2019-07-28 10:31:56 +08:00
|
|
|
|
#include "stdafx.h"
|
2014-11-19 00:25:21 +08:00
|
|
|
|
#include "master_service.h"
|
|
|
|
|
|
|
|
|
|
////////////////////////////////////////////////////////////////////////////////
|
2019-07-28 10:31:56 +08:00
|
|
|
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
2014-11-19 00:25:21 +08:00
|
|
|
|
|
2017-08-04 22:37:00 +08:00
|
|
|
|
char *var_cfg_ssl_path;
|
2014-11-19 00:25:21 +08:00
|
|
|
|
char *var_cfg_crt_file;
|
|
|
|
|
char *var_cfg_key_file;
|
|
|
|
|
acl::master_str_tbl var_conf_str_tab[] = {
|
2020-01-02 23:29:06 +08:00
|
|
|
|
#ifdef __APPLE__
|
2020-01-06 15:29:03 +08:00
|
|
|
|
{ "ssl_path", "../libmbedcrypto.dylib;../libmbedx509.dylib;../libmbedtls.dylib", &var_cfg_ssl_path },
|
2020-01-02 23:29:06 +08:00
|
|
|
|
#else
|
2020-01-06 17:51:33 +08:00
|
|
|
|
{ "ssl_path", "../libmbedcrypto.so;../libmbedx509.so;../libmbedtls.so", &var_cfg_ssl_path },
|
2020-01-02 23:29:06 +08:00
|
|
|
|
#endif
|
2015-03-08 21:34:00 +08:00
|
|
|
|
{ "crt_file", "./ssl_crt.pem", &var_cfg_crt_file },
|
|
|
|
|
{ "key_file", "./ssl_key.pem", &var_cfg_key_file },
|
2014-11-19 00:25:21 +08:00
|
|
|
|
|
|
|
|
|
{ 0, 0, 0 }
|
|
|
|
|
};
|
|
|
|
|
|
2020-01-02 23:29:06 +08:00
|
|
|
|
int var_cfg_use_mbedtls;
|
2014-11-19 00:25:21 +08:00
|
|
|
|
int var_cfg_session_cache;
|
|
|
|
|
acl::master_bool_tbl var_conf_bool_tab[] = {
|
2020-01-02 23:29:06 +08:00
|
|
|
|
{ "use_mbedtls", 1, &var_cfg_use_mbedtls },
|
2014-11-19 00:25:21 +08:00
|
|
|
|
{ "session_cache", 1, &var_cfg_session_cache },
|
|
|
|
|
|
|
|
|
|
{ 0, 0, 0 }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
int var_cfg_io_timeout;
|
|
|
|
|
acl::master_int_tbl var_conf_int_tab[] = {
|
|
|
|
|
{ "io_timeout", 60, &var_cfg_io_timeout, 0, 0 },
|
|
|
|
|
|
|
|
|
|
{ 0, 0 , 0 , 0, 0 }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
acl::master_int64_tbl var_conf_int64_tab[] = {
|
|
|
|
|
|
|
|
|
|
{ 0, 0 , 0 , 0, 0 }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
master_service::master_service()
|
|
|
|
|
: conf_(NULL)
|
|
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
master_service::~master_service()
|
|
|
|
|
{
|
2020-01-02 23:29:06 +08:00
|
|
|
|
if (conf_) {
|
2014-11-19 00:25:21 +08:00
|
|
|
|
delete conf_;
|
2020-01-02 23:29:06 +08:00
|
|
|
|
}
|
2014-11-19 00:25:21 +08:00
|
|
|
|
}
|
|
|
|
|
|
2020-01-02 23:29:06 +08:00
|
|
|
|
static acl::sslbase_io* setup_ssl(acl::socket_stream& conn,
|
|
|
|
|
acl::sslbase_conf& conf)
|
2014-11-19 00:25:21 +08:00
|
|
|
|
{
|
2020-01-02 23:29:06 +08:00
|
|
|
|
acl::sslbase_io* hook = (acl::sslbase_io*) conn.get_hook();
|
|
|
|
|
if (hook != NULL) {
|
2014-11-30 21:15:35 +08:00
|
|
|
|
return hook;
|
2020-01-02 23:29:06 +08:00
|
|
|
