SNode.C
Loading...
Searching...
No Matches
net::config::ConfigTlsServer Class Reference

#include <ConfigTlsServer.h>

Inheritance diagram for net::config::ConfigTlsServer:
Collaboration diagram for net::config::ConfigTlsServer:

Public Member Functions

ConfigTlsServersetForceSni (bool forceSni=true)
bool getForceSni () const
ConfigTlsServeraddSniCerts (const std::map< std::string, std::map< std::string, std::variant< std::string, bool, ssl_option_t > > > &sniCerts)
ConfigTlsServeraddSniCert (const std::string &domain, const std::map< std::string, std::variant< std::string, bool, ssl_option_t > > &sniCert)
const std::map< std::string, std::map< std::string, std::variant< std::string, bool, ssl_option_t > > > & getSniCerts () const
Public Member Functions inherited from net::config::ConfigTls
ConfigTlssetInitTimeout (const utils::Timeval &newInitTimeout)
utils::Timeval getInitTimeout () const
ConfigTlssetShutdownTimeout (const utils::Timeval &newShutdownTimeout)
utils::Timeval getShutdownTimeout () const
ConfigTlssetCert (const std::string &cert)
std::string getCert () const
ConfigTlssetCertKey (const std::string &certKey)
std::string getCertKey () const
ConfigTlssetCertKeyPassword (const std::string &certKeyPassword)
std::string getCertKeyPassword () const
ConfigTlssetCaCert (const std::string &caCert)
std::string getCaCert () const
ConfigTlssetCaCertDir (const std