Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

SSL support

  • Loading branch information...
commit 25629ec2d1f6fe42797cb06674f4a875ef9be45a 1 parent 98e4020
@ccutrer authored
2  mordor
@@ -1 +1 @@
-Subproject commit e976359774e5fbbe7b4c390446990d7471c9ecbc
+Subproject commit 22ce904a438664e160c26eeab65b0575b373baff
View
30 pghottub/client.cpp
@@ -9,16 +9,20 @@
#include <mordor/endian.h>
#include <mordor/log.h>
#include <mordor/streams/buffer.h>
+#include <mordor/streams/buffered.h>
+#include <mordor/streams/ssl.h>
#include <mordor/streams/stream.h>
+#include "pghottub/hot_tub.h"
+
using namespace Mordor;
static Logger::ptr g_log = Log::lookup("pghottub:client");
namespace PgHotTub {
-Client::Client(Stream::ptr stream)
- : Connection(stream)
+Client::Client(HotTub &hotTub, Stream::ptr stream)
+ : Connection(hotTub, stream)
{}
void
@@ -43,9 +47,25 @@ Client::startup()
if (message.readAvailable() != 0)
MORDOR_THROW_EXCEPTION(InvalidProtocolException());
- // TODO: wrap in SSL
- m_stream->write("N", 1u);
- m_stream->flush();
+ if (m_hotTub.sslCtx()) {
+ m_stream->write("S", 1u);
+ m_stream->flush();
+
+ BufferedStream::ptr bufferedStream = boost::dynamic_pointer_cast<BufferedStream>(m_stream);
+ // optimize the buffering on top of the socket for SSL packets
+ bufferedStream->allowPartialReads(true);
+ bufferedStream->flushMultiplesOfBuffer(true);
+ bufferedStream->bufferSize(16384);
+
+ SSLStream::ptr sslStream(new SSLStream(m_stream, false, true, m_hotTub.sslCtx()));
+ sslStream->accept();
+ sslStream->flush();
+ m_stream.reset(new BufferedStream(sslStream));
+ } else {
+ m_stream->write("N", 1u);
+ m_stream->flush();
+ }
+
readV2Message(type, message);
}
View
2  pghottub/client.h
@@ -17,7 +17,7 @@ class Client : public Connection
struct InvalidProtocolException : virtual Mordor::Exception {};
public:
- Client(boost::shared_ptr<Mordor::Stream> stream);
+ Client(HotTub &hotTub, boost::shared_ptr<Mordor::Stream> stream);
void run();
View
3  pghottub/connection.cpp
@@ -12,7 +12,8 @@ using namespace Mordor;
namespace PgHotTub {
-Connection::Connection(Stream::ptr stream)
+Connection::Connection(HotTub &hotTub, Stream::ptr stream)
+ : m_hotTub(hotTub)
{
MORDOR_ASSERT(stream->supportsRead());
MORDOR_ASSERT(stream->supportsWrite());
View
5 pghottub/connection.h
@@ -11,6 +11,8 @@ class Stream;
namespace PgHotTub {
+class HotTub;
+
class Connection : boost::noncopyable
{
public:
@@ -29,12 +31,13 @@ class Connection : boost::noncopyable
};
protected:
- Connection(boost::shared_ptr<Mordor::Stream> stream);
+ Connection(HotTub &hotTub, boost::shared_ptr<Mordor::Stream> stream);
void readV2Message(V2MessageType &type, Mordor::Buffer &message);
void readV3Message(V3MessageType &type, Mordor::Buffer &message);
protected:
+ HotTub &m_hotTub;
boost::shared_ptr<Mordor::Stream> m_stream;
};
View
13 pghottub/hot_tub.cpp
@@ -14,8 +14,9 @@ using namespace Mordor;
namespace PgHotTub {
-HotTub::HotTub(Scheduler &scheduler)
- : m_scheduler(scheduler)
+HotTub::HotTub(Scheduler &scheduler, SSL_CTX *sslCtx)
+ : m_scheduler(scheduler),
+ m_sslCtx(sslCtx)
{}
void
@@ -36,9 +37,15 @@ HotTub::addListener(Listener &listener)
void
HotTub::acceptConnection(Stream::ptr stream)
{
- Client::ptr client(new Client(stream));
+ Client::ptr client(new Client(*this, stream));
m_clients.insert(client);
m_scheduler.schedule(boost::bind(&Client::run, client));
}
+SSL_CTX *
+HotTub::sslCtx()
+{
+ return m_sslCtx;
+}
+
}
View
8 pghottub/hot_tub.h
@@ -5,6 +5,8 @@
#include <boost/shared_ptr.hpp>
+#include <openssl/ssl.h>
+
namespace Mordor {
class Scheduler;
class Stream;
@@ -18,17 +20,21 @@ class Listener;
class HotTub
{
public:
- HotTub(Mordor::Scheduler &scheduler);
+ HotTub(Mordor::Scheduler &scheduler, SSL_CTX *sslCtx = NULL);
void stop();
void addListener(Listener &listener);
void acceptConnection(boost::shared_ptr<Mordor::Stream> stream);
+
+ SSL_CTX *sslCtx();
+
private:
Mordor::Scheduler &m_scheduler;
std::vector<Listener *> m_listeners;
std::set<boost::shared_ptr<Client> > m_clients;
+ SSL_CTX *m_sslCtx;
};
}
View
4 pghottub/main.cpp
@@ -8,6 +8,7 @@
#include <mordor/daemon.h>
#include <mordor/iomanager.h>
#include <mordor/main.h>
+#include <mordor/streams/ssl.h>
#include "pghottub/hot_tub.h"
#include "pghottub/tcp_listener.h"
@@ -20,7 +21,8 @@ static int daemonMain(int argc, char *argv[])
{
try {
IOManager ioManager;
- HotTub hotTub(ioManager);
+ boost::shared_ptr<SSL_CTX> sslCtx(SSLStream::generateSelfSignedCertificate());
+ HotTub hotTub(ioManager, sslCtx.get());
Daemon::onTerminate.connect(boost::bind(&HotTub::stop, &hotTub));
TcpListener tcpListener(ioManager, "*", 6432, hotTub);
Please sign in to comment.
Something went wrong with that request. Please try again.