|
}
|
2014-11-19 00:25:21 +08:00
|
|
|
|
|
2019-07-28 10:31:56 +08:00
|
|
|
|
// <20><><EFBFBD><EFBFBD>ʹ<EFBFBD><CAB9> SSL <20><>ʽ<EFBFBD><CABD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ҫ<EFBFBD><D2AA> SSL IO <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ע<EFBFBD><D7A2><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>У<EFBFBD><D0A3><EFBFBD><EFBFBD><EFBFBD> ssl io <20>滻 stream <20><>Ĭ<EFBFBD>ϵĵײ<C4B5> IO <20><><EFBFBD><EFBFBD>
|
2014-11-19 00:25:21 +08:00
|
|
|
|
|
2014-12-07 23:48:11 +08:00
|
|
|
|
//logger("begin setup ssl hook...");
|
2014-11-19 00:25:21 +08:00
|
|
|
|
|
2019-07-28 10:31:56 +08:00
|
|
|
|
// <20><><EFBFBD>÷<EFBFBD><C3B7><EFBFBD><EFBFBD><EFBFBD> SSL <20><><EFBFBD>ַ<EFBFBD>ʽ
|
2020-07-16 09:12:39 +08:00
|
|
|
|
acl::sslbase_io* ssl = conf.create(true);
|
2020-01-02 23:29:06 +08:00
|
|
|
|
if (conn.setup_hook(ssl) == ssl) {
|
2014-11-19 00:25:21 +08:00
|
|
|
|
logger_error("setup_hook error!");
|
|
|
|
|
ssl->destroy();
|
2014-11-30 21:15:35 +08:00
|
|
|
|
return NULL;
|
2014-11-19 00:25:21 +08:00
|
|
|
|
}
|
|
|
|
|
|
2020-01-02 23:29:06 +08:00
|
|
|
|
logger("setup hook ok, tid: %lu", acl::thread::thread_self());
|
2014-11-30 21:15:35 +08:00
|
|
|
|
return ssl;
|
2014-11-19 00:25:21 +08:00
|
|
|
|
}
|
|
|
|
|
|
2020-01-02 23:29:06 +08:00
|
|
|
|
static bool do_run(acl::socket_stream& conn, acl::sslbase_io*)
|
2014-11-19 00:25:21 +08:00
|
|
|
|
{
|
2014-12-07 23:48:11 +08:00
|
|
|
|
acl::string* buf =(acl::string*) conn.get_ctx();
|
|
|
|
|
|
2019-07-28 10:31:56 +08:00
|
|
|
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ģʽ<C4A3><CABD>ȡһ<C8A1>У<EFBFBD><D0A3>÷<EFBFBD><C3B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʽ<EFBFBD><CABD><EFBFBD><EFBFBD> polarssl_io <20><><EFBFBD>ĵײ<C4B5>
|
|
|
|
|
// IO <20><><EFBFBD>̱<EFBFBD><CCB1>ϵ<EFBFBD>
|
2020-01-02 23:29:06 +08:00
|
|
|
|
if (!conn.gets_peek(buf, false)) {
|
|
|
|
|
if (conn.eof()) {
|
|
|
|
|
printf("peek error\n");
|
2014-12-07 23:48:11 +08:00
|
|
|
|
return false;
|
2020-01-02 23:29:06 +08:00
|
|
|
|
} else {
|
2014-12-07 23:48:11 +08:00
|
|
|
|
return true;
|
2020-01-02 23:29:06 +08:00
|
|
|
|
}
|
2014-12-07 23:48:11 +08:00
|
|
|
|
}
|
|
|
|
|
|
2019-07-28 10:31:56 +08:00
|
|
|
|
// <20><><EFBFBD><EFBFBD>ģʽ<C4A3><CABD>д<EFBFBD><D0B4><EFBFBD>ݣ<EFBFBD><DDA3><EFBFBD>Ϊ<EFBFBD><CEAA><EFBFBD><EFBFBD><D7BD>ֲ<EFBFBD>δ<EFBFBD><CEB4><EFBFBD><EFBFBD>Ϊ<EFBFBD><CEAA><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ģʽ<C4A3><CABD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>д<EFBFBD>Ĺ<EFBFBD><C4B9><EFBFBD>
|
|
|
|
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
2020-01-02 23:29:06 +08:00
|
|
|
|
if (conn.write(*buf) == -1) {
|
2014-12-07 23:48:11 +08:00
|
|
|
|
