Merge pull request #1 from systelab/dump-protection

Moved to WebServerAdapter 2.0.0
systelab · Dec 23, 2021 · 7ab4d09 · 7ab4d09
2 parents ef9934d + 1431a49
commit 7ab4d09
Show file tree

Hide file tree

Showing 6 changed files with 141 additions and 121 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1 +1,2 @@
-build
+build
+build-*
diff --git a/RELEASENOTES.md b/RELEASENOTES.md
@@ -1,5 +1,12 @@
 # Summary of changes
 
+## Changes for version 2.0.0 (23 Dec 2021)
+
+### Breaking changes
+
+- Moved to version 2.0.0 (new interface) of WebServerAdapter
+
+
 ## Changes for version 1.3.7 (30 Sep 2021)
 
 ### Bug Fixes

diff --git a/conanfile.py b/conanfile.py
@@ -19,7 +19,7 @@ def configure(self):
         self.options["openssl"].shared = True
 
     def requirements(self):
-        self.requires("WebServerAdapterInterface/1.1.12@systelab/stable")
+        self.requires("WebServerAdapterInterface/2.0.0@systelab/stable")
         self.requires("zlib/1.2.11#e69eb26137def0a77953bb0afe1bcb54")
 
         if self.options.openssl == "1.1.1g":
@@ -30,7 +30,7 @@ def requirements(self):
             self.requires(f"openssl/{self.options.openssl}")
 
     def build_requirements(self):
-        self.build_requires("WebServerAdapterTestUtilities/1.1.12@systelab/stable")
+        self.build_requires("WebServerAdapterTestUtilities/2.0.0@systelab/stable")
 
         if self.options.gtest == "1.7.0":
             self.build_requires("gtest/1.7.0@systelab/stable")

diff --git a/src/HttpLibWebServerAdapter/SecuredServer.cpp b/src/HttpLibWebServerAdapter/SecuredServer.cpp
@@ -20,9 +20,9 @@ namespace systelab { namespace web_server { namespace httplib {
 		std::unique_ptr<::httplib::SSLServer> httpLibServer;
 
 		const auto& securityConfiguration = m_configuration->getSecurityConfiguration();
-		std::string serverCertificate = securityConfiguration.getServerCertificate();
-		std::string serverPrivateKey = securityConfiguration.getServerPrivateKey();
-		std::string serverDHParam = securityConfiguration.getServerDHParam();
+		std::string serverCertificate = securityConfiguration.getServerCertificate()();
+		std::string serverPrivateKey = securityConfiguration.getServerPrivateKey()();
+		std::string serverDHParam = securityConfiguration.getServerDHParam()();
 		unsigned int tlsSupportMask = buildTLSSupportMask(securityConfiguration);
 		if (securityConfiguration.isMutualSSLEnabled())
 		{

diff --git a/test/HttpLibSampleWebServer/HttpLibSampleWebServer.cpp b/test/HttpLibSampleWebServer/HttpLibSampleWebServer.cpp
@@ -14,66 +14,72 @@
 #include "WebServerAdapterInterface/Model/SecurityConfiguration.h"
 
 
-std::string getServerCertificate()
+std::function<std::string()> getServerCertificate()
 {
-	std::stringstream ss;
-	ss << "-----BEGIN CERTIFICATE-----" << std::endl;
-	ss << "MIIDdDCCAlwCCQDydCZYRyLoODANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJH" << std::endl;
-	ss << "QjESMBAGA1UECAwJQmFyY2Vsb25hMRIwEAYDVQQHDAlCYXJjZWxvbmExGDAWBgNV" << std::endl;
-	ss << "BAoMD0dsb2JhbCBTZWN1cml0eTEWMBQGA1UECwwNSVQgRGVwYXJ0bWVudDETMBEG" << std::endl;
-	ss << "A1UEAwwKd2VyZmVuLmNvbTAeFw0xOTA0MDExNzU0MzVaFw0yOTAzMjkxNzU0MzVa" << std::endl;
-	ss << "MHwxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlCYXJjZWxvbmExEjAQBgNVBAcMCUJh" << std::endl;
-	ss << "cmNlbG9uYTEYMBYGA1UECgwPR2xvYmFsIFNlY3VyaXR5MRYwFAYDVQQLDA1JVCBE" << std::endl;
-	ss << "ZXBhcnRtZW50MRMwEQYDVQQDDAp3ZXJmZW4uY29tMIIBIjANBgkqhkiG9w0BAQEF" << std::endl;
-	ss << "AAOCAQ8AMIIBCgKCAQEAqML1B7VW66CjzQBais4/Jz05gsZ3GWNGA6VKv2TX0VMp" << std::endl;
-	ss << "+HnlXhJc+0WXZCLLSiKAwk70qQCdO2YNXg6sor5PcD1JvoFwQ8Kg34t3tZfiK48r" << std::endl;
-	ss << "0UDuoXTbUfvucN0UhHQg+yaz/2QKqzRE796d89RLmnSMPpiPN3t/bNrwx7KX1FGu" << std::endl;
-	ss << "Ppgow/AYI8419/LCvjl6+E5H7sy2j/svMaQJoRqguAaA+OG0PmLoKx2dgiX1kvXB" << std::endl;
-	ss << "xN8vgJxLfpUDjW/JqupReezZbVOdd51RJ4WGgnyhp09EkIhOW2ijmWglw5aO6rmM" << std::endl;
-	ss << "0UKqnp1uljomD8SBo3TpTpAj61Vl/2FqSi/szKoOdwIDAQABMA0GCSqGSIb3DQEB" << std::endl;
-	ss << "CwUAA4IBAQBzOU0vnuR1kkFDULEkUdhLJ6hx3E/7rkHHlM9W2tdr49dJyIF2XIBY" << std::endl;
-	ss << "LeO3tvo779D4ZWDvgQTgne+A7WLNBOOrRvvyZYD/sZEtqTzOFmjkQB9DvaIbvC3O" << std::endl;
-	ss << "OP26dJnCkHNp0qvjyjyMZmjtJJKHkkpVc11Z/NjcOJIBczookgAEnZnyrBfA6QwF" << std::endl;
-	ss << "juvkma05VOwuDrA+83+bzYFoFX65narVk4wtInVu9m4AZZTS+36ut6nopdMIpJHh" << std::endl;
-	ss << "0ysT1+M0SVievi7e2scwIJ0xxbC219kO+oU7ormcJn0h1gUD7+rbMtxTgy58oVaQ" << std::endl;
-	ss << "Ofe2qbaNiAhMKCHvUBUzupfpMTA1FWNZ" << std::endl;
-	ss << "-----END CERTIFICATE-----" << std::endl;
-
-	return ss.str();
+	return []()
+	{
+		std::stringstream ss;
+		ss << "-----BEGIN CERTIFICATE-----" << std::endl;
+		ss << "MIIDdDCCAlwCCQDydCZYRyLoODANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJH" << std::endl;
+		ss << "QjESMBAGA1UECAwJQmFyY2Vsb25hMRIwEAYDVQQHDAlCYXJjZWxvbmExGDAWBgNV" << std::endl;
+		ss << "BAoMD0dsb2JhbCBTZWN1cml0eTEWMBQGA1UECwwNSVQgRGVwYXJ0bWVudDETMBEG" << std::endl;
+		ss << "A1UEAwwKd2VyZmVuLmNvbTAeFw0xOTA0MDExNzU0MzVaFw0yOTAzMjkxNzU0MzVa" << std::endl;
+		ss << "MHwxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlCYXJjZWxvbmExEjAQBgNVBAcMCUJh" << std::endl;
+		ss << "cmNlbG9uYTEYMBYGA1UECgwPR2xvYmFsIFNlY3VyaXR5MRYwFAYDVQQLDA1JVCBE" << std::endl;
+		ss << "ZXBhcnRtZW50MRMwEQYDVQQDDAp3ZXJmZW4uY29tMIIBIjANBgkqhkiG9w0BAQEF" << std::endl;
+		ss << "AAOCAQ8AMIIBCgKCAQEAqML1B7VW66CjzQBais4/Jz05gsZ3GWNGA6VKv2TX0VMp" << std::endl;
+		ss << "+HnlXhJc+0WXZCLLSiKAwk70qQCdO2YNXg6sor5PcD1JvoFwQ8Kg34t3tZfiK48r" << std::endl;
+		ss << "0UDuoXTbUfvucN0UhHQg+yaz/2QKqzRE796d89RLmnSMPpiPN3t/bNrwx7KX1FGu" << std::endl;
+		ss << "Ppgow/AYI8419/LCvjl6+E5H7sy2j/svMaQJoRqguAaA+OG0PmLoKx2dgiX1kvXB" << std::endl;
+		ss << "xN8vgJxLfpUDjW/JqupReezZbVOdd51RJ4WGgnyhp09EkIhOW2ijmWglw5aO6rmM" << std::endl;
+		ss << "0UKqnp1uljomD8SBo3TpTpAj61Vl/2FqSi/szKoOdwIDAQABMA0GCSqGSIb3DQEB" << std::endl;
+		ss << "CwUAA4IBAQBzOU0vnuR1kkFDULEkUdhLJ6hx3E/7rkHHlM9W2tdr49dJyIF2XIBY" << std::endl;
+		ss << "LeO3tvo779D4ZWDvgQTgne+A7WLNBOOrRvvyZYD/sZEtqTzOFmjkQB9DvaIbvC3O" << std::endl;
+		ss << "OP26dJnCkHNp0qvjyjyMZmjtJJKHkkpVc11Z/NjcOJIBczookgAEnZnyrBfA6QwF" << std::endl;
+		ss << "juvkma05VOwuDrA+83+bzYFoFX65narVk4wtInVu9m4AZZTS+36ut6nopdMIpJHh" << std::endl;
+		ss << "0ysT1+M0SVievi7e2scwIJ0xxbC219kO+oU7ormcJn0h1gUD7+rbMtxTgy58oVaQ" << std::endl;
+		ss << "Ofe2qbaNiAhMKCHvUBUzupfpMTA1FWNZ" << std::endl;
+		ss << "-----END CERTIFICATE-----" << std::endl;
+
+		return ss.str();
+	};
 }
 
-std::string getServerPrivateKey()
+std::function<std::string()> getServerPrivateKey()
 {
-	std::stringstream ss;
-	ss << "-----BEGIN RSA PRIVATE KEY-----" << std::endl;
-	ss << "MIIEowIBAAKCAQEAqML1B7VW66CjzQBais4/Jz05gsZ3GWNGA6VKv2TX0VMp+Hnl" << std::endl;
-	ss << "XhJc+0WXZCLLSiKAwk70qQCdO2YNXg6sor5PcD1JvoFwQ8Kg34t3tZfiK48r0UDu" << std::endl;
-	ss << "oXTbUfvucN0UhHQg+yaz/2QKqzRE796d89RLmnSMPpiPN3t/bNrwx7KX1FGuPpgo" << std::endl;
-	ss << "w/AYI8419/LCvjl6+E5H7sy2j/svMaQJoRqguAaA+OG0PmLoKx2dgiX1kvXBxN8v" << std::endl;
-	ss << "gJxLfpUDjW/JqupReezZbVOdd51RJ4WGgnyhp09EkIhOW2ijmWglw5aO6rmM0UKq" << std::endl;
-	ss << "np1uljomD8SBo3TpTpAj61Vl/2FqSi/szKoOdwIDAQABAoIBAQCLXAsJ5Ya0p3/8" << std::endl;
-	ss << "XslmDHD8T0O5qXhaX69GfW2fZYAO3LUw+kAdkd50pQAicdUcECfxzU+ea+JrVZe+" << std::endl;
-	ss << "TzHiZnOlBQdrqOnzGrrMPxiIvbbIL7+IWi106NHf/sHlM7uosVk27LwBLzTcMhqn" << std::endl;
-	ss << "VldrLamND6dsXYEO2Q3d72KcFe/pJH7RsHMuhc54VKU8VPR1jPB3AptquueCadXg" << std::endl;
-	ss << "g7cYis5WHPwGyzr6ksL1oMtS4mIkqJRoTtvIlyBN7oXPPRmOngvbUMl118YpgYys" << std::endl;
-	ss << "yG4ZWXOaRWfx905Z4W/JLBCpSoD4uf1xjyYaqrhH5EGXPhn1jj7Fd9k1mCWsUdGf" << std::endl;
-	ss << "2aNbBnc5AoGBANeft0FohBKOzWegiBJV65cIbIEnosQKGhrvh8xppFQgLHCC/mt8" << std::endl;
-	ss << "V9ed5pfElju1oB5WkAVUI1HI/OgcvyTHWwHOatof/6NaxknQgGoyJjgHibejfFvb" << std::endl;
-	ss << "ABh2ih3c5Q0h3yMwaKRt1ajqHfD0YQ0vVHBQpsmZosSSkapoCmaNlGbbAoGBAMhc" << std::endl;
-	ss << "0YHVzzsTmGe+6RMeBuXQsdK/sqltuX6VqyYIOvjd8Hw/HUFcVoGGIBcPR262vvQv" << std::endl;
-	ss << "+MxWGFSxJgNfm/k8jGPu051+vC5d/Luw7bhBJVmYKRqMxPQDsJocCF9qQI4jmr8Z" << std::endl;
-	ss << "Cp2XBbJtLiR8ranEEq1u+P4llfy7bVN8Khj/IuOVAoGAXGSRr7NLNHCAT3EYHVM3" << std::endl;
-	ss << "ueXgKI+FTR9PBE+zDsINqgaHREa9Ie2L7lY4oruX7EntLFLHL6FX6QmIZSU8OlQ6" << std::endl;
-	ss << "CNIcMw8XCTYyVRrEi7ylZ8jDGC8zcGCs786LbDRk6XWkGX36uMpfjRuUbNUqaO3o" << std::endl;
-	ss << "7p+AeE4e0sBDLpOaMUtlVZUCgYAkt63FJ1OEtgCV8oxv7m7BKs+LmYm6NttpcTAe" << std::endl;
-	ss << "FiAIf1OU0VQhKDTKI7Q5xZkHlwHDag8kExr+WkBnGdxRfmET5y5sjE8cCClKlA/c" << std::endl;
-	ss << "VkPr+VB/BxEIzqxMcZqvMZ+G7Mts/b/ORWDL4+oy0Y5ZsA7kLZP/rw+fcxGD3Rsx" << std::endl;
-	ss << "3X+dSQKBgA/RvLyMoXKdpEqD49DONjeRk0iCGSudqR4/ijPmha4EjE2gPe21T3Er" << std::endl;
-	ss << "kTI0YJPS/OYjQsXWrz5Nfq0/k9aclFLKnWuuefo4uvw0IbcG33tzONczMol9tAIf" << std::endl;
-	ss << "JFzwr9WrepdgTArcz0wLnEo30FCLUVm/dhx05+tkrtdtnAk79aQP" << std::endl;
-	ss << "-----END RSA PRIVATE KEY-----" << std::endl;
-
-	return ss.str();
+	return []()
+	{
+		std::stringstream ss;
+		ss << "-----BEGIN RSA PRIVATE KEY-----" << std::endl;
+		ss << "MIIEowIBAAKCAQEAqML1B7VW66CjzQBais4/Jz05gsZ3GWNGA6VKv2TX0VMp+Hnl" << std::endl;
+		ss << "XhJc+0WXZCLLSiKAwk70qQCdO2YNXg6sor5PcD1JvoFwQ8Kg34t3tZfiK48r0UDu" << std::endl;
+		ss << "oXTbUfvucN0UhHQg+yaz/2QKqzRE796d89RLmnSMPpiPN3t/bNrwx7KX1FGuPpgo" << std::endl;
+		ss << "w/AYI8419/LCvjl6+E5H7sy2j/svMaQJoRqguAaA+OG0PmLoKx2dgiX1kvXBxN8v" << std::endl;
+		ss << "gJxLfpUDjW/JqupReezZbVOdd51RJ4WGgnyhp09EkIhOW2ijmWglw5aO6rmM0UKq" << std::endl;
+		ss << "np1uljomD8SBo3TpTpAj61Vl/2FqSi/szKoOdwIDAQABAoIBAQCLXAsJ5Ya0p3/8" << std::endl;
+		ss << "XslmDHD8T0O5qXhaX69GfW2fZYAO3LUw+kAdkd50pQAicdUcECfxzU+ea+JrVZe+" << std::endl;
+		ss << "TzHiZnOlBQdrqOnzGrrMPxiIvbbIL7+IWi106NHf/sHlM7uosVk27LwBLzTcMhqn" << std::endl;
+		ss << "VldrLamND6dsXYEO2Q3d72KcFe/pJH7RsHMuhc54VKU8VPR1jPB3AptquueCadXg" << std::endl;
+		ss << "g7cYis5WHPwGyzr6ksL1oMtS4mIkqJRoTtvIlyBN7oXPPRmOngvbUMl118YpgYys" << std::endl;
+		ss << "yG4ZWXOaRWfx905Z4W/JLBCpSoD4uf1xjyYaqrhH5EGXPhn1jj7Fd9k1mCWsUdGf" << std::endl;
+		ss << "2aNbBnc5AoGBANeft0FohBKOzWegiBJV65cIbIEnosQKGhrvh8xppFQgLHCC/mt8" << std::endl;
+		ss << "V9ed5pfElju1oB5WkAVUI1HI/OgcvyTHWwHOatof/6NaxknQgGoyJjgHibejfFvb" << std::endl;
+		ss << "ABh2ih3c5Q0h3yMwaKRt1ajqHfD0YQ0vVHBQpsmZosSSkapoCmaNlGbbAoGBAMhc" << std::endl;
+		ss << "0YHVzzsTmGe+6RMeBuXQsdK/sqltuX6VqyYIOvjd8Hw/HUFcVoGGIBcPR262vvQv" << std::endl;
+		ss << "+MxWGFSxJgNfm/k8jGPu051+vC5d/Luw7bhBJVmYKRqMxPQDsJocCF9qQI4jmr8Z" << std::endl;
+		ss << "Cp2XBbJtLiR8ranEEq1u+P4llfy7bVN8Khj/IuOVAoGAXGSRr7NLNHCAT3EYHVM3" << std::endl;
+		ss << "ueXgKI+FTR9PBE+zDsINqgaHREa9Ie2L7lY4oruX7EntLFLHL6FX6QmIZSU8OlQ6" << std::endl;
+		ss << "CNIcMw8XCTYyVRrEi7ylZ8jDGC8zcGCs786LbDRk6XWkGX36uMpfjRuUbNUqaO3o" << std::endl;
+		ss << "7p+AeE4e0sBDLpOaMUtlVZUCgYAkt63FJ1OEtgCV8oxv7m7BKs+LmYm6NttpcTAe" << std::endl;
+		ss << "FiAIf1OU0VQhKDTKI7Q5xZkHlwHDag8kExr+WkBnGdxRfmET5y5sjE8cCClKlA/c" << std::endl;
+		ss << "VkPr+VB/BxEIzqxMcZqvMZ+G7Mts/b/ORWDL4+oy0Y5ZsA7kLZP/rw+fcxGD3Rsx" << std::endl;
+		ss << "3X+dSQKBgA/RvLyMoXKdpEqD49DONjeRk0iCGSudqR4/ijPmha4EjE2gPe21T3Er" << std::endl;
+		ss << "kTI0YJPS/OYjQsXWrz5Nfq0/k9aclFLKnWuuefo4uvw0IbcG33tzONczMol9tAIf" << std::endl;
+		ss << "JFzwr9WrepdgTArcz0wLnEo30FCLUVm/dhx05+tkrtdtnAk79aQP" << std::endl;
+		ss << "-----END RSA PRIVATE KEY-----" << std::endl;
+
+		return ss.str();
+	};
 }
 
 
@@ -164,6 +170,7 @@ int main(int argc, char* argv[])
 		securityConfiguration.setHTTPSEnabled(true);
 		securityConfiguration.setServerCertificate(getServerCertificate());
 		securityConfiguration.setServerPrivateKey(getServerPrivateKey());
+		securityConfiguration.setServerDHParam([]() { return ""; });
 
 		securityConfiguration.setTLSv10Enabled(cmdArgs->enableTLSv10);
 		securityConfiguration.setTLSv11Enabled(cmdArgs->enableTLSv11);