2019-06-26 22:11:22 +02:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <sys/socket.h>
|
|
|
|
|
#include <arpa/inet.h>
|
|
|
|
|
#include <openssl/ssl.h>
|
|
|
|
|
#include <openssl/err.h>
|
|
|
|
|
#include <cstring>
|
|
|
|
|
#include <iostream>
|
|
|
|
|
#include <deque>
|
|
|
|
|
#include <ThreadPool/Mutex.h>
|
|
|
|
|
#include <ThreadPool/Thread.h>
|
|
|
|
|
#include <src/log/LogUtils.h>
|
|
|
|
|
#include <src/ssl/SSLSocket.h>
|
|
|
|
|
#include <event.h>
|
|
|
|
|
#include <src/ws/WebSocket.h>
|
|
|
|
|
|
|
|
|
|
using namespace std;
|
|
|
|
|
int create_socket(int port)
|
|
|
|
|
{
|
2020-01-24 02:49:59 +01:00
|
|
|
int s;
|
|
|
|
|
struct sockaddr_in addr;
|
|
|
|
|
|
|
|
|
|
addr.sin_family = AF_INET;
|
|
|
|
|
addr.sin_port = htons(port);
|
|
|
|
|
addr.sin_addr.s_addr = htonl(INADDR_ANY);
|
|
|
|
|
|
|
|
|
|
s = socket(AF_INET, SOCK_STREAM, 0);
|
|
|
|
|
if (s < 0) {
|
|
|
|
|
perror("Unable to create socket");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
int optval = 1;
|
|
|
|
|
if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(int)) < 0)
|
|
|
|
|
printf("Cannot set SO_REUSEADDR option on listen socket (%s)\n", strerror(errno));
|
|
|
|
|
|
|
|
|
|
if (setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &optval, sizeof(int)) < 0)
|
|
|
|
|
printf("Cannot set SO_REUSEADDR option on listen socket (%s)\n", strerror(errno));
|
|
|
|
|
|
|
|
|
|
if (bind(s, (struct sockaddr*)&addr, sizeof(addr)) < 0) {
|
|
|
|
|
perror("Unable to bind");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
if (listen(s, 1) < 0) {
|
|
|
|
|
perror("Unable to listen");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return s;
|
2019-06-26 22:11:22 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void setNonBlock(int fd) {
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void init_openssl()
|
|
|
|
|
{
|
2020-01-24 02:49:59 +01:00
|
|
|
SSL_load_error_strings();
|
|
|
|
|
OpenSSL_add_ssl_algorithms();
|
2019-06-26 22:11:22 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void cleanup_openssl()
|
|
|
|
|
{
|
2020-01-24 02:49:59 +01:00
|
|
|
EVP_cleanup();
|
2019-06-26 22:11:22 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SSL_CTX *create_context()
|
|
|
|
|
{
|
2020-01-24 02:49:59 +01:00
|
|
|
const SSL_METHOD *method;
|
|
|
|
|
SSL_CTX *ctx;
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
method = SSLv23_server_method();
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
ctx = SSL_CTX_new(method);
|
|
|
|
|
if (!ctx) {
|
|
|
|
|
perror("Unable to create SSL context");
|
|
|
|
|
ERR_print_errors_fp(stderr);
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
return ctx;
|
2019-06-26 22:11:22 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//#define CERTIFICATE_FILE "cert.pem"
|
|
|
|
|
//#define KEY_FILE "key.pem"
|
|
|
|
|
#define CERTIFICATE_FILE "/home/wolverindev/TeamSpeak/server/environment/default_certificate.pem"
|
|
|
|
|
#define KEY_FILE "/home/wolverindev/TeamSpeak/server/environment/default_privatekey.pem"
|
|
|
|
|
|
|
|
|
|
std::pair<EVP_PKEY*, X509*> createCerts(pem_password_cb* password) {
|
|
|
|
|
/*
|
2020-01-24 02:49:59 +01:00
|
|
|
auto bio = BIO_new_file("cert.pem", "r");
|
|
|
|
|
if(!bio) {
|
|
|
|
|
ERR_print_errors_fp(stderr);
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
auto cert = PEM_read_bio_X509(bio, nullptr, password, nullptr);
|
|
|
|
|
if(!cert) {
|
|
|
|
|
ERR_print_errors_fp(stderr);
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
BIO_free(bio);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
bio = BIO_new_file("key.pem", "r");
|
|
|
|
|
if(!bio) {
|
|
|
|
|
ERR_print_errors_fp(stderr);
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
auto key = PEM_read_bio_PrivateKey(bio, nullptr, password, nullptr);
|
|
|
|
|
|
|
|
|
|
if(!key) {
