| // Copyright 2015 The Weave Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "examples/provider/event_http_server.h" |
| |
| #include <vector> |
| |
| #include <base/bind.h> |
| #include <base/time/time.h> |
| #include <event2/bufferevent_ssl.h> |
| #include <evhtp.h> |
| #include <openssl/err.h> |
| |
| #include "examples/provider/event_task_runner.h" |
| |
| namespace weave { |
| namespace examples { |
| |
| namespace { |
| |
| std::string GetSslError() { |
| char error[1000] = {}; |
| ERR_error_string_n(ERR_get_error(), error, sizeof(error)); |
| return error; |
| } |
| |
| } // namespace |
| |
| class HttpServerImpl::RequestImpl : public Request { |
| public: |
| RequestImpl(EventPtr<evhtp_request_t> req) : req_(std::move(req)) { |
| evbuf_t* input_buffer = |
| bufferevent_get_input(evhtp_request_get_bev(req_.get())); |
| data_.resize(evbuffer_get_length(input_buffer)); |
| evbuffer_remove(input_buffer, &data_[0], data_.size()); |
| } |
| |
| ~RequestImpl() {} |
| |
| std::string GetPath() const override { return req_->uri->path->full; } |
| |
| std::string GetFirstHeader(const std::string& name) const override { |
| const char* header = evhtp_header_find(req_->headers_in, name.c_str()); |
| if (!header) |
| return {}; |
| return header; |
| } |
| |
| std::string GetData() { return data_; } |
| |
| void SendReply(int status_code, |
| const std::string& data, |
| const std::string& mime_type) override { |
| EventPtr<evbuffer> buf{evbuffer_new()}; |
| evbuffer_add(buf.get(), data.data(), data.size()); |
| evhtp_header_key_add(req_->headers_out, "Content-Type", 0); |
| evhtp_header_val_add(req_->headers_out, mime_type.c_str(), 1); |
| evhtp_send_reply_start(req_.get(), status_code); |
| evhtp_send_reply_body(req_.get(), buf.get()); |
| evhtp_send_reply_end(req_.get()); |
| } |
| |
| private: |
| EventPtr<evhtp_request_t> req_; |
| std::string data_; |
| }; |
| |
| HttpServerImpl::HttpServerImpl(EventTaskRunner* task_runner) |
| : task_runner_{task_runner} { |
| SSL_load_error_strings(); |
| SSL_library_init(); |
| |
| std::unique_ptr<SSL_CTX, decltype(&SSL_CTX_free)> ctx{ |
| SSL_CTX_new(TLSv1_2_server_method()), &SSL_CTX_free}; |
| CHECK(ctx); |
| SSL_CTX_set_options(ctx.get(), SSL_OP_SINGLE_DH_USE | SSL_OP_SINGLE_ECDH_USE | |
| SSL_OP_NO_SSLv2); |
| |
| std::unique_ptr<EC_KEY, decltype(&EC_KEY_free)> ec_key{ |
| EC_KEY_new_by_curve_name(NID_X9_62_prime256v1), &EC_KEY_free}; |
| CHECK(ec_key) << GetSslError(); |
| CHECK_EQ(1, SSL_CTX_set_tmp_ecdh(ctx.get(), ec_key.get())) << GetSslError(); |
| |
| std::unique_ptr<X509, decltype(&X509_free)> x509{X509_new(), &X509_free}; |
| CHECK(x509); |
| std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)> pkey{EVP_PKEY_new(), |
| &EVP_PKEY_free}; |
| CHECK(pkey); |
| GenerateX509(x509.get(), pkey.get()); |
| CHECK_EQ(1, SSL_CTX_use_PrivateKey(ctx.get(), pkey.get())) << GetSslError(); |
| CHECK_EQ(1, SSL_CTX_use_certificate(ctx.get(), x509.get())) << GetSslError(); |
| |
| CHECK_EQ(1, SSL_CTX_check_private_key(ctx.get())) << GetSslError(); |
| |
| httpd_.reset(evhtp_new(task_runner_->GetEventBase(), nullptr)); |
| CHECK(httpd_); |
| httpsd_.reset(evhtp_new(task_runner_->GetEventBase(), nullptr)); |
| CHECK(httpsd_); |
| |
| httpsd_.get()->ssl_ctx = ctx.release(); |
| |
| CHECK_EQ(0, evhtp_bind_socket(httpd_.get(), "0.0.0.0", GetHttpPort(), -1)); |
| CHECK_EQ(0, evhtp_bind_socket(httpsd_.get(), "0.0.0.0", GetHttpsPort(), -1)); |
| } |
| |
| void HttpServerImpl::GenerateX509(X509* x509, EVP_PKEY* pkey) { |
| CHECK(x509) << GetSslError(); |
| |
| X509_set_version(x509, 2); |
| |
| X509_gmtime_adj(X509_get_notBefore(x509), 0); |
| X509_gmtime_adj(X509_get_notAfter(x509), |
| base::TimeDelta::FromDays(365).InSeconds()); |
| |
| CHECK(pkey) << GetSslError(); |
| std::unique_ptr<BIGNUM, decltype(&BN_free)> big_num(BN_new(), &BN_free); |
| CHECK(BN_set_word(big_num.get(), 65537)) << GetSslError(); |
| auto rsa = RSA_new(); |
| RSA_generate_key_ex(rsa, 2048, big_num.get(), nullptr); |
| CHECK(EVP_PKEY_assign_RSA(pkey, rsa)) << GetSslError(); |
| |
| X509_set_pubkey(x509, pkey); |
| |
| CHECK(X509_sign(x509, pkey, EVP_sha256())) << GetSslError(); |
| |
| cert_fingerprint_.resize(EVP_MD_size(EVP_sha256())); |
| uint32_t len = 0; |
| CHECK(X509_digest(x509, EVP_sha256(), cert_fingerprint_.data(), &len)); |
| CHECK_EQ(len, cert_fingerprint_.size()); |
| } |
| |
| void HttpServerImpl::NotFound(evhtp_request_t* req) { |
| EventPtr<evbuffer> buf{evbuffer_new()}; |
| evbuffer_add_printf(buf.get(), "404 Not Found: %s\n", req->uri->path->full); |
| evhtp_send_reply_start(req, 404); |
| evhtp_send_reply_body(req, buf.get()); |
| evhtp_send_reply_end(req); |
| } |
| |
| void HttpServerImpl::ProcessRequest(evhtp_request_t* req) { |
| std::unique_ptr<RequestImpl> request{new RequestImpl{EventPtr<evhtp_request_t>{req}}}; |
| std::string path = request->GetPath(); |
| auto it = handlers_.find(path); |
| if (it != handlers_.end()) { |
| return it->second.Run(std::move(request)); |
| } |
| NotFound(req); |
| } |
| |
| void HttpServerImpl::ProcessRequestCallback(evhtp_request_t* req, void* arg) { |
| static_cast<HttpServerImpl*>(arg)->ProcessRequest(req); |
| } |
| |
| void HttpServerImpl::AddHttpRequestHandler( |
| const std::string& path, |
| const RequestHandlerCallback& callback) { |
| handlers_.insert(std::make_pair(path, callback)); |
| evhtp_set_cb(httpd_.get(), path.c_str(), &ProcessRequestCallback, this); |
| } |
| |
| void HttpServerImpl::AddHttpsRequestHandler( |
| const std::string& path, |
| const RequestHandlerCallback& callback) { |
| handlers_.insert(std::make_pair(path, callback)); |
| evhtp_set_cb(httpsd_.get(), path.c_str(), &ProcessRequestCallback, this); |
| } |
| |
| void HttpServerImpl::ProcessReply(std::shared_ptr<RequestImpl> request, |
| int status_code, |
| const std::string& data, |
| const std::string& mime_type) {} |
| |
| uint16_t HttpServerImpl::GetHttpPort() const { |
| return 7780; |
| } |
| |
| uint16_t HttpServerImpl::GetHttpsPort() const { |
| return 7781; |
| } |
| |
| base::TimeDelta HttpServerImpl::GetRequestTimeout() const { |
| return base::TimeDelta::Max(); |
| } |
| |
| std::vector<uint8_t> HttpServerImpl::GetHttpsCertificateFingerprint() const { |
| return cert_fingerprint_; |
| } |
| |
| } // namespace examples |
| } // namespace weave |