123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712 |
- //
- // Copyright (c) 2016-2019 Vinnie Falco (vinnie dot falco at gmail dot com)
- //
- // Distributed under the Boost Software License, Version 1.0. (See accompanying
- // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
- //
- // Official repository: https://github.com/boostorg/beast
- //
- //------------------------------------------------------------------------------
- //
- // Example: HTTP flex server (plain and SSL), asynchronous
- //
- //------------------------------------------------------------------------------
- #include "example/common/server_certificate.hpp"
- #include <boost/beast/core.hpp>
- #include <boost/beast/http.hpp>
- #include <boost/beast/ssl.hpp>
- #include <boost/beast/version.hpp>
- #include <boost/asio/dispatch.hpp>
- #include <boost/asio/strand.hpp>
- #include <boost/config.hpp>
- #include <algorithm>
- #include <cstdlib>
- #include <functional>
- #include <iostream>
- #include <memory>
- #include <string>
- #include <thread>
- namespace beast = boost::beast; // from <boost/beast.hpp>
- namespace http = beast::http; // from <boost/beast/http.hpp>
- namespace net = boost::asio; // from <boost/asio.hpp>
- namespace ssl = boost::asio::ssl; // from <boost/asio/ssl.hpp>
- using tcp = boost::asio::ip::tcp; // from <boost/asio/ip/tcp.hpp>
- // Return a reasonable mime type based on the extension of a file.
- beast::string_view
- mime_type(beast::string_view path)
- {
- using beast::iequals;
- auto const ext = [&path]
- {
- auto const pos = path.rfind(".");
- if(pos == beast::string_view::npos)
- return beast::string_view{};
- return path.substr(pos);
- }();
- if(iequals(ext, ".htm")) return "text/html";
- if(iequals(ext, ".html")) return "text/html";
- if(iequals(ext, ".php")) return "text/html";
- if(iequals(ext, ".css")) return "text/css";
- if(iequals(ext, ".txt")) return "text/plain";
- if(iequals(ext, ".js")) return "application/javascript";
- if(iequals(ext, ".json")) return "application/json";
- if(iequals(ext, ".xml")) return "application/xml";
- if(iequals(ext, ".swf")) return "application/x-shockwave-flash";
- if(iequals(ext, ".flv")) return "video/x-flv";
- if(iequals(ext, ".png")) return "image/png";
- if(iequals(ext, ".jpe")) return "image/jpeg";
- if(iequals(ext, ".jpeg")) return "image/jpeg";
- if(iequals(ext, ".jpg")) return "image/jpeg";
- if(iequals(ext, ".gif")) return "image/gif";
- if(iequals(ext, ".bmp")) return "image/bmp";
- if(iequals(ext, ".ico")) return "image/vnd.microsoft.icon";
- if(iequals(ext, ".tiff")) return "image/tiff";
- if(iequals(ext, ".tif")) return "image/tiff";
- if(iequals(ext, ".svg")) return "image/svg+xml";
- if(iequals(ext, ".svgz")) return "image/svg+xml";
- return "application/text";
- }
- // Append an HTTP rel-path to a local filesystem path.
- // The returned path is normalized for the platform.
- std::string
- path_cat(
- beast::string_view base,
- beast::string_view path)
- {
- if(base.empty())
- return std::string(path);
- std::string result(base);
- #ifdef BOOST_MSVC
- char constexpr path_separator = '\\';
- if(result.back() == path_separator)
- result.resize(result.size() - 1);
- result.append(path.data(), path.size());
- for(auto& c : result)
- if(c == '/')
- c = path_separator;
- #else
- char constexpr path_separator = '/';
- if(result.back() == path_separator)
- result.resize(result.size() - 1);
- result.append(path.data(), path.size());
- #endif
- return result;
- }
- // This function produces an HTTP response for the given
- // request. The type of the response object depends on the
- // contents of the request, so the interface requires the
- // caller to pass a generic lambda for receiving the response.
- template<
- class Body, class Allocator,
- class Send>
- void
- handle_request(
- beast::string_view doc_root,
- http::request<Body, http::basic_fields<Allocator>>&& req,
- Send&& send)
- {
- // Returns a bad request response
- auto const bad_request =
- [&req](beast::string_view why)
- {
- http::response<http::string_body> res{http::status::bad_request, req.version()};
- res.set(http::field::server, BOOST_BEAST_VERSION_STRING);
- res.set(http::field::content_type, "text/html");
- res.keep_alive(req.keep_alive());
- res.body() = std::string(why);
- res.prepare_payload();
- return res;
- };
- // Returns a not found response
- auto const not_found =
- [&req](beast::string_view target)
- {
- http::response<http::string_body> res{http::status::not_found, req.version()};
- res.set(http::field::server, BOOST_BEAST_VERSION_STRING);
- res.set(http::field::content_type, "text/html");
- res.keep_alive(req.keep_alive());
- res.body() = "The resource '" + std::string(target) + "' was not found.";
- res.prepare_payload();
- return res;
- };
- // Returns a server error response
- auto const server_error =
- [&req](beast::string_view what)
- {
- http::response<http::string_body> res{http::status::internal_server_error, req.version()};
- res.set(http::field::server, BOOST_BEAST_VERSION_STRING);
- res.set(http::field::content_type, "text/html");
- res.keep_alive(req.keep_alive());
- res.body() = "An error occurred: '" + std::string(what) + "'";
- res.prepare_payload();
- return res;
- };
- // Make sure we can handle the method
- if( req.method() != http::verb::get &&
- req.method() != http::verb::head)
- return send(bad_request("Unknown HTTP-method"));
- // Request path must be absolute and not contain "..".
- if( req.target().empty() ||
- req.target()[0] != '/' ||
- req.target().find("..") != beast::string_view::npos)
- return send(bad_request("Illegal request-target"));
- // Build the path to the requested file
- std::string path = path_cat(doc_root, req.target());
- if(req.target().back() == '/')
- path.append("index.html");
- // Attempt to open the file
- beast::error_code ec;
- http::file_body::value_type body;
- body.open(path.c_str(), beast::file_mode::scan, ec);
- // Handle the case where the file doesn't exist
- if(ec == beast::errc::no_such_file_or_directory)
- return send(not_found(req.target()));
- // Handle an unknown error
- if(ec)
- return send(server_error(ec.message()));
- // Cache the size since we need it after the move
- auto const size = body.size();
- // Respond to HEAD request
- if(req.method() == http::verb::head)
- {
- http::response<http::empty_body> res{http::status::ok, req.version()};
- res.set(http::field::server, BOOST_BEAST_VERSION_STRING);
- res.set(http::field::content_type, mime_type(path));
- res.content_length(size);
- res.keep_alive(req.keep_alive());
- return send(std::move(res));
- }
- // Respond to GET request
- http::response<http::file_body> res{
- std::piecewise_construct,
- std::make_tuple(std::move(body)),
- std::make_tuple(http::status::ok, req.version())};
- res.set(http::field::server, BOOST_BEAST_VERSION_STRING);
- res.set(http::field::content_type, mime_type(path));
- res.content_length(size);
- res.keep_alive(req.keep_alive());
- return send(std::move(res));
- }
- //------------------------------------------------------------------------------
- // Report a failure
- void
- fail(beast::error_code ec, char const* what)
- {
- // ssl::error::stream_truncated, also known as an SSL "short read",
- // indicates the peer closed the connection without performing the
- // required closing handshake (for example, Google does this to
- // improve performance). Generally this can be a security issue,
- // but if your communication protocol is self-terminated (as
- // it is with both HTTP and WebSocket) then you may simply
- // ignore the lack of close_notify.
- //
- // https://github.com/boostorg/beast/issues/38
- //
- // https://security.stackexchange.com/questions/91435/how-to-handle-a-malicious-ssl-tls-shutdown
- //
- // When a short read would cut off the end of an HTTP message,
- // Beast returns the error beast::http::error::partial_message.
- // Therefore, if we see a short read here, it has occurred
- // after the message has been completed, so it is safe to ignore it.
- if(ec == net::ssl::error::stream_truncated)
- return;
- std::cerr << what << ": " << ec.message() << "\n";
- }
- // Handles an HTTP server connection.
- // This uses the Curiously Recurring Template Pattern so that
- // the same code works with both SSL streams and regular sockets.
- template<class Derived>
- class session
- {
- // Access the derived class, this is part of
- // the Curiously Recurring Template Pattern idiom.
- Derived&
- derived()
- {
- return static_cast<Derived&>(*this);
- }
- // This is the C++11 equivalent of a generic lambda.
- // The function object is used to send an HTTP message.
- struct send_lambda
- {
- session& self_;
- explicit
- send_lambda(session& self)
- : self_(self)
- {
- }
- template<bool isRequest, class Body, class Fields>
- void
- operator()(http::message<isRequest, Body, Fields>&& msg) const
- {
- // The lifetime of the message has to extend
- // for the duration of the async operation so
- // we use a shared_ptr to manage it.
- auto sp = std::make_shared<
- http::message<isRequest, Body, Fields>>(std::move(msg));
- // Store a type-erased version of the shared
- // pointer in the class to keep it alive.
- self_.res_ = sp;
- // Write the response
- http::async_write(
- self_.derived().stream(),
- *sp,
- beast::bind_front_handler(
- &session::on_write,
- self_.derived().shared_from_this(),
- sp->need_eof()));
- }
- };
- std::shared_ptr<std::string const> doc_root_;
- http::request<http::string_body> req_;
- std::shared_ptr<void> res_;
- send_lambda lambda_;
- protected:
- beast::flat_buffer buffer_;
- public:
- // Take ownership of the buffer
- session(
- beast::flat_buffer buffer,
- std::shared_ptr<std::string const> const& doc_root)
- : doc_root_(doc_root)
- , lambda_(*this)
- , buffer_(std::move(buffer))
- {
- }
- void
- do_read()
- {
- // Set the timeout.
- beast::get_lowest_layer(
- derived().stream()).expires_after(std::chrono::seconds(30));
- // Read a request
- http::async_read(
- derived().stream(),
- buffer_,
- req_,
- beast::bind_front_handler(
- &session::on_read,
- derived().shared_from_this()));
- }
- void
- on_read(
- beast::error_code ec,
- std::size_t bytes_transferred)
- {
- boost::ignore_unused(bytes_transferred);
- // This means they closed the connection
- if(ec == http::error::end_of_stream)
- return derived().do_eof();
- if(ec)
- return fail(ec, "read");
- // Send the response
- handle_request(*doc_root_, std::move(req_), lambda_);
- }
- void
- on_write(
- bool close,
- beast::error_code ec,
- std::size_t bytes_transferred)
- {
- boost::ignore_unused(bytes_transferred);
- if(ec)
- return fail(ec, "write");
- if(close)
- {
- // This means we should close the connection, usually because
- // the response indicated the "Connection: close" semantic.
- return derived().do_eof();
- }
- // We're done with the response so delete it
- res_ = nullptr;
- // Read another request
- do_read();
- }
- };
- // Handles a plain HTTP connection
- class plain_session
- : public session<plain_session>
- , public std::enable_shared_from_this<plain_session>
- {
- beast::tcp_stream stream_;
- public:
- // Create the session
- plain_session(
- tcp::socket&& socket,
- beast::flat_buffer buffer,
- std::shared_ptr<std::string const> const& doc_root)
- : session<plain_session>(
- std::move(buffer),
- doc_root)
- , stream_(std::move(socket))
- {
- }
- // Called by the base class
- beast::tcp_stream&
- stream()
- {
- return stream_;
- }
- // Start the asynchronous operation
- void
- run()
- {
- // We need to be executing within a strand to perform async operations
- // on the I/O objects in this session. Although not strictly necessary
- // for single-threaded contexts, this example code is written to be
- // thread-safe by default.
- net::dispatch(stream_.get_executor(),
- beast::bind_front_handler(
- &session::do_read,
- shared_from_this()));
- }
- void
- do_eof()
- {
- // Send a TCP shutdown
- beast::error_code ec;
- stream_.socket().shutdown(tcp::socket::shutdown_send, ec);
- // At this point the connection is closed gracefully
- }
- };
- // Handles an SSL HTTP connection
- class ssl_session
- : public session<ssl_session>
- , public std::enable_shared_from_this<ssl_session>
- {
- beast::ssl_stream<beast::tcp_stream> stream_;
- public:
- // Create the session
- ssl_session(
- tcp::socket&& socket,
- ssl::context& ctx,
- beast::flat_buffer buffer,
- std::shared_ptr<std::string const> const& doc_root)
- : session<ssl_session>(
- std::move(buffer),
- doc_root)
- , stream_(std::move(socket), ctx)
- {
- }
- // Called by the base class
- beast::ssl_stream<beast::tcp_stream>&
- stream()
- {
- return stream_;
- }
- // Start the asynchronous operation
- void
- run()
- {
- auto self = shared_from_this();
- // We need to be executing within a strand to perform async operations
- // on the I/O objects in this session.
- net::dispatch(stream_.get_executor(), [self]() {
- // Set the timeout.
- beast::get_lowest_layer(self->stream_).expires_after(
- std::chrono::seconds(30));
- // Perform the SSL handshake
- // Note, this is the buffered version of the handshake.
- self->stream_.async_handshake(
- ssl::stream_base::server,
- self->buffer_.data(),
- beast::bind_front_handler(
- &ssl_session::on_handshake,
- self));
- });
- }
- void
- on_handshake(
- beast::error_code ec,
- std::size_t bytes_used)
- {
- if(ec)
- return fail(ec, "handshake");
- // Consume the portion of the buffer used by the handshake
- buffer_.consume(bytes_used);
- do_read();
- }
- void
- do_eof()
- {
- // Set the timeout.
- beast::get_lowest_layer(stream_).expires_after(std::chrono::seconds(30));
- // Perform the SSL shutdown
- stream_.async_shutdown(
- beast::bind_front_handler(
- &ssl_session::on_shutdown,
- shared_from_this()));
- }
- void
- on_shutdown(beast::error_code ec)
- {
- if(ec)
- return fail(ec, "shutdown");
- // At this point the connection is closed gracefully
- }
- };
- //------------------------------------------------------------------------------
- // Detects SSL handshakes
- class detect_session : public std::enable_shared_from_this<detect_session>
- {
- beast::tcp_stream stream_;
- ssl::context& ctx_;
- std::shared_ptr<std::string const> doc_root_;
- beast::flat_buffer buffer_;
- public:
- detect_session(
- tcp::socket&& socket,
- ssl::context& ctx,
- std::shared_ptr<std::string const> const& doc_root)
- : stream_(std::move(socket))
- , ctx_(ctx)
- , doc_root_(doc_root)
- {
- }
- // Launch the detector
- void
- run()
- {
- // Set the timeout.
- beast::get_lowest_layer(stream_).expires_after(std::chrono::seconds(30));
- // Detect a TLS handshake
- async_detect_ssl(
- stream_,
- buffer_,
- beast::bind_front_handler(
- &detect_session::on_detect,
- shared_from_this()));
- }
- void
- on_detect(beast::error_code ec, bool result)
- {
- if(ec)
- return fail(ec, "detect");
- if(result)
- {
- // Launch SSL session
- std::make_shared<ssl_session>(
- stream_.release_socket(),
- ctx_,
- std::move(buffer_),
- doc_root_)->run();
- return;
- }
- // Launch plain session
- std::make_shared<plain_session>(
- stream_.release_socket(),
- std::move(buffer_),
- doc_root_)->run();
- }
- };
- // Accepts incoming connections and launches the sessions
- class listener : public std::enable_shared_from_this<listener>
- {
- net::io_context& ioc_;
- ssl::context& ctx_;
- tcp::acceptor acceptor_;
- std::shared_ptr<std::string const> doc_root_;
- public:
- listener(
- net::io_context& ioc,
- ssl::context& ctx,
- tcp::endpoint endpoint,
- std::shared_ptr<std::string const> const& doc_root)
- : ioc_(ioc)
- , ctx_(ctx)
- , acceptor_(net::make_strand(ioc))
- , doc_root_(doc_root)
- {
- beast::error_code ec;
- // Open the acceptor
- acceptor_.open(endpoint.protocol(), ec);
- if(ec)
- {
- fail(ec, "open");
- return;
- }
- // Allow address reuse
- acceptor_.set_option(net::socket_base::reuse_address(true), ec);
- if(ec)
- {
- fail(ec, "set_option");
- return;
- }
- // Bind to the server address
- acceptor_.bind(endpoint, ec);
- if(ec)
- {
- fail(ec, "bind");
- return;
- }
- // Start listening for connections
- acceptor_.listen(
- net::socket_base::max_listen_connections, ec);
- if(ec)
- {
- fail(ec, "listen");
- return;
- }
- }
- // Start accepting incoming connections
- void
- run()
- {
- do_accept();
- }
- private:
- void
- do_accept()
- {
- // The new connection gets its own strand
- acceptor_.async_accept(
- net::make_strand(ioc_),
- beast::bind_front_handler(
- &listener::on_accept,
- shared_from_this()));
- }
- void
- on_accept(beast::error_code ec, tcp::socket socket)
- {
- if(ec)
- {
- fail(ec, "accept");
- }
- else
- {
- // Create the detector session and run it
- std::make_shared<detect_session>(
- std::move(socket),
- ctx_,
- doc_root_)->run();
- }
- // Accept another connection
- do_accept();
- }
- };
- //------------------------------------------------------------------------------
- int main(int argc, char* argv[])
- {
- // Check command line arguments.
- if (argc != 5)
- {
- std::cerr <<
- "Usage: http-server-flex <address> <port> <doc_root> <threads>\n" <<
- "Example:\n" <<
- " http-server-flex 0.0.0.0 8080 .\n";
- return EXIT_FAILURE;
- }
- auto const address = net::ip::make_address(argv[1]);
- auto const port = static_cast<unsigned short>(std::atoi(argv[2]));
- auto const doc_root = std::make_shared<std::string>(argv[3]);
- auto const threads = std::max<int>(1, std::atoi(argv[4]));
- // The io_context is required for all I/O
- net::io_context ioc{threads};
- // The SSL context is required, and holds certificates
- ssl::context ctx{ssl::context::tlsv12};
- // This holds the self-signed certificate used by the server
- load_server_certificate(ctx);
- // Create and launch a listening port
- std::make_shared<listener>(
- ioc,
- ctx,
- tcp::endpoint{address, port},
- doc_root)->run();
- // Run the I/O service on the requested number of threads
- std::vector<std::thread> v;
- v.reserve(threads - 1);
- for(auto i = threads - 1; i > 0; --i)
- v.emplace_back(
- [&ioc]
- {
- ioc.run();
- });
- ioc.run();
- return EXIT_SUCCESS;
- }
|