|
|
|
|
|
ERR_print_errors_fp(stderr);
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
BIO_free(bio);
|
2019-06-26 22:11:22 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
auto key = std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)>(EVP_PKEY_new(), ::EVP_PKEY_free);
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
auto rsa = RSA_new();
|
|
|
|
|
auto e = std::unique_ptr<BIGNUM, decltype(&BN_free)>(BN_new(), ::BN_free);
|
|
|
|
|
BN_set_word(e.get(), RSA_F4);
|
|
|
|
|
if(!RSA_generate_key_ex(rsa, 2048, e.get(), nullptr)) return {nullptr, nullptr};
|
|
|
|
|
EVP_PKEY_assign_RSA(key.get(), rsa);
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
auto cert = X509_new();
|
|
|
|
|
X509_set_pubkey(cert, key.get());
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
ASN1_INTEGER_set(X509_get_serialNumber(cert), 3);
|
|
|
|
|
X509_gmtime_adj(X509_get_notBefore(cert), 0);
|
|
|
|
|
X509_gmtime_adj(X509_get_notAfter(cert), 31536000L);
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
X509_NAME* name = X509_get_subject_name(cert);
|
|
|
|
|
X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, (unsigned char *) "DE", -1, -1, 0);
|
|
|
|
|
X509_NAME_add_entry_by_txt(name, "O", MBSTRING_ASC, (unsigned char *) "TeaSpeak", -1, -1, 0);
|
|
|
|
|
X509_NAME_add_entry_by_txt(name, "OU", MBSTRING_ASC, (unsigned char *) "Web Server", -1, -1, 0);
|
|
|
|
|
X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_ASC, (unsigned char *)"contact@teaspeak.de", -1, -1, 0);
|
|
|
|
|
X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (unsigned char *)"web.teaspeak.de", -1, -1, 0);
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
X509_set_issuer_name(cert, name);
|
|
|
|
|
X509_set_subject_name(cert, name);
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
X509_sign(cert, key.get(), EVP_sha512());
|
2019-06-26 22:11:22 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
return {key.release(), cert};
|
2019-06-26 22:11:22 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Generate key:
|
|
|
|
|
|
|
|
|
|
openssl req -x509 -out cert.pem -newkey rsa:2048 -keyout key.pem -days 365 -passout pass:markus -config <(
|
|
|
|
|
cat <<-EOF
|
|
|
|
|
[req]
|
|
|
|
|
default_bits = 2048
|
|
|
|
|
prompt = no
|
|
|
|
|
default_md = sha256
|
|
|
|
|
distinguished_name = dn
|
|
|
|
|
|
|
|
|
|
[ dn ]
|
|
|
|
|
C=DE
|
|
|
|
|
O=TeaSpeak
|
|
|
|
|
OU=Web Server
|
|
|
|
|
emailAddress=contact@teaspeak.de
|
|
|
|
|
CN = web.teaspeak.de
|
|
|
|
|
EOF
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
void configure_context(SSL_CTX *ctx)
|
|
|
|
|
{
|
2020-01-24 02:49:59 +01:00
|
|
|
SSL_CTX_set_ecdh_auto(ctx, 1);
|
|
|
|
|
auto certs = createCerts([](char* buffer, int length, int rwflag, void* data) -> int {
|
|
|
|
|
std::string password = "markus";
|
|
|
|
|
memcpy(buffer, password.data(), password.length());
|
|
|
|
|
return password.length();
|
|
|
|
|
});
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
PEM_write_X509(stdout, certs.second);
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
if (SSL_CTX_use_PrivateKey(ctx, certs.first) <= 0 ) {
|
|
|
|
|
ERR_print_errors_fp(stderr);
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
if (SSL_CTX_use_certificate(ctx, certs.second) <= 0 ) {
|
|
|
|
|
ERR_print_errors_fp(stderr);
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
2019-06-26 22:11:22 +02:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct Client {
|
2020-01-24 02:49:59 +01:00
|
|
|
int fd;
|
|
|
|
|
ssl::SSLSocket ssl;
|
|
|
|
|
ws::WebSocket ws;
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
std::deque<std::string> writeQueue;
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
event* read;
|
|
|
|
|
event* write;
|
2019-06-26 22:11:22 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