logger("write error!");
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
buf->clear();
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2014-11-19 00:25:21 +08:00
|
|
|
|
|
2014-12-07 23:48:11 +08:00
|
|
|
|
bool master_service::thread_on_read(acl::socket_stream* conn)
|
|
|
|
|
{
|
2020-01-02 23:29:06 +08:00
|
|
|
|
if (conf_ == NULL) {
|
2014-12-07 23:48:11 +08:00
|
|
|
|
return do_run(*conn, NULL);
|
2020-01-02 23:29:06 +08:00
|
|
|
|
}
|
2014-11-19 00:25:21 +08:00
|
|
|
|
|
2020-01-02 23:29:06 +08:00
|
|
|
|
acl::sslbase_io* ssl = setup_ssl(*conn, *conf_);
|
|
|
|
|
if (ssl == NULL) {
|
2014-11-30 21:15:35 +08:00
|
|
|
|
return false;
|
2020-01-02 23:29:06 +08:00
|
|
|
|
}
|
2014-11-30 21:15:35 +08:00
|
|
|
|
|
2020-01-02 23:29:06 +08:00
|
|
|
|
if (!ssl->handshake()) {
|
2014-11-30 21:15:35 +08:00
|
|
|
|
logger_error("ssl handshake failed");
|
2014-11-19 00:25:21 +08:00
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2020-01-02 23:29:06 +08:00
|
|
|
|
if (!ssl->handshake_ok()) {
|
2015-12-08 22:28:10 +08:00
|
|
|
|
logger("handshake trying again...");
|
2014-11-30 21:15:35 +08:00
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2020-01-02 23:29:06 +08:00
|
|
|
|
//logger("handshake_ok");
|
2014-12-07 23:48:11 +08:00
|
|
|
|
|
|
|
|
|
return do_run(*conn, ssl);
|
2014-11-19 00:25:21 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool master_service::thread_on_accept(acl::socket_stream* conn)
|
|
|
|
|
{
|
2014-12-07 23:48:11 +08:00
|
|
|
|
//logger("connect from %s, fd: %d, timeout: %d", conn->get_peer(true),
|
|
|
|
|
// conn->sock_handle(), conn->get_rw_timeout());
|
2014-11-19 00:25:21 +08:00
|
|
|
|
|
2014-12-07 23:48:11 +08:00
|
|
|
|
acl::string* buf = new acl::string(128);
|
|
|
|
|
conn->set_ctx(buf);
|
2014-11-19 00:25:21 +08:00
|
|
|
|
conn->set_rw_timeout(var_cfg_io_timeout);
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool master_service::thread_on_timeout(acl::socket_stream* conn)
|
|
|
|
|
{
|
|
|
|
|
logger("read timeout from %s, fd: %d", conn->get_peer(),
|
|
|
|
|
conn->sock_handle());
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void master_service::thread_on_close(acl::socket_stream* conn)
|
|
|
|
|
{
|
2014-12-07 23:48:11 +08:00
|
|
|
|
//logger("disconnect from %s, fd: %d", conn->get_peer(),
|
|
|
|
|
// conn->sock_handle());
|
|
|
|
|
acl::string* buf = (acl::string*) conn->get_ctx();
|
|
|
|
|
delete buf;
|
2014-11-19 00:25:21 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void master_service::thread_on_init()
|
|
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void master_service::thread_on_exit()
|
|
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void master_service::proc_on_init()
|
|
|
|
|
{
|
|
|
|
|
