SilverMoonStudio/EHS
3
0
Fork 0
Code Issues 8 Pull Requests Actions Projects 1 Releases 5 Wiki Activity

Compare commits

base: SilverMoonStudio:135f855309160b450bda747535b5325d1751b44d
Branches Tags
SilverMoonStudio:main
SilverMoonStudio:NetChannels
SilverMoonStudio:v1.0.4-rc.5
SilverMoonStudio:v1.4.0-rc.4
SilverMoonStudio:v1.4.0-rc.3
SilverMoonStudio:v1.4.0-rc.2
SilverMoonStudio:v1.4.0-rc.1
SilverMoonStudio:v1.3.0
SilverMoonStudio:v1.2.3
SilverMoonStudio:v1.2.2
SilverMoonStudio:v1.2.1
SilverMoonStudio:1.3.0
SilverMoonStudio:v1.2.0
SilverMoonStudio:v1.1.0
SilverMoonStudio:v1.0.0
..
compare: SilverMoonStudio:c23cbc275f4f4704fd325f739f0b487688b8966b
Branches Tags
SilverMoonStudio:NetChannels
SilverMoonStudio:main
SilverMoonStudio:v1.0.4-rc.5
SilverMoonStudio:v1.4.0-rc.4
SilverMoonStudio:v1.4.0-rc.3
SilverMoonStudio:v1.4.0-rc.2
SilverMoonStudio:v1.4.0-rc.1
SilverMoonStudio:v1.3.0
SilverMoonStudio:v1.2.3
SilverMoonStudio:v1.2.2
SilverMoonStudio:v1.2.1
SilverMoonStudio:1.3.0
SilverMoonStudio:v1.2.0
SilverMoonStudio:v1.1.0
SilverMoonStudio:v1.0.0

No commits in common. "135f855309160b450bda747535b5325d1751b44d" and "c23cbc275f4f4704fd325f739f0b487688b8966b" have entirely different histories.
135f855309 ... c23cbc275f

5 changed files with 87 additions and 106 deletions
Show Stats Expand all files Collapse all files

11
include/ehs/io/socket/SSL.h
View File

@ -1,7 +1,5 @@
#pragma once
#include <openssl/types.h>
#include "ehs/EHS.h"
#include "ehs/Str.h"
#include "TCP.h"
@ -17,18 +15,15 @@ namespace ehs
class EHS_LIB_IO SSL : public TCP
{
private:
bool server;
SSL_CTX* ctx;
::SSL* sslHdl;
X509 *cert;
EVP_PKEY* pkey;
public:
~SSL() override;
SSL();
SSL(const IP &type, const bool &server);
SSL(const IP &type);
SSL(TCP&& tcp) noexcept;
@ -54,9 +49,9 @@ namespace ehs
UInt_64 Receive(Byte* const buffer, const UInt_32 size) override;
void UseCertificate(const Char_8* data, const UInt_32 &size);
void UseCertificate(const Byte* data, const UInt_64 size);
void UsePrivateKey(const Char_8* data, const UInt_32 &size);
void UsePrivateKey(const Byte* data, const UInt_64 size);
bool IsValid();
};

1
include/ehs/io/socket/Socket.h
View File

@ -41,7 +41,6 @@ namespace ehs
TEXT_PLAIN,
TEXT_HTML,
TEXT_XML,
IMG_X_ICON,
NONE
};

4
src/io/socket/Request.cpp
View File

@ -264,8 +264,6 @@ namespace ehs
return "text/html";
case ContentType::TEXT_XML:
return "text/xml";
case ContentType::IMG_X_ICON:
return "image/x-icon";
default:
return "";
}
@ -289,8 +287,6 @@ namespace ehs
return ContentType::TEXT_HTML;
else if (value == "text/xml")
return ContentType::TEXT_XML;
else if (value == "image/x-icon")
return ContentType::IMG_X_ICON;
else
return ContentType::NONE;
}

4
src/io/socket/Response.cpp
View File

@ -343,8 +343,6 @@ namespace ehs
return "text/html";
case ContentType::TEXT_XML:
return "text/xml";
case ContentType::IMG_X_ICON:
return "image/x-icon";
default:
return "";
}
@ -368,8 +366,6 @@ namespace ehs
return ContentType::TEXT_HTML;
else if (value == "text/xml")
return ContentType::TEXT_XML;
else if (value == "image/x-icon")
return ContentType::IMG_X_ICON;
else
return ContentType::NONE;
}

173
src/io/socket/SSL.cpp
View File

@ -1,11 +1,10 @@
#include "ehs/io/socket/SSL.h"
#include "ehs/io/Console.h"
#include <openssl/ssl.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/opensslv.h>
#include <openssl/provider.h>
namespace ehs
{
@ -14,11 +13,6 @@ namespace ehs
if (!IsValid())
return;
EVP_PKEY_free(pkey);
X509_free(cert);
if (sslHdl)
{
if (connection)
@ -32,28 +26,28 @@ namespace ehs
}
SSL::SSL()
: server(false), ctx(nullptr), sslHdl(nullptr), cert(nullptr), pkey(nullptr)
: ctx(nullptr), sslHdl(nullptr)
{
}
SSL::SSL(const IP &type, const bool &server)
: TCP(type), server(server), ctx(nullptr), sslHdl(nullptr), cert(nullptr), pkey(nullptr)
SSL::SSL(const IP &type)
: TCP(type), ctx(nullptr), sslHdl(nullptr)
{
SSL::Initialize();
}
SSL::SSL(TCP&& tcp) noexcept
: TCP(std::move(tcp)), server(false), ctx(nullptr), sslHdl(nullptr), cert(nullptr), pkey(nullptr)
: TCP(std::move(tcp)), ctx(nullptr), sslHdl(nullptr)
{
}
SSL::SSL(const TCP& tcp)
: TCP(tcp), server(false), ctx(nullptr), sslHdl(nullptr), cert(nullptr), pkey(nullptr)
: TCP(tcp), ctx(nullptr), sslHdl(nullptr)
{
}
SSL::SSL(const SSL& ssl)
: TCP(ssl), server(ssl.server), ctx(nullptr), sslHdl(nullptr), cert(nullptr), pkey(nullptr)
: TCP(ssl), ctx(nullptr), sslHdl(nullptr)
{
}
@ -64,11 +58,8 @@ namespace ehs
TCP::operator=(ssl);
server = ssl.server;
ctx = nullptr;
sslHdl = nullptr;
cert = nullptr;
pkey = nullptr;
return *this;
}
@ -81,40 +72,6 @@ namespace ehs
return;
SSL_library_init();
OpenSSL_add_ssl_algorithms();
SSL_load_error_strings();
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, nullptr);
OSSL_PROVIDER_load(nullptr, "default");
SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
if (server)
{
ctx = SSL_CTX_new(TLS_server_method());
if (!ctx)
{
UInt_32 code = ERR_get_error();
EHS_LOG_INT(LogType::ERR, 0, ERR_error_string(code, nullptr));
}
SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!MD5");
SSL_CTX_set_ciphersuites(ctx,
"TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:"
"TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-GCM-SHA256"
);
}
else
{
ctx = SSL_CTX_new(TLS_client_method());
if (!ctx)
{
UInt_32 code = ERR_get_error();
EHS_LOG_INT(LogType::ERR, 0, ERR_error_string(code, nullptr));
}
SSL_CTX_set_default_verify_paths(ctx);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, nullptr);
}
}
void SSL::Release()
@ -124,12 +81,6 @@ namespace ehs
if (!IsValid())
return;
EVP_PKEY_free(pkey);
pkey = nullptr;
X509_free(cert);
cert = nullptr;
if (sslHdl)
{
if (connection)
@ -157,12 +108,26 @@ namespace ehs
void SSL::Listen()
{
OpenSSL_add_ssl_algorithms();
SSL_load_error_strings();
ctx = SSL_CTX_new(TLS_server_method());
SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!MD5");
SSL_CTX_set_ciphersuites(ctx,
"TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:"
"TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-GCM-SHA256"
);
#if OPENSSL_VERSION_NUMBER < 0x10101000L
SSL_CTX_set_ecdh_auto(ctx, 1);
#endif
sslHdl = SSL_new(ctx);
SSL_set_fd(sslHdl, hdl);
TCP::Listen();
EHS_LOG_SUCCESS();
}
SSL* SSL::Accept()
@ -178,14 +143,8 @@ namespace ehs
delete tcp;
client->sslHdl = SSL_new(this->ctx);
if (!client->sslHdl)
{
UInt_32 code = ERR_get_error();
EHS_LOG_INT(LogType::ERR, 0, ERR_error_string(code, nullptr));
return nullptr;
}
client->ctx = nullptr;
client->sslHdl = SSL_new(ctx);
SSL_set_fd(client->sslHdl, client->hdl);
int err = SSL_accept(client->sslHdl);
@ -195,8 +154,6 @@ namespace ehs
return {};
}
EHS_LOG_SUCCESS();
return client;
}
@ -204,6 +161,26 @@ namespace ehs
{
TCP::Connect(address, port);
OpenSSL_add_ssl_algorithms();
SSL_load_error_strings();
if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, nullptr))
{
EHS_LOG_INT(LogType::ERR, 0, "Failed to initialize OpenSSL.");
return;
}
ctx = SSL_CTX_new(TLS_client_method());
if (!ctx)
{
EHS_LOG_INT(LogType::ERR, 1, "Failed to creat SSL context.");
return;
}
SSL_CTX_set_default_verify_paths(ctx);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, nullptr);
SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
sslHdl = SSL_new(ctx);
SSL_set_fd(sslHdl, hdl);
@ -212,7 +189,19 @@ namespace ehs
SInt_32 rc = SSL_connect(sslHdl);
if (rc != 1)
{
EHS_LOG_INT(LogType::ERR, 1, "Failed to connect with error #" + Str_8::FromNum(SSL_get_error(sslHdl, rc)) + ".");
SInt_32 err = SSL_get_error(sslHdl, rc);
if (err == SSL_ERROR_SSL)
{
UInt_32 e;
while ((e = ERR_get_error()) != 0)
{
char buf[256];
ERR_error_string_n(e, buf, sizeof(buf));
Console::Write_8(Str_8(buf));
}
}
EHS_LOG_INT(LogType::ERR, 2, "Failed to connect with error #" + Str_8::FromNum(err) + ".");
return;
}
@ -256,34 +245,40 @@ namespace ehs
return received;
}
void SSL::UseCertificate(const Char_8* data, const UInt_32 &size)
void SSL::UseCertificate(const Byte* data, const UInt_64 size)
{
BIO* certBio = BIO_new_mem_buf(data, (int)size);
X509 *cert = PEM_read_bio_X509(certBio, nullptr, nullptr, nullptr);
X509 *cert = d2i_X509(nullptr, &data, (long)size);
if (!cert)
{
EHS_LOG_INT(LogType::ERR, 0, "Invalid certificate.");
return;
}
if (!SSL_CTX_use_certificate(ctx, cert))
{
UInt_32 code = ERR_get_error();
EHS_LOG_INT(LogType::ERR, 0, ERR_error_string(code, nullptr));
return;
}
if (SSL_CTX_use_certificate(ctx, cert) != 1)
{
EHS_LOG_INT(LogType::ERR, 1, "Failed to use certificate.");
return;
}
BIO_free(certBio);
X509_free(cert);
}
void SSL::UsePrivateKey(const Char_8* data, const UInt_32 &size)
void SSL::UsePrivateKey(const Byte* data, const UInt_64 size)
{
BIO* keyBio = BIO_new_mem_buf(data, (int)size);
EVP_PKEY* pkey = PEM_read_bio_PrivateKey(keyBio, nullptr, nullptr, nullptr);
EVP_PKEY *key = d2i_PrivateKey(EVP_PKEY_RSA, nullptr, &data, (long)size);
if (!key)
{
EHS_LOG_INT(LogType::ERR, 0, "Invalid private key.");
return;
}
if (!SSL_CTX_use_PrivateKey(ctx, pkey))
{
UInt_32 code = ERR_get_error();
EHS_LOG_INT(LogType::ERR, 0, ERR_error_string(code, nullptr));
return;
}
if (SSL_CTX_use_PrivateKey(ctx, key) != 1)
{
EHS_LOG_INT(LogType::ERR, 1, "Failed to use private key.");
return;
}
BIO_free(keyBio);
EVP_PKEY_free(key);
}
bool SSL::IsValid()