mirror/ULib
1
0
Fork 0
mirror of https://github.com/stefanocasazza/ULib.git synced 2025-10-05 19:18:01 +08:00
Code Issues Releases Wiki Activity

sync

Browse Source
This commit is contained in:
stefanocasazza 2017-04-06 16:01:36 +02:00
parent 328291751e
commit c4aae2c33e
5 changed files with 41 additions and 480 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
examples/userver/userver.cfg.default
View File

@ -112,6 +112,9 @@ userver {
# MAX_KEEP_ALIVE 1000
# LOAD_BALANCE_DEVICE_NETWORK eth1
# LOAD_BALANCE_LOADAVG_THRESHOLD 4.5
# DH_FILE ../ulib/CA/param.dh
# CERT_FILE ../ulib/CA/server.crt
# KEY_FILE ../ulib/CA/server.key

5
examples/userver/userver.cpp
View File

@ -80,8 +80,13 @@ public:
//
// LISTEN_BACKLOG max number of ready to be delivered connections to accept()
// SET_REALTIME_PRIORITY flag indicating that the preforked processes will be scheduled under the real-time policies SCHED_FIFO
//
// CLIENT_THRESHOLD min number of clients to active polling
// CLIENT_FOR_PARALLELIZATION minum number of clients to active parallelization
//
// LOAD_BALANCE_DEVICE_NETWORK network interface name of cluster of physical server
// LOAD_BALANCE_LOADAVG_THRESHOLD system load threshold to proxies the request on other userver on the network cluster ([0-9].[0-9])
//
// PID_FILE write main process pid on file indicated
// WELCOME_MSG message of welcome to send initially to client connected
// RUN_AS_USER downgrade security to that user account

3
include/ulib/ssl/net/sslsocket.h
View File

@ -249,8 +249,9 @@ public:
} stapling;
static stapling staple;
static bool doStapling();
static bool ocsp_use_nonce;
static bool doStapling();
static void cleanupStapling();
static bool setDataForStapling();
static void certificate_status_callback(SSL* _ssl, void* data);