if (var_cfg_crt_file == NULL || *var_cfg_crt_file == 0
|
2020-01-02 23:29:06 +08:00
|
|
|
|
|| var_cfg_key_file == NULL || *var_cfg_key_file == 0) {
|
2014-11-19 00:25:21 +08:00
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2020-01-02 23:29:06 +08:00
|
|
|
|
if (var_cfg_use_mbedtls) {
|
2020-01-06 15:29:03 +08:00
|
|
|
|
acl::string buf(var_cfg_ssl_path);
|
|
|
|
|
const std::vector<acl::string>& libs = buf.split2("; \t\r\n");
|
|
|
|
|
if (libs.size() != 3) {
|
|
|
|
|
logger_error("invalid ssl_path=%s", var_cfg_ssl_path);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
acl::mbedtls_conf::set_libpath(libs[0], libs[1], libs[2]);
|
2020-01-02 23:29:06 +08:00
|
|
|
|
if (!acl::mbedtls_conf::load()) {
|
|
|
|
|
logger_error("load %s error", var_cfg_ssl_path);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
acl::polarssl_conf::set_libpath(var_cfg_ssl_path);
|
|
|
|
|
if (!acl::polarssl_conf::load()) {
|
|
|
|
|
logger_error("load %s error", var_cfg_ssl_path);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (var_cfg_use_mbedtls) {
|
|
|
|
|
conf_ = new acl::mbedtls_conf(true);
|
|
|
|
|
} else {
|
|
|
|
|
conf_ = new acl::polarssl_conf();
|
|
|
|
|
}
|
2014-11-19 00:25:21 +08:00
|
|
|
|
|
2019-07-28 10:31:56 +08:00
|
|
|
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>˵<EFBFBD> SSL <20>Ự<EFBFBD><E1BBB0><EFBFBD>湦<EFBFBD><E6B9A6>
|
2014-11-19 00:25:21 +08:00
|
|
|
|
conf_->enable_cache(var_cfg_session_cache);
|
|
|
|
|
|
2022-08-20 21:32:08 +08:00
|
|
|
|
if (var_cfg_use_mbedtls) {
|
|
|
|
|
if (!conf_->add_cert(var_cfg_crt_file, var_cfg_key_file)) {
|
|
|
|
|
logger_error("add cert failed, crt: %s, key: %s",
|
|
|
|
|
var_cfg_crt_file, var_cfg_key_file);
|
|
|
|
|
delete conf_;
|
|
|
|
|
conf_ = NULL;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
// <20><><EFBFBD>ӱ<EFBFBD><D3B1>ط<EFBFBD><D8B7><EFBFBD><EFBFBD><EFBFBD>֤<EFBFBD><D6A4>
|
|
|
|
|
if (!conf_->add_cert(var_cfg_crt_file)) {
|
|
|
|
|
logger_error("add cert failed, crt: %s, key: %s",
|
|
|
|
|
var_cfg_crt_file, var_cfg_key_file);
|
|
|
|
|
delete conf_;
|
|
|
|
|
conf_ = NULL;
|
|
|
|
|
return;
|
|
|
|
|
}
|
2014-11-19 00:25:21 +08:00
|
|
|
|
|
2022-08-20 21:32:08 +08:00
|
|
|
|
// <20><><EFBFBD>ӱ<EFBFBD><D3B1>ط<EFBFBD><D8B7><EFBFBD><EFBFBD><EFBFBD>Կ
|
|
|
|
|
if (!conf_->set_key(var_cfg_key_file)) {
|
|
|
|
|
logger_error("set private key error");
|
|
|
|
|
delete conf_;
|
|
|
|
|
conf_ = NULL;
|
|
|
|
|
}
|
2014-11-19 00:25:21 +08:00
|
|
|
|
}
|
2022-08-20 21:32:08 +08:00
|
|
|
|
|
|
|
|
|
logger("load cert ok, crt: %s, key: %s", var_cfg_crt_file, var_cfg_key_file);
|
2014-11-19 00:25:21 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void master_service::proc_on_exit()
|
|
|
|
|
{
|
|
|
|
|
}
|