Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[coro_http_client][improve]Improve ssl #540

Merged
merged 2 commits into from
Dec 25, 2023
Merged

[coro_http_client][improve]Improve ssl #540

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
411a542
set sni host name as default
qicosmos Dec 25, 2023
22e8890
update
qicosmos Dec 25, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 24 additions & 21 deletions include/ylt/thirdparty/cinatra/coro_http_client.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -181,8 +181,8 @@ class coro_http_client : public std::enable_shared_from_this<coro_http_client> {
}
#ifdef CINATRA_ENABLE_SSL
if (conf.use_ssl) {
return init_ssl(conf.base_path, conf.cert_file, conf.verify_mode,
conf.domain);
return init_ssl(conf.domain, conf.base_path, conf.cert_file,
conf.verify_mode);
}
return true;
#endif
Expand All @@ -201,9 +201,9 @@ class coro_http_client : public std::enable_shared_from_this<coro_http_client> {
}

#ifdef CINATRA_ENABLE_SSL
bool init_ssl(const std::string &base_path, const std::string &cert_file,
int verify_mode = asio::ssl::verify_none,
const std::string &domain = "localhost") {
bool init_ssl(const std::string &sni_hostname, const std::string &base_path,
const std::string &cert_file,
int verify_mode = asio::ssl::verify_none) {
try {
ssl_init_ret_ = false;
ssl_ctx_ =
Expand All @@ -223,19 +223,22 @@ class coro_http_client : public std::enable_shared_from_this<coro_http_client> {

ssl_ctx_->set_verify_mode(verify_mode);

// ssl_ctx_.add_certificate_authority(asio::buffer(CA_PEM));
if (!domain.empty())
ssl_ctx_->set_verify_callback(
asio::ssl::host_name_verification(domain));

socket_->ssl_stream_ =
std::make_unique<asio::ssl::stream<asio::ip::tcp::socket &>>(
socket_->impl_, *ssl_ctx_);
// Set SNI Hostname (many hosts need this to handshake successfully)
if (!sni_hostname_.empty()) {
SSL_set_tlsext_host_name(socket_->ssl_stream_->native_handle(),
sni_hostname_.c_str());

// ssl_ctx_.add_certificate_authority(asio::buffer(CA_PEM));
if (!sni_hostname.empty()) {
ssl_ctx_->set_verify_callback(
asio::ssl::host_name_verification(sni_hostname));

if (need_set_sni_host_) {
// Set SNI Hostname (many hosts need this to handshake successfully)
SSL_set_tlsext_host_name(socket_->ssl_stream_->native_handle(),
sni_hostname.c_str());
}
}

use_ssl_ = true;
ssl_init_ret_ = true;
} catch (std::exception &e) {
Expand All @@ -244,9 +247,9 @@ class coro_http_client : public std::enable_shared_from_this<coro_http_client> {
return ssl_init_ret_;
}

[[nodiscard]] bool init_ssl(std::string full_path = "",
int verify_mode = asio::ssl::verify_none,
const std::string &domain = "localhost") {
[[nodiscard]] bool init_ssl(const std::string &sni_hostname = "",
std::string full_path = "",
int verify_mode = asio::ssl::verify_none) {
std::string base_path;
std::string cert_file;
if (full_path.empty()) {
Expand All @@ -257,7 +260,7 @@ class coro_http_client : public std::enable_shared_from_this<coro_http_client> {
base_path = full_path.substr(0, full_path.find_last_of('/'));
cert_file = full_path.substr(full_path.find_last_of('/') + 1);
}
return init_ssl(base_path, cert_file, verify_mode, domain);
return init_ssl(sni_hostname, base_path, cert_file, verify_mode);
}
#endif

Expand Down Expand Up @@ -797,7 +800,7 @@ class coro_http_client : public std::enable_shared_from_this<coro_http_client> {

socket_->has_closed_ = true;
#ifdef CINATRA_ENABLE_SSL
sni_hostname_ = "";
need_set_sni_host_ = true;
if (use_ssl_) {
socket_->ssl_stream_ = nullptr;
socket_->ssl_stream_ =
Expand Down Expand Up @@ -1128,7 +1131,7 @@ class coro_http_client : public std::enable_shared_from_this<coro_http_client> {
}

#ifdef CINATRA_ENABLE_SSL
void set_sni_hostname(const std::string &host) { sni_hostname_ = host; }
void enable_sni_hostname(bool r) { need_set_sni_host_ = r; }
#endif

template <typename T, typename U>
Expand Down Expand Up @@ -1869,7 +1872,7 @@ class coro_http_client : public std::enable_shared_from_this<coro_http_client> {
std::unique_ptr<asio::ssl::context> ssl_ctx_ = nullptr;
bool ssl_init_ret_ = true;
bool use_ssl_ = false;
std::string sni_hostname_ = "";
bool need_set_sni_host_ = true;
#endif
std::string redirect_uri_;
bool enable_follow_redirect_ = false;
Expand Down
13 changes: 5 additions & 8 deletions src/coro_http/examples/example.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,13 +76,10 @@ async_simple::coro::Lazy<void> test_async_client(
async_simple::coro::Lazy<void> test_async_ssl_client(
coro_http::coro_http_client &client) {
#ifdef CINATRA_ENABLE_SSL
std::string uri2 = "https://www.baidu.com";
std::string uri3 = "https://cn.bing.com";
[[maybe_unused]] auto ec =
client.init_ssl("../../include/cinatra", "server.crt");
auto data = co_await client.async_get(uri2);
std::cout << data.status << std::endl;
data = co_await client.async_get(uri3);
std::string uri = "https://cn.bing.com";
[[maybe_unused]] auto ec = client.init_ssl("cn.bing.com");
auto data = co_await client.async_get(uri);
std::cout << data.net_err.message() << "\n";
std::cout << data.status << std::endl;
#endif
co_return;
Expand Down Expand Up @@ -150,7 +147,7 @@ void use_out_buf() {
str.resize(10);
std::string url = "http://cn.bing.com";

str.resize(6400);
str.resize(16400);
coro_http_client client;
auto ret = client.async_request(url, http_method::GET, req_context<>{}, {},
std::span<char>{str.data(), str.size()});
Expand Down
Loading