470
src/ulib/net/server/plugin/usp/businesses.usp.save
View File

@ -1,470 +0,0 @@
<!--#
prototype for Victor Stewart
-->
<!--#declaration
/**
* {
* "token": "A619828KAIJ6D3",
* "type": "localesData",
* "radius": "near",
* "location": "40.7831 N, 73.9712 W"
* }
*/
class Request {
public:
// Check for memory error
U_MEMORY_TEST
// Allocator e Deallocator
U_MEMORY_ALLOCATOR
U_MEMORY_DEALLOCATOR
UString token, type, radius, location;
Request()
{
U_TRACE_REGISTER_OBJECT(5, Request, "")
}
Request(const Request& r) : token(r.token), type(r.type), radius(r.radius), location(r.location)
{
U_TRACE_REGISTER_OBJECT(5, Request, "%p", &r)
U_MEMORY_TEST_COPY(r)
}
~Request()
{
U_TRACE_UNREGISTER_OBJECT(5, Request)
}
void clear()
{
U_TRACE_NO_PARAM(5, "Request::clear()")
token.clear();
type.clear();
radius.clear();
location.clear();
}
void fromJSON(UValue& json)
{
U_TRACE(5, "Request::fromJSON(%p)", &json)
json.fromJSON(U_JSON_METHOD_HANDLER(token, UString));
json.fromJSON(U_JSON_METHOD_HANDLER(type, UString));
json.fromJSON(U_JSON_METHOD_HANDLER(radius, UString));
json.fromJSON(U_JSON_METHOD_HANDLER(location, UString));
}
#ifdef DEBUG
const char* dump(bool breset) const
{
*UObjectIO::os << "token (UString " << (void*)&token << ")\n"
<< "type (UString " << (void*)&type << ")\n"
<< "radius (UString " << (void*)&radius << ")\n"
<< "location (UString " << (void*)&location << ')';
if (breset)
{
UObjectIO::output();
return UObjectIO::buffer_output;
}
return 0;
}
#endif
private:
Request& operator=(const Request&) { return *this; }
};
/**
* [
* { "name": "Business 1"
* "rating": "Red"
* "address": "123 park lane, New York, NY, USA 10028"
* "phone": "12126465788"
* "url": "www.business1.com" } ,
*
* ....
*
* { "name": "Business 20"
* "rating": "Yellow"
* "address": "837 mott street, New York, NY, USA 10019"
* "phone": "12124829384"
* "url": "www.business2.com" }
* ]
*/
class Response {
public:
// Check for memory error
U_MEMORY_TEST
// Allocator e Deallocator
U_MEMORY_ALLOCATOR
U_MEMORY_DEALLOCATOR
UString name, rating, address, phone, url;
Response()
{
U_TRACE_REGISTER_OBJECT(5, Response, "")
}
Response(const Response& r) : name(r.name), rating(r.rating), address(r.address), phone(r.phone), url(r.url)
{
U_TRACE_REGISTER_OBJECT(5, Response, "%p", &r)
U_MEMORY_TEST_COPY(r)
}
~Response()
{
U_TRACE_UNREGISTER_OBJECT(5, Response)
}
void clear()
{
U_TRACE_NO_PARAM(5, "Response::clear()")
name.clear();
rating.clear();
address.clear();
phone.clear();
url.clear();
}
void toJSON(UValue& json)
{
U_TRACE(5, "Response::toJSON(%p)", &json)
json.toJSON(U_JSON_METHOD_HANDLER(name, UString));
json.toJSON(U_JSON_METHOD_HANDLER(rating, UString));
json.toJSON(U_JSON_METHOD_HANDLER(address, UString));
json.toJSON(U_JSON_METHOD_HANDLER(phone, UString));
json.toJSON(U_JSON_METHOD_HANDLER(url, UString));
}
// SERVICES
bool operator<(const Response& other) const { return cmp_obj(&name, &other.name); }
static int cmp_obj(const void* a, const void* b)
{
U_TRACE(5, "Response::cmp_obj(%p,%p)", a, b)
return (*(const Response**)a)->name.compare((*(const Response**)b)->name);
}
#ifdef DEBUG
const char* dump(bool breset) const
{
*UObjectIO::os << "url (UString " << (void*)&url << ")\n"
<< "name (UString " << (void*)&name << ")\n"
<< "phone (UString " << (void*)&phone << ")\n"
<< "rating (UString " << (void*)&rating << ")\n"
<< "address (UString " << (void*)&address << ')';
if (breset)
{
UObjectIO::output();
return UObjectIO::buffer_output;
}
return 0;
}
#endif
private:
Response& operator=(const Response&) { return *this; }
};
class RequestStartup {
public:
UString type, version, deviceID, osVersion, deviceModel;
bool authed;
RequestStartup() : type(U_STRING_FROM_CONSTANT("startup")) {}
void clear()
{
U_TRACE_NO_PARAM(5, "RequestStartup::clear()")
type.clear();
version.clear();
deviceID.clear();
osVersion.clear();
deviceModel.clear();
authed = false;
}
void fromJSON(UValue& json)
{
U_TRACE(5, "RequestStartup::toJSON(%p)", &json)
json.fromJSON(U_JSON_METHOD_HANDLER(type, UString));
json.fromJSON(U_JSON_METHOD_HANDLER(version, UString));
json.fromJSON(U_JSON_METHOD_HANDLER(deviceID, UString));
json.fromJSON(U_JSON_METHOD_HANDLER(osVersion, UString));
json.fromJSON(U_JSON_METHOD_HANDLER(deviceModel, UString));
json.fromJSON(U_JSON_METHOD_HANDLER(authed, bool));
}
};
class ResponseStartup {
public:
UString type, token;
UVector<UString> fbPermissions;
ResponseStartup(): type(U_STRING_FROM_CONSTANT("startup")) {}
void clear()
{
U_TRACE_NO_PARAM(5, "ResponseStartup::clear()")
type.clear();
token.clear();
fbPermissions.clear();
}
void toJSON(UValue& json)
{
U_TRACE(0, "ResponseStartup::toJSON(%p)", &json)
json.toJSON(U_JSON_METHOD_HANDLER(type, UString));
json.toJSON(U_JSON_METHOD_HANDLER(token, UString));
json.toJSON(U_JSON_METHOD_HANDLER(fbPermissions, UVector<UString>));
}
};
class BusinessCell {
public:
// grey = 0, darkBlue = 1, funBlue = 2, green = 3, orange = 4, red = 5, pink = 6
UString name, businessID, address, neighborhood;
unsigned color, category, grouping, distance;
bool filler;
int64_t decay;
BusinessCell(const UString& _name, const UString& _businessID, const UString& _address, const UString& _neighborhood,
unsigned _color, unsigned _category, unsigned _distance, unsigned _grouping, bool _filler, int64_t _decay) :
name(_name), businessID(_businessID), address(_address), neighborhood(_neighborhood),
color(_color), category(_category), grouping(_grouping), distance(_distance), filler(_filler), decay(_decay)
{
}
BusinessCell() {}
void toJSON(UValue& json)
{
U_TRACE(0, "BusinessCell::toJSON(%p)", &json)
json.toJSON(U_JSON_METHOD_HANDLER(name, UString));
json.toJSON(U_JSON_METHOD_HANDLER(businessID, UString));
json.toJSON(U_JSON_METHOD_HANDLER(address, UString));
json.toJSON(U_JSON_METHOD_HANDLER(neighborhood, UString));
json.toJSON(U_JSON_METHOD_HANDLER(color, unsigned));
json.toJSON(U_JSON_METHOD_HANDLER(category, unsigned));
json.toJSON(U_JSON_METHOD_HANDLER(grouping, unsigned));
json.toJSON(U_JSON_METHOD_HANDLER(distance, unsigned));
json.toJSON(U_JSON_METHOD_HANDLER(filler, bool));
json.toJSON(U_JSON_METHOD_HANDLER(decay, int64_t));
}
};
class ResponseCells {
public:
UString type;
UVector<BusinessCell*> businesses;
unsigned status;
ResponseCells() : type(U_STRING_FROM_CONSTANT("cells"))
{
U_TRACE_NO_PARAM(0, "ResponseCells::ResponseCells()")
status = 0;
}
void toJSON(UValue& json)
{
U_TRACE(0, "ResponseCells::toJSON(%p)", &json)
json.toJSON(U_JSON_METHOD_HANDLER(type, UString));
json.toJSON(U_JSON_METHOD_HANDLER(businesses, UVector<BusinessCell*>));
json.toJSON(U_JSON_METHOD_HANDLER(status, unsigned));
}
};
class HTTP2Push : public UEventTime {
public:
UString message, token;
HTTP2Push() : UEventTime(15L * 60L, 0L), message(U_STRING_FROM_CONSTANT("{aps:{content-available:1},check:health}")), token(U_CAPACITY)
{
U_TRACE_REGISTER_OBJECT(0, HTTP2Push, "", 0)
# ifdef USE_LIBCURL
UCURL::initHTTP2Push("https://api.development.push.apple.com", "/certificates/samplepush/development.pem", "GoGo.Hopscotch");
# endif
}
virtual ~HTTP2Push() U_DECL_FINAL
{
U_TRACE_UNREGISTER_OBJECT(0, HTTP2Push)
}
// define method VIRTUAL of class UEventTime
virtual int handlerTime() U_DECL_FINAL
{
U_TRACE_NO_PARAM(0, "HTTP2Push::handlerTime()")
pid_t pid = UServer_Base::startNewChild();
if (pid > 0) U_RETURN(0); // parent
// child
token.snprintf(U_CONSTANT_TO_PARAM("dbdaeae86abcde56rtyww1859fb41d2c7b2cberrttyyy053ec48987847"), 0);
# ifdef USE_LIBCURL
if (UCURL::sendHTTP2Push(token, message) == false)
# endif
{
U_WARNING("UCURL::sendHTTP2Push() failed");
}
if (pid == 0) UServer_Base::endNewChild();
U_RETURN(0);
}
#if defined(DEBUG) && defined(U_STDCPP_ENABLE)
const char* dump(bool _reset) const { return UEventTime::dump(_reset); }
#endif
private:
U_DISALLOW_COPY_AND_ASSIGN(HTTP2Push)
};
static UMongoDBClient* mc;
static UVector<UString> mongoResults;
static void usp_init_businesses()
{
U_TRACE(5, "::usp_init_businesses()")
UEventTime* push;
U_NEW(HTTP2Push, push, HTTP2Push);
UTimer::insert(push);
mongoResults.push(U_STRING_FROM_CONSTANT("{ \"fbPermissions\" : [ \"public_profile\", \"user_friends\", \"email\" ] }"));
}
static void usp_fork_businesses()
{
U_TRACE(5, "::usp_fork_businesses()")
U_NEW(UMongoDBClient, mc, UMongoDBClient);
if (mc->connect(0,0) == false)
{
U_WARNING("usp_fork_businesses(): connection failed");
return;
}
if (mc->selectCollection("database", "businesses") == false)
{
U_WARNING("usp_fork_businesses(): selectCollection() failed");
return;
}
}
#ifdef DEBUG
static void usp_end_businesses()
{
U_TRACE(5, "::usp_end_businesses()")
delete mc;
}
#endif
-->
<!--#header
Content-Type: application/json
-->
<!--#vcode // validation code
UString type;
if (USP_JFIND_REQUEST("type", type) == false)
{
UHTTP::setBadRequest();
return;
}
-->
<!--#lcode // load balance code
if (type.equal(U_CONSTANT_TO_PARAM("localesData")))
{
Response response;
USP_JSON_OBJ_stringify(Response, response);
}
else if (type.equal(U_CONSTANT_TO_PARAM("cells")))
{
BusinessCell* pcell;
ResponseCells response;
U_NEW(BusinessCell, pcell, BusinessCell);
response.businesses.push_back(pcell);
USP_JSON_OBJ_stringify(ResponseCells, response);
}
else if (type.equal(U_CONSTANT_TO_PARAM("startup")))
{
RequestStartup request;
if (USP_JSON_REQUEST_PARSE(request))
{
ResponseStartup response;
if (request.authed)
{
}
UString workingString;
if (UValue::jread(mongoResults[0], U_STRING_FROM_CONSTANT("{'fbPermissions'"), workingString))
{
for (uint32_t i = 0, n = UValue::jread_elements; i < n; ++i)
{
UString workingString2;
(void) UValue::jread(workingString, U_STRING_FROM_CONSTANT("[*"), workingString2, &i);
U_INTERNAL_DUMP("pushing = %V", workingString2.rep);
response.fbPermissions.push_back(workingString2);
}
}
USP_JSON_OBJ_stringify(ResponseStartup, response);
}
}
-->

40
src/ulib/ssl/net/sslsocket.cpp
View File

@ -31,11 +31,12 @@
#define SSL_ERROR_WANT_ACCEPT SSL_ERROR_WANT_READ
#endif
int USSLSocket::session_cache_index;
SSL_CTX* USSLSocket::cctx; // client
SSL_CTX* USSLSocket::sctx; // server
int USSLSocket::session_cache_index;
SSL_CTX* USSLSocket::cctx; // client
SSL_CTX* USSLSocket::sctx; // server
#if !defined(OPENSSL_NO_OCSP) && defined(SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB)
bool USSLSocket::ocsp_use_nonce;
USSLSocket::stapling USSLSocket::staple;
#endif
@ -1346,7 +1347,9 @@ next: // extract OCSP responder URL from certificate
(void) U_SYSCALL(OCSP_request_add0_id, "%p,%p", staple.req, staple.id);
(void) U_SYSCALL(OCSP_request_add1_nonce, "%p,%p,%d", staple.req, 0, -1);
U_INTERNAL_DUMP("ocsp_use_nonce = %b", ocsp_use_nonce)
if (ocsp_use_nonce) (void) U_SYSCALL(OCSP_request_add1_nonce, "%p,%p,%d", staple.req, 0, -1);
// sign the request
@ -1475,26 +1478,45 @@ bool USSLSocket::doStapling()
basic = (OCSP_BASICRESP*) U_SYSCALL(OCSP_response_get1_basic, "%p", resp);
result = (basic && U_SYSCALL(OCSP_check_nonce, "%p,%p", staple.req, basic) > 0);
if (ocsp_use_nonce &&
U_SYSCALL(OCSP_check_nonce, "%p,%p", staple.req, basic) != 1)
{
result = false;
if (result == false) goto end;
U_DEBUG("ocsp: response has wrong nonce value");
goto end;
}
// verify signature
result = (U_SYSCALL(OCSP_basic_verify, "%p,%p,%p,%lu", basic, 0, UServices::store, staple.verify ? OCSP_TRUSTOTHER : OCSP_NOVERIFY) == 1);
if (result == false) goto end;
if (result == false)
{
U_DEBUG("ocsp: couldn't verify OCSP basic response");
goto end;
}
result = (U_SYSCALL(OCSP_resp_find_status, "%p,%p,%p,%lu", basic, staple.id, &status, 0, 0, &thisupdate, &nextupdate) == 1);
if (result == false)
{
U_DEBUG("ocsp: no Status found");
goto end;
}
nextupdate_str = UStringExt::ASN1TimetoString(nextupdate);
U_INTERNAL_DUMP("OCSP_resp_find_status() - %d: %s This update: %s Next update: %v", status,
OCSP_cert_status_str(status), UStringExt::ASN1TimetoString(thisupdate).data(), nextupdate_str.rep)
if (result == false ||
status != V_OCSP_CERTSTATUS_GOOD)
if (status != V_OCSP_CERTSTATUS_GOOD)
{
result = false;
goto end;
}