void handleRead(int fd, short, void* ptrClient) {
|
2020-01-24 02:49:59 +01:00
|
|
|
auto client = (Client*) ptrClient;
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
ssize_t bufferLength = 1024;
|
|
|
|
|
char buffer[bufferLength];
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
bufferLength = recv(client->fd, buffer, bufferLength, MSG_DONTWAIT);
|
|
|
|
|
if(bufferLength < 0){
|
|
|
|
|
cout << "Invalid read: " << bufferLength << " / " << errno << endl;
|
|
|
|
|
event_del(client->read);
|
|
|
|
|
event_del(client->write);
|
|
|
|
|
return;
|
|
|
|
|
} else if(bufferLength == 0) return;
|
2019-06-26 22:11:22 +02:00
|
|
|
|
2020-01-24 02:49:59 +01:00
|
|
|
cout << "Read " << bufferLength << " bytes" << endl;
|
|
|
|
|
client->ssl.proceedMessage(string(buffer, bufferLength));
|
2019-06-26 22:11:22 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void handleWrite(int fd, short, void* ptrClient) {
|
2020-01-24 02:49:59 +01:00
|
|
|
auto client = (Client*) ptrClient;
|
|
|
|
|
while(!client->writeQueue.empty()) {
|
|
|
|
|
auto message = std::move(client->writeQueue.front());
|
|
|
|
|
client->writeQueue.pop_front();
|
|
|
|
|
send(client->fd, message.data(), message.length(), 0);
|
|
|
|
|
cout << "Send " << message.length() << " bytes" << endl;
|
|
|
|
|
}
|
2019-06-26 22:11:22 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int main(int argc, char **argv)
|
|
|
|
|
{
|
2020-01-24 02:49:59 +01:00
|
|
|
int sock;
|
|
|
|
|
SSL_CTX *ctx;
|
|
|
|
|
|
|
|
|
|
init_openssl();
|
|
|
|
|
ctx = create_context();
|
|
|
|
|
configure_context(ctx);
|
|
|
|
|
|
|
|
|
|
sock = create_socket(4433);
|
|
|
|
|
|
|
|
|
|
auto evLoop = event_base_new();
|
|
|
|
|
threads::Thread([evLoop](){
|
|
|
|
|
while(true) {
|
|
|
|
|
event_base_dispatch(evLoop);
|
|
|
|
|
threads::self::sleep_for(std::chrono::milliseconds(10));
|
|
|
|
|
};
|
|
|
|
|
cerr << "event_base_dispatch() exited!" << endl;
|
|
|
|
|
}).detach();
|
|
|
|
|
/* Handle connections */
|
|
|
|
|
cout << "Waiting!" << endl;
|
|
|
|
|
while(1) {
|
|
|
|
|
struct sockaddr_in addr{};
|
|
|
|
|
uint len = sizeof(addr);
|
|
|
|
|
|
|
|
|
|
int fd = accept(sock, (struct sockaddr*)&addr, &len);
|
|
|
|
|
if (fd < 0) {
|
|
|
|
|
perror("Unable to accept");
|
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
|
}
|
|
|
|
|
auto client = new Client{};
|
|
|
|
|
client->fd = fd;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
client->read = event_new(evLoop, fd, EV_READ | EV_PERSIST, handleRead, client);
|
|
|
|
|
client->write = event_new(evLoop, fd, EV_WRITE, handleWrite, client);
|
|
|
|
|
|
|
|
|
|
client->ssl.callback_error = [](ssl::SSLSocketError, const std::string& error) {
|
|
|
|
|
cout << error << endl;
|
|
|
|
|
};
|
|
|
|
|
client->ssl.callback_write = [client](const std::string& buffer) {
|
|
|
|
|
client->writeQueue.push_back(buffer);
|
|
|
|
|
event_add(client->write, nullptr);
|
|
|
|
|
};
|
|
|
|
|
client->ssl.callback_read = [client](const std::string& buffer) {
|
|
|
|
|
cout << buffer;
|
|
|
|
|
client->ws.proceedMessage(buffer);
|
|
|
|
|
};
|
|
|
|
|
auto ptr = std::shared_ptr<SSL_CTX>(ctx, [](SSL_CTX*){});
|
|
|
|
|
client->ssl.initialize(ptr);
|
|
|
|
|
|
|
|
|
|
client->ws.on_message = [](const std::string& message) {
|
|
|
|
|
cout << "[WS] Message: " << endl << message << endl;
|
|
|
|
|
};
|
|
|
|
|
client->ws.write_message = [client](const std::string& data) {
|
|
|
|
|
cout << "[WS] Send: " << endl << data << endl;
|
|
|
|
|
client->ssl.sendMessage(data);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
client->ws.initialize();
|
|
|
|
|
|
|
|
|
|
event_add(client->read, nullptr);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
close(sock);
|
|
|
|
|
SSL_CTX_free(ctx);
|
|
|
|
|
cleanup_openssl();
|
2019-06-26 22:11:22 +02:00
|
|
|
}
|
