From ab8371327296d3435308b21b463fbdb4569d8763 Mon Sep 17 00:00:00 2001 From: Claudius 'keldu' Holeksa Date: Sat, 19 Oct 2024 18:41:26 +0200 Subject: Preparing for tls server example --- modules/io-tls/c++/tls.hpp | 4 +++- modules/io-tls/c++/tls.tmpl.hpp | 20 ++++++++++---------- modules/io-tls/examples/tls_echo_server.cpp | 21 +++++++++++++++++++++ 3 files changed, 34 insertions(+), 11 deletions(-) create mode 100644 modules/io-tls/examples/tls_echo_server.cpp (limited to 'modules') diff --git a/modules/io-tls/c++/tls.hpp b/modules/io-tls/c++/tls.hpp index df21c81..4126a9f 100644 --- a/modules/io-tls/c++/tls.hpp +++ b/modules/io-tls/c++/tls.hpp @@ -77,7 +77,9 @@ public: /** * Set up a listener on this address */ - virtual error_or>>> listen(network_address> &bind_addr, const std::string& key_file) = 0; + virtual error_or>>> listen(network_address> &bind_addr, + const std::string& key_file, const std::string& cert_file, const std::string& crl_file, const std::string& ca_file + ) = 0; /** * Connect to a remote address diff --git a/modules/io-tls/c++/tls.tmpl.hpp b/modules/io-tls/c++/tls.tmpl.hpp index 8c2ba83..46b00d4 100644 --- a/modules/io-tls/c++/tls.tmpl.hpp +++ b/modules/io-tls/c++/tls.tmpl.hpp @@ -134,7 +134,9 @@ public: return make_error(); } - error_or>>> listen(network_address>& address) override; + error_or>>> listen(network_address>& address, + const std::string& key_file, const std::string& cert_file, const std::string& crl_file, const std::string& ca_file + ) override; conveyor>>> connect(network_address>& address) override; }; @@ -198,25 +200,23 @@ public: } template -error_or>>> tls_network::listen(network_address>& address) { +error_or>>> tls_network::listen(network_address>& address, + const std::string& key_file, const std::string& cert_file, const std::string& crl_file, const std::string& ca_file + ) { gnutls_certificate_credentials_t x509_cred; gnutls_certificate_allocate_credentials(&x509_cred); - std::string KEYFILE = "key.pem"; - std::string CERTFILE = "cert.pem"; - std::string CAFILE = "/etc/ssl/certs/ca-certificates.crt"; - std::string CRLFILE = "crl.pem"; std::string OCSP_STATUS_FILE = "ocsp-status.der"; - gnutls_certificate_set_x509_trust_file(x509_cred, CAFILE.c_str(), GNUTLS_X509_FMT_PEM); - gnutls_certificate_set_x509_crl_file(x509_cred, CRLFILE.c_str(), GNUTLS_X509_FMT_PEM); - gnutls_certificate_set_x509_key_file(x509_cred, CERTFILE.c_str(), KEYFILE.c_str(), GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_trust_file(x509_cred, ca_file.c_str(), GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_crl_file(x509_cred, crl_file.c_str(), GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_file(x509_cred, cert_file.c_str(), key_file.c_str(), GNUTLS_X509_FMT_PEM); gnutls_certificate_set_ocsp_status_request_file(x509_cred, OCSP_STATUS_FILE.c_str(), 0); auto int_srv = internal_().listen(address.get_handle()); - own>> tls_srv = heap>(std::move(int_srv), x509_cred); + own>> tls_srv = heap>(std::move(int_srv), x509_cred, key_file, cert_file, crl_file, ca_file); return tls_srv; } diff --git a/modules/io-tls/examples/tls_echo_server.cpp b/modules/io-tls/examples/tls_echo_server.cpp new file mode 100644 index 0000000..7ceacb5 --- /dev/null +++ b/modules/io-tls/examples/tls_echo_server.cpp @@ -0,0 +1,21 @@ +#include + +#include "../c++/tls.hpp" + +saw::error_or real_main(){ + using namespace saw; + + + + return make_void(); +} + +int main(){ + auto eov = real_main(); + if(eov.is_error()){ + auto& err = eov.get_error(); + std::cerr<<"[Error]: "<