From 0a374c58a6859c962ca8d779490c379a643180a9 Mon Sep 17 00:00:00 2001
From: Claudius 'keldu' Holeksa <mail@keldu.de>
Date: Fri, 18 Oct 2024 17:36:45 +0200
Subject: Trying to get server working

---
 modules/io-tls/c++/tls.cpp      |  0
 modules/io-tls/c++/tls.tmpl.hpp | 58 ++++++++++++++++++++++++++++++++++-------
 2 files changed, 49 insertions(+), 9 deletions(-)
 delete mode 100644 modules/io-tls/c++/tls.cpp

(limited to 'modules/io-tls/c++')

diff --git a/modules/io-tls/c++/tls.cpp b/modules/io-tls/c++/tls.cpp
deleted file mode 100644
index e69de29..0000000
diff --git a/modules/io-tls/c++/tls.tmpl.hpp b/modules/io-tls/c++/tls.tmpl.hpp
index bc3d2d2..d76e482 100644
--- a/modules/io-tls/c++/tls.tmpl.hpp
+++ b/modules/io-tls/c++/tls.tmpl.hpp
@@ -139,15 +139,6 @@ public:
 	conveyor<own<io_stream<net::Tls<T>>>> connect(network_address<net::Tls<T>>& address) override;
 };
 
-template<typename T>
-conveyor<own<io_stream<net::Tls<T>>>> tls_server<T>::accept() {
-	SAW_ASSERT(internal_) { return conveyor<own<io_stream<net::Tls<T>>>>{fix_void<own<io_stream<net::Tls<T>>>>{nullptr}}; }
-	return internal_->accept().then([](own<io_stream<T>> stream) -> error_or<own<io_stream<net::Tls<T>>>> {
-		/// @todo handshake
-		return make_error<err::not_implemented>();
-		// auto foo = heap<tls_io_stream<T>>(std::move(stream));
-	});
-}
 
 namespace {
 /*
@@ -210,12 +201,61 @@ template<typename T>
 error_or<own<server<net::Tls<T>>>> tls_network<T>::listen(network_address<net::Tls<T>>& address) {
 	gnutls_certificate_credentials_t x509_cred;
 	gnutls_certificate_allocate_credentials(&x509_cred);
+
+	std::string_view KEYFILE = "key.pem";
+	std::string_view CERTFILE = "cert.pem";
+	std::string_view CAFILE = "/etc/ssl/certs/ca-certificates.crt";
+	std::string_view CRLFILE = "crl.pem";
+
+	gnutls_certificate_set_x509_trust_file(x509_cred, CAFILE, GNUTLS_X509_FMT_PEM);
+	gnutls_certificate_set_x509_crl_file(x509_cred, CRLFILE, GNUTLS_X509_FMT_PEM);
+	gnutls_certificate_set_x509_key_file(x509_cred, CERTFILE, KEYFILE, GNUTLS_X509_FMT_PEM);
+
+	gnutls_certificate_set_x509_ocsp_status_request_file(x509_cred, OCSP_STATUS_FILE, 0);
+
 	auto int_srv = internal_().listen(address.get_handle());
 
 	own<server<net::Tls<T>>> tls_srv = heap<tls_server<T>>(std::move(int_srv), x509_cred);
 	return tls_srv;
 }
 
+template<typename T>
+conveyor<own<io_stream<net::Tls<T>>>> tls_server<T>::accept() {
+	SAW_ASSERT(internal_) { return conveyor<own<io_stream<net::Tls<T>>>>{fix_void<own<io_stream<net::Tls<T>>>>{nullptr}}; }
+	
+	auto caf = new_conveyor_and_feeder<own<io_stream<net::Tls<T>>>>();
+	own<tls_client_stream_helper<T>> helper = heap<tls_client_stream_helper<T>>(std::move(caf.feeder));
+	tls_client_stream_helper<T>* hlp_ptr = helper.get();
+
+	auto prim_conv = internal_->accept().then([&](own<io_stream<T>> stream) -> error_or<void> {
+		io_stream<T>* inner_stream = stream.get();
+		auto tls_stream = heap<tls_io_stream<T>>(std::move(stream));
+		
+		auto &session = tls_stream->session();
+
+		gnutls_init(&session, GNUTLS_SERVER);
+		gnutls_certificate_server_set_request(session, GNUTLS_CERT_IGNORE);
+		gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred_);
+		gnutls_set_default_priority(session);
+
+		gnutls_transport_set_ptr(session, reinterpret_cast<gnutls_transport_ptr_t>(inner_stream));
+		gnutls_transport_set_push_function(session, forst_tls_push_func<T>);
+		gnutls_transport_set_pull_function(session, forst_tls_pull_func<T>);
+
+		// gnutls_handshake_set_timeout(session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+
+		hlp_ptr->stream = std::move(tls_stream);
+		hlp_ptr->setupTurn();
+		hlp_ptr->turn();
+
+		return void_t{};
+	});
+
+	helper->connection_sink = prim_conv.sink();
+
+	return caf.conveyor.attach(std::move(helper));
+}
+
 template<typename T>
 conveyor<own<io_stream<net::Tls<T>>>> tls_network<T>::connect(network_address<net::Tls<T>>& address) {
 	// Helper setups
-- 
cgit v1.2.3