+70 -60

maple/maple.cc

reviewed

··· 33 33 #include "titan.hh" 34 34 35 35 auto main() -> int { 36 36 - sockaddr_in socket_address {}; 37 36 std::vector<std::string> gemini_files; 38 37 bool titan = false; 39 38 std::string titan_token; ··· 43 42 maple::setup_environment(titan, titan_token, titan_max_size); 44 43 45 44 // Try a graceful shutdown when a SIGINT is detected 46 46 - signal(SIGINT, [](int signal_) -> void { 47 47 - std::cout << "shutdown(" << signal_ << ")" << std::endl; 45 45 + signal(SIGINT, [](int _signal) -> void { 46 46 + std::cout << "shutdown(" << _signal << ")" << std::endl; 48 47 49 48 close(maple::maple_socket); 50 49 SSL_CTX_free(maple::ssl_context); ··· 77 76 std::cout << "serving " << file << std::endl; 78 77 } 79 78 80 80 - // Setup OpenSSL 81 81 - SSL_library_init(); 82 82 - SSL_load_error_strings(); 83 83 - 84 84 - maple::ssl_context = SSL_CTX_new(TLS_server_method()); 85 85 - if (!maple::ssl_context) { 86 86 - maple::exit_with("unable to create ssl context", true); 87 87 - } 88 88 - 89 89 - if (SSL_CTX_use_certificate_file( 90 90 - maple::ssl_context, 91 91 - ".maple/public.pem", 92 92 - SSL_FILETYPE_PEM 93 93 - ) <= 0) { 94 94 - maple::exit_with("unable to use certificate file", true); 95 95 - } 96 96 - if (SSL_CTX_use_PrivateKey_file( 97 97 - maple::ssl_context, 98 98 - ".maple/private.pem", 99 99 - SSL_FILETYPE_PEM 100 100 - ) <= 0) { 101 101 - maple::exit_with("unable to use private key file", true); 102 102 - } 103 103 - 104 104 - socket_address.sin_family = AF_INET; 105 105 - socket_address.sin_port = htons(1965); 106 106 - socket_address.sin_addr.s_addr = htonl(INADDR_ANY); 107 107 - 108 108 - maple::maple_socket = socket(AF_INET, SOCK_STREAM, 0); 109 109 - 110 110 - if (maple::maple_socket < 0) { 111 111 - maple::exit_with("unable to create socket", false); 112 112 - } 113 113 - 114 114 - // Reuse address. Allows the use of the address instantly after a SIGINT 115 115 - // without having to wait for the socket to die. 116 116 - int reuse_addr = 1; 117 117 - if (setsockopt( 118 118 - maple::maple_socket, 119 119 - SOL_SOCKET, 120 120 - SO_REUSEADDR, 121 121 - &reuse_addr, 122 122 - sizeof(int) 123 123 - ) < 0) { 124 124 - maple::exit_with("unable to set socket options (SO_LINGER)", false); 125 125 - } 126 126 - 127 127 - if (bind( 128 128 - maple::maple_socket, 129 129 - reinterpret_cast<sockaddr *>(&socket_address), 130 130 - sizeof(socket_address) 131 131 - ) < 0) { 132 132 - maple::exit_with("unable to bind", false); 133 133 - } 134 134 - if (listen(maple::maple_socket, 1) < 0) { 135 135 - maple::exit_with("unable to listen", false); 136 136 - } 79 79 + // Setup SSL 80 80 + maple::setup_ssl(); 137 81 138 82 // Listen and serve connections 139 83 for (;;) { ··· 149 93 if (client < 0) { maple::exit_with("unable to accept", false); } 150 94 151 95 ssl = SSL_new(maple::ssl_context); 96 96 + 152 97 SSL_set_fd(ssl, client); 153 98 154 99 if (SSL_accept(ssl) <= 0) { ··· 189 134 // Try to remove the host, if you cannot; it must be a trailing 190 135 // slash-less hostname, so we will respond with the index. 191 136 size_t found_first = path.find_first_of('/'); 137 137 + 192 138 if (found_first != std::string::npos) { 193 139 path = path.substr( 194 140 found_first, ··· 201 147 if (request_scheme == 1) { 202 148 // Remove junk, if any 203 149 index_of_junk = path.find_first_of('\n'); 150 150 + 204 151 if (index_of_junk != std::string::npos) { 205 152 path.erase( 206 153 path.find_first_of('\n') - 1, ··· 300 247 301 248 titan = true; 302 249 } 250 250 + } 251 251 + } 252 252 + 253 253 + auto setup_ssl() -> void { 254 254 + sockaddr_in socket_address {}; 255 255 + 256 256 + // Setup OpenSSL 257 257 + SSL_library_init(); 258 258 + SSL_load_error_strings(); 259 259 + 260 260 + maple::ssl_context = SSL_CTX_new(TLS_server_method()); 261 261 + 262 262 + if (!maple::ssl_context) { 263 263 + maple::exit_with("unable to create ssl context", true); 264 264 + } 265 265 + 266 266 + if (SSL_CTX_use_certificate_file( 267 267 + maple::ssl_context, 268 268 + ".maple/public.pem", 269 269 + SSL_FILETYPE_PEM 270 270 + ) <= 0) { 271 271 + maple::exit_with("unable to use certificate file", true); 272 272 + } 273 273 + if (SSL_CTX_use_PrivateKey_file( 274 274 + maple::ssl_context, 275 275 + ".maple/private.pem", 276 276 + SSL_FILETYPE_PEM 277 277 + ) <= 0) { 278 278 + maple::exit_with("unable to use private key file", true); 279 279 + } 280 280 + 281 281 + socket_address.sin_family = AF_INET; 282 282 + socket_address.sin_port = htons(1965); 283 283 + socket_address.sin_addr.s_addr = htonl(INADDR_ANY); 284 284 + 285 285 + maple::maple_socket = socket(AF_INET, SOCK_STREAM, 0); 286 286 + 287 287 + if (maple::maple_socket < 0) { 288 288 + maple::exit_with("unable to create socket", false); 289 289 + } 290 290 + 291 291 + // Reuse address. Allows the use of the address instantly after a SIGINT 292 292 + // without having to wait for the socket to die. 293 293 + int reuse_addr = 1; 294 294 + if (setsockopt( 295 295 + maple::maple_socket, 296 296 + SOL_SOCKET, 297 297 + SO_REUSEADDR, 298 298 + &reuse_addr, 299 299 + sizeof(int) 300 300 + ) < 0) { 301 301 + maple::exit_with("unable to set socket options (SO_LINGER)", false); 302 302 + } 303 303 + 304 304 + if (bind( 305 305 + maple::maple_socket, 306 306 + reinterpret_cast<sockaddr *>(&socket_address), 307 307 + sizeof(socket_address) 308 308 + ) < 0) { 309 309 + maple::exit_with("unable to bind", false); 310 310 + } 311 311 + if (listen(maple::maple_socket, 1) < 0) { 312 312 + maple::exit_with("unable to listen", false); 303 313 } 304 314 } 305 315 }

+1

maple/maple.hh

reviewed

··· 29 29 30 30 auto exit_with[[noreturn]](const char *, bool) -> void; 31 31 auto setup_environment(bool &, std::string &, size_t &) -> void; 32 32 + auto setup_ssl() -> void; 32 33 } 33 34 34 35 #endif // MAPLE_HH