Domovská stránka Prehľadávať Pomoc
Registrovať Prihlásiť sa
devn00b
/
EQ2EMu
9
3
Fork 0
Súbory Issues 54
Strom: 3d54fd32f3
Branche Tagy
EQ2EMu
/
EQ2
/
source
/
depends
/
boost_1_72_0
/
libs
/
beast
/
doc
/
qbk
/
03_core
/
7b_detect_ssl.qbk

7b_detect_ssl.qbk 4.8 KB
História Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 
  1. [/
    2. 

  2.     Copyright (c) 2016-2019 Vinnie Falco (vinnie dot falco at gmail dot com)
    3. 

  3. 

  4.     Distributed under the Boost Software License, Version 1.0. (See accompanying
    5. 

  5.     file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
    6. 

  6. 

  7.     Official repository: https://github.com/boostorg/beast
    8. 

  8. ]
    9. 

  9. 

  10. [section:detect_ssl Detect SSL __example__]
    11. 

  11. 

  12. In this example we will build a simple function to detect the presence of the
    13. 

  13. [@https://tools.ietf.org/html/rfc2246#section-7.4 TLS client handshake]
    14. 

  14. given an input buffer sequence. Then we build on the example by adding a
    15. 

  15. synchronous stream algorithm. Finally, we implement an asynchronous
    16. 

  16. detection function using a composed operation. This SSL detector may
    17. 

  17. be used to allow a server to accept both TLS and plain (unencrypted)
    18. 

  18. connections at the same port.
    19. 

  19. 

  20. Here is the declaration for a function template to detect the SSL client
    21. 

  21. handshake. The function accepts any object whose type meets the requirements
    22. 

  22. of __ConstBufferSequence__. This gives callers flexibility to use a buffer
    23. 

  23. object whose behavior is appropriate to the task.
    24. 

  24. 

  25. [example_core_detect_ssl_1]
    26. 

  26. 

  27. The algorithm examines the buffer starting from the beginning, and
    28. 

  28. performs a series of qualifying checks against the TLS specification.
    29. 

  29. When not enough data exists to be certain, the returned value of
    30. 

  30. `boost::indeterminate` informs the caller to read more data into the buffer.
    31. 

  31. The function definition for the declaration above follows:
    32. 

  32. 

  33. [example_core_detect_ssl_2]
    34. 

  34. 

  35. The detection function above is suitably generic and targeted in
    36. 

  36. focus that it may be used as a building block to create higher level
    37. 

  37. abstractions. Our goal is to create a ['stream algorithm]: a function
    38. 

  38. which is invoked with a stream, that reads or writes (or both) to achieve
    39. 

  39. a purpose. In this case, to detect the TLS client handshake. Stream
    40. 

  40. algorithms may be synchronous or asynchronous. Because synchronous algorithms
    41. 

  41. are easier to write, we start there. Then we build the asynchronous version,
    42. 

  42. trying to model it similarly to make reasoning about it easier.
    43. 

  43. 

  44. The synchronous version is implemented thusly:
    45. 

  45. 

  46. [example_core_detect_ssl_3]
    47. 

  47. 

  48. Now that we have the synchronous version, we can attempt to model the
    49. 

  49. asynchronous version similarly. A function which launches an asynchronous
    50. 

  50. operation is called an ['initiating function].  While the synchronous
    51. 

  51. version above produces an error code through an output parameter, the
    52. 

  52. asynchronous version delivers the error code to a completion handler
    53. 

  53. or other custom mechanism defined by the completion token. The signature
    54. 

  54. of the initiating function reflects these differences.
    55. 

  55. 

  56. First we declare the initiating function and document the requirements,
    57. 

  57. parameters, preconditions, and effects:
    58. 

  58. 

  59. [example_core_detect_ssl_4]
    60. 

  60. 

  61. There are two additional components required to implement the initiating
    62. 

  62. function:
    63. 

  63. 

  64. * An intermediate completion handler, called the "composed operation"
    65. 

  65.   object, which holds the state of the operation while it is in progress,
    66. 

  66.   and also holds the user's completion handler to be invoked when the
    67. 

  67.   opeartion completes, and
    68. 

  68. 

  69. * An "initiation" function object which when invoked with parameters
    70. 

  70.   captured at the call site of the initiating function, constructs the 
    71. 

  71.   composed operation with the captured arguments and launches it.
    72. 

  72. 

  73. Here we forward declare the composed operation type, and provide the
    74. 

  74. definition of the initiation function object. They are placed in the
    75. 

  75. `detail` namespace since they should not be public:
    76. 

  76. 

  77. [example_core_detect_ssl_5]
    78. 

  78. 

  79. The initiating function definition itself is straightforward. We perform
    80. 

  80. type checking on the parameters, and then let `net::async_initiate`
    81. 

  81. capture the parameter list along with a copy of our initiation function
    82. 

  82. object. Depending on the specialization of `async_result` for the type
    83. 

  83. of `CompletionToken`, the initiation function may be invoked immediately.
    84. 

  84. Alternatively, it may be invoked later, after the initiating function
    85. 

  85. returns. This is known as "lazy execution," and allows efficient and
    86. 

  86. expressive abstractions to be written.
    87. 

  87. 

  88. [example_core_detect_ssl_6]
    89. 

  89. 

  90. Now we will declare our composed operation. There is a considerable
    91. 

  91. amount of necessary boilerplate to get this right, but the result
    92. 

  92. is worth the effort.
    93. 

  93. 

  94. [example_core_detect_ssl_7]
    95. 

  95. 

  96. The boilerplate is all done, and now we need to implement the function
    97. 

  97. call operator that turns this composed operation a completion handler
    98. 

  98. with the signature `void(error_code, std::size_t)` which is exactly
    99. 

  99. the signature needed when performing asynchronous reads. This function
    100. 

  100. is a transformation of the synchronous version of `detect_ssl` above,
    101. 

  101. but with the inversion of flow that characterizes code written in the
    102. 

  102. callback style:
    103. 

  103. 

  104. [example_core_detect_ssl_8]
    105. 

  105. 

  106. The examples
    107. 

  107. [path_link example/advanced/server/advanced_server.cpp advanced-server] and
    108. 

  108. [path_link example/advanced/server-flex/advanced_server_flex.cpp advanced-server-flex]
    109. 

  109. use this SSL detection function.
    110. 

  110. 

  111. [endsect]
    112.