCX6odOOIiDRm4PlR9BCjW/NQjXeg2qHD1VC99bzUAu00Amv +iN7KoYr3X2AMQ+nbZhg58ZwejCnDK/V0oR39QiunJJsjN7AYaWIfnu+gvAkITnVg +FcLbnj6FGycJNi7+jf3Ahl9bXVa92JBtdgjH1fs0phFv2pCcOARpch8mqaPj1N+0 +TAsFnN0R6BEWFNVN/TBu03jpGY5KMxTv10+NOPfrkmEQbzBGJk4Hp5AK3n8b1Zu/ +xrxUc8zRiKLZzFJkM5z3HBBCOUloo6KsSAJ6s+xj8t0BB40U0y5lN0ATyi9TTVHS +/uolFRQcPsXtgcP3kINNIgvmvcOC8K9xuqVs0ZosUSLeIrI6Ep2ZBTvLg20CAwEA +AQKCAgBKT4XxnAT2bk+SWNG2FPkL1vKlE8F6Zd83ZvxgfsV6DqW3kKPL2RAivwW9 +HxQAwFTqb7uJLPYlaqyHrisMiMxq1q0Jx1pAXW/geGvZqW41/+LyF2hA1i8lcu1i +kfACW9PJr5llik0OtSR4bIXov08x9mXLBIs708eZsfWp1gcdLVNdpKeyyRgqd9GD +MDvecM3QaL1Mg5qG6tGtXpIVZnm35yct61TVQXpqiYFzkNu+HCGa2iCoo95P+9Ct +pBoKe00w92SSbXAnjS+vlD8kajkW41orttHhBEFLOX0DsweqTW4uShu24Ixo50y9 +bE7sY3BbX1oOyqqYcFTxddY/eEHF7DGvltk9+txH522dvJX9gO+JGdkuKG6FkgAQ +WLhcO18302fzyiOmxEfdA2p+ZG6E1z3Q0ZChmSi4OtAuuSsqdxrc3YtsFO3/kt3Y +UTkKCis4wSk3WxeIIHY8YqXy4FVFvCsppJSj2m1F7vva+B5ui3iU/AnzmAbzKkJ8 +iMncz68AuMCAq14TtmfCiZZc5Jwf0Jwbhv4VWTVk9Jmke9oHCzPRdoNTQ4+xueIW +fs+piUy9XQ1OkQqlSUcf9LgzZhUBNcn1HMXyt6lXJNv/GH/dvPTynY0Dn1YQi+Fx +Ud34p/IAePbKOwPaPs8CWSF9QheGrOd/Nobxp+3cISFhXf/QtQKCAQEA42qwlY81 +UNYORDjP8DbZoHacsSnacH2l1a4XuJjGVtqttxvr5NIMxNVEshRccO1TLOa5ANmN +ShuaMjiUw2CI8qxtCM5RJrj65j4K9Wb7+3emqwL2LccIoV+rTtDE7xQ09mQEHb6D +iANriDQ7BZA27PpRIGamu0ZEEWf73uDAggP9GAeYPk5Ev26XpPd+9lUvxW2fPVHo +tYeaMIrYBxmlbpndg4g61JABMWj6RcDRkpTOQjbtobe/xcMyy8mshJs8oRbKK22P ++YVzgSWXL33R3LLpDgBNCoen6W89td+2f60hmQndkRSHXpbgJ6IqOm90AvzuVkR7 +86C+SZVGjKP0wwKCAQEAy94Xf+pFmRzslR0vQh7Uu8CkX0AGK4pla/yEfQh/JcbM +l/3+132wG7mFokGWYGsTGz991tby+H74renmboeLl2XxgkWmfEzJlm3a63fyaN1T +fB1DFFXXEJCw3sXtVIiIHErD8MIGNXj4Y3omPYzToM5Dqa8m9qLJCImTcHlrbMtw +U/K7b1GpFBd4DG5K0itSounT/8DOjU0T8gOQc4bxjuenjY+7SXrsMw2KyP6pw4LB +GZIs3gHv22WbhzYnLLio+JTOiHpeMMV3vb7GDdW93Nbx4OBm303D0UY+ihPOPN5U +pmSOiXskD+W5CoowVmGTDODOtQvjeSfhSiWrSdxkDwKCAQAiduzD/awK0CXhWOrK +cMWSd+dPQhSEr8YOGBAoPZ7xUrq44VZimyKsQdXjVwqbYpwUVfL7mfy7mmtH6SNC +aMLYZCEyEHJj9+yuMADhJ/ZQKdXsXMqKLXu1WRZRH3p48QsFvCqTh2fPmRUW0zOO +qEhqqZTZ4DSsdP2j1apqII2MJqaYma4M4zev+0aoDYoEMuzGctKLLHqj6CUJ7kDG +8rALju3vHRotVJWZs1sabxpTqJGJn2Fr/Ljnc6mjELFAd3Y8w4NoCXakTgEvNU8w +N1UyqTqAkLMcQWrFCcLEaV7zAn3w/3nAnufVAfB+kSjtKi7etQ45rK9MQLQV2rWS +YtaZAoIBACxj2X4SxsDGGYWGa0ncaLnRAnly+WT1p4vR2g9XkEfrd5UIyzqktXnz +9XMVEOdBqVFfi8kB2Lne+8ryiSg7/1sh6WpSPCQInERS+z4WSgQnXQxDWt3Mqx2C +Q+Dd/AVSDUELzopX1P5DruIKMNVqGpKDFxyVdMhzPY7MVfxBk/CGg5jj24grocMs +MQmT4lrM8BtlCrI/izodNGCYAhYFpgdVzZf3WfJv/4pGQpftS420pNMqjvZwOYfu +IeVZF0KXmsM1s5rn+iZoeOAp7/oHNmYlr1klw4CP8DlbMDbkhR2f05K/hoHM/Fcx +0A7JdCj66gf900R8qDUzR8zbUuasRGUCggEBAKRX1m5psx0LwmtEQYi5//qnMkmi +SAy5bIRwVEiNEfl4lZbo2exnpH+Z+cZngTdtN3wzw8Jxr75AlklTemLEm7E4O8C9 ++j56NfQ1yAsGXg0bp9ggfuqxwRz9W+xZb1d7cJmIDletniRCF0nvBon+pdpj4oPD +iH0qB44odRIs3DDcr2nU+86m8yfVAha6hqU+Ahb0DWo0cFqPar9h2xP1rM/8HGvv +qy+ML4GpmgoX/TGCwYbf0YoTCAN45OzaDGHeAha3e6bdKtTRTUis++K1BR3ElLmq +EwxgTDpP9juUjguL2v5nJylRU0QQV3OA6VdFUWkB/98y//2+5Q/cscS2qfM= +-----END RSA PRIVATE KEY----- diff --git a/src/uscxml/server/HTTPServer.cpp b/src/uscxml/server/HTTPServer.cpp index 5c56a8d..b180371 100644 --- a/src/uscxml/server/HTTPServer.cpp +++ b/src/uscxml/server/HTTPServer.cpp @@ -51,6 +51,13 @@ extern "C" { //#include #endif +#if (defined EVENT_SSL_FOUND && defined LIBEVENT_HAS_BEVCB && defined OPENSSL_FOUND) +extern "C" { +#include +#include +#include +} +#endif #include "uscxml/util/Convenience.h" // for toStr @@ -108,55 +115,86 @@ HTTPServer::HTTPServer(unsigned short port, unsigned short wsPort, SSLConfig* ss } } -#if (defined EVENT_SSL_FOUND && defined OPENSSL_FOUND && defined OPENSSL_HAS_ELIPTIC_CURVES) +#if (defined EVENT_SSL_FOUND && defined LIBEVENT_HAS_BEVCB && defined OPENSSL_FOUND) // have another look here https://github.com/ppelleti/https-example/blob/master/https-server.c - _sslHandle = NULL; - _https = NULL; + if (!sslConf) { _sslPort = 0; } else { _sslPort = sslConf->port; - // Initialize OpenSSL - SSL_library_init(); - ERR_load_crypto_strings(); - SSL_load_error_strings(); - OpenSSL_add_all_algorithms(); + SSL_library_init (); + SSL_load_error_strings (); + OpenSSL_add_all_algorithms (); + + SSL_CTX *ctx = SSL_CTX_new (SSLv23_server_method ()); + SSL_CTX_set_options (ctx, + SSL_OP_SINGLE_DH_USE | + SSL_OP_SINGLE_ECDH_USE | + SSL_OP_NO_SSLv2); + + EC_KEY *ecdh = EC_KEY_new_by_curve_name (NID_X9_62_prime256v1); + if (! ecdh) { + LOGD(USCXML_ERROR) << ("EC_KEY_new_by_curve_name"); + ERR_print_errors_fp(stderr); + goto FAIL_SSL_SETUP; + } + if (1 != SSL_CTX_set_tmp_ecdh (ctx, ecdh)) { + LOGD(USCXML_ERROR) << ("SSL_CTX_set_tmp_ecdh"); + ERR_print_errors_fp(stderr); + goto FAIL_SSL_SETUP; + } - _https = evhttp_new(_base); - evhttp_set_allowed_methods(_https, allowedMethods); // allow all methods + if (1 != SSL_CTX_use_certificate_chain_file(ctx, sslConf->publicKey.c_str())) { + LOGD(USCXML_ERROR) << ("SSL_CTX_use_certificate_chain_file"); + ERR_print_errors_fp(stderr); + goto FAIL_SSL_SETUP; + } - SSL_CTX* ctx = SSL_CTX_new (SSLv23_server_method ()); - SSL_CTX_set_options(ctx, - SSL_OP_SINGLE_DH_USE | - SSL_OP_SINGLE_ECDH_USE | - SSL_OP_NO_SSLv2); + if (1 != SSL_CTX_use_PrivateKey_file(ctx, sslConf->privateKey.c_str(), SSL_FILETYPE_PEM)) { + LOGD(USCXML_ERROR) << ("SSL_CTX_use_PrivateKey_file"); + ERR_print_errors_fp(stderr); + goto FAIL_SSL_SETUP; + } - EC_KEY* ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); - SSL_CTX_set_tmp_ecdh (ctx, ecdh); + if (1 != SSL_CTX_check_private_key(ctx)) { + LOGD(USCXML_ERROR) << ("SSL_CTX_check_private_key"); + ERR_print_errors_fp(stderr); + goto FAIL_SSL_SETUP; + } - SSL_CTX_use_certificate_chain_file(ctx, sslConf->publicKey.c_str()); - SSL_CTX_use_PrivateKey_file(ctx, sslConf->privateKey.c_str(), SSL_FILETYPE_PEM); - SSL_CTX_check_private_key(ctx); + _https = evhttp_new (_base); + if (! _https) { + LOGD(USCXML_ERROR) << ("Could not create evhttp for https"); + goto FAIL_SSL_SETUP; + } + /* This is the magic that lets evhttp use SSL. */ evhttp_set_bevcb(_https, sslBufferEventCallback, ctx); - evhttp_set_gencb(_https, sslGeneralBufferEventCallback, NULL); + + /* This is the callback that gets called when a request comes in. */ + evhttp_set_gencb(_https, httpRecvReqCallback, NULL); if (_sslPort > 0) { - _sslHandle = evhttp_bind_socket_with_handle(_https, INADDR_ANY, _sslPort); + _sslHandle = evhttp_bind_socket_with_handle(_https, "0.0.0.0", _sslPort); if (_sslHandle) { - LOG(USCXML_INFO) << "HTTPS server listening on tcp/" << _wsPort << std::endl; + LOGD(USCXML_INFO) << "HTTPS server listening on tcp/" << _sslPort << std::endl; } else { - LOG(USCXML_ERROR) << "HTTPS server cannot bind to tcp/" << _wsPort << std::endl; + LOGD(USCXML_ERROR) << "HTTPS server cannot bind to tcp/" << _sslPort << std::endl; } } + + } + +FAIL_SSL_SETUP: + ; #endif // evhttp_set_timeout(_http, 5); - // generic callback + // generic http callbacks evhttp_set_gencb(_http, HTTPServer::httpRecvReqCallback, NULL); evws_set_gencb(_evws, HTTPServer::wsRecvReqCallback, NULL); } @@ -185,7 +223,7 @@ HTTPServer* HTTPServer::getInstance(unsigned short port, unsigned short wsPort, _instance = new HTTPServer(port, wsPort, sslConf); // only start if we have something to do! -#if (defined EVENT_SSL_FOUND && defined OPENSSL_FOUND && defined OPENSSL_HAS_ELIPTIC_CURVES) +#if (defined EVENT_SSL_FOUND && defined LIBEVENT_HAS_BEVCB && defined OPENSSL_FOUND && defined OPENSSL_HAS_ELIPTIC_CURVES) if (_instance->_httpHandle || _instance->_wsHandle || _instance->_sslHandle) #else if (_instance->_httpHandle || _instance->_wsHandle) @@ -431,7 +469,6 @@ void HTTPServer::httpRecvReqCallback(struct evhttp_request *req, void *callbackD HTTPServer::getInstance()->processByMatchingServlet(request); } - void HTTPServer::processByMatchingServlet(const Request& request) { std::lock_guard lock(_mutex); @@ -677,7 +714,7 @@ std::string HTTPServer::getBaseURL(ServerType type) { case HTTP: servletURL << "http://" << INSTANCE->_address << ":" << INSTANCE->_port; break; -#if (defined EVENT_SSL_FOUND && defined OPENSSL_FOUND && defined OPENSSL_HAS_ELIPTIC_CURVES) +#if (defined EVENT_SSL_FOUND && defined LIBEVENT_HAS_BEVCB && defined OPENSSL_FOUND) case HTTPS: servletURL << "https://" << INSTANCE->_address << ":" << INSTANCE->_sslPort; break; @@ -711,7 +748,7 @@ void HTTPServer::determineAddress() { } -#if (defined EVENT_SSL_FOUND && defined OPENSSL_FOUND && defined OPENSSL_HAS_ELIPTIC_CURVES) +#if (defined EVENT_SSL_FOUND && defined LIBEVENT_HAS_BEVCB && defined OPENSSL_FOUND) // see https://github.com/ppelleti/https-example/blob/master/https-server.c struct bufferevent* HTTPServer::sslBufferEventCallback(struct event_base *base, void *arg) { struct bufferevent* r; @@ -723,71 +760,6 @@ struct bufferevent* HTTPServer::sslBufferEventCallback(struct event_base *base, BEV_OPT_CLOSE_ON_FREE); return r; } - - -void HTTPServer::sslGeneralBufferEventCallback (struct evhttp_request *req, void *arg) { - struct evbuffer *evb = NULL; - const char *uri = evhttp_request_get_uri (req); - struct evhttp_uri *decoded = NULL; - - /* We only handle POST requests. */ - if (evhttp_request_get_command (req) != EVHTTP_REQ_POST) { - evhttp_send_reply (req, 200, "OK", NULL); - return; - } - - printf ("Got a POST request for <%s>\n", uri); - - /* Decode the URI */ - decoded = evhttp_uri_parse (uri); - if (! decoded) { - printf ("It's not a good URI. Sending BADREQUEST\n"); - evhttp_send_error (req, HTTP_BADREQUEST, 0); - return; - } - - /* Decode the payload */ - struct evkeyvalq kv; - memset (&kv, 0, sizeof (kv)); - struct evbuffer *buf = evhttp_request_get_input_buffer (req); - evbuffer_add (buf, "", 1); /* NUL-terminate the buffer */ - char *payload = (char *) evbuffer_pullup (buf, -1); - if (0 != evhttp_parse_query_str (payload, &kv)) { - printf ("Malformed payload. Sending BADREQUEST\n"); - evhttp_send_error (req, HTTP_BADREQUEST, 0); - return; - } - - /* Determine peer */ - char *peer_addr; - ev_uint16_t peer_port; - struct evhttp_connection *con = evhttp_request_get_connection (req); - evhttp_connection_get_peer (con, &peer_addr, &peer_port); - - /* Extract passcode */ - const char *passcode = evhttp_find_header (&kv, "passcode"); - char response[256]; - evutil_snprintf (response, sizeof (response), - "Hi %s! I %s your passcode.\n", peer_addr, - (0 == strcmp (passcode, "R23") - ? "liked" - : "didn't like")); - evhttp_clear_headers (&kv); /* to free memory held by kv */ - - /* This holds the content we're sending. */ - evb = evbuffer_new (); - - evhttp_add_header (evhttp_request_get_output_headers (req), - "Content-Type", "application/x-yaml"); - evbuffer_add (evb, response, strlen (response)); - - evhttp_send_reply (req, 200, "OK", evb); - - if (decoded) - evhttp_uri_free (decoded); - if (evb) - evbuffer_free (evb); -} #endif } diff --git a/src/uscxml/server/HTTPServer.h b/src/uscxml/server/HTTPServer.h index a584360..6486770 100644 --- a/src/uscxml/server/HTTPServer.h +++ b/src/uscxml/server/HTTPServer.h @@ -187,13 +187,12 @@ private: friend class HTTPServlet; friend class WebSocketServlet; -#if (defined EVENT_SSL_FOUND && defined OPENSSL_FOUND && defined OPENSSL_HAS_ELIPTIC_CURVES) +#if (defined EVENT_SSL_FOUND && defined LIBEVENT_HAS_BEVCB && defined OPENSSL_FOUND) struct evhttp* _https; struct evhttp_bound_socket* _sslHandle; unsigned short _sslPort; static struct bufferevent* sslBufferEventCallback(struct event_base *base, void *arg); - static void sslGeneralBufferEventCallback (struct evhttp_request *req, void *arg); #endif }; -- cgit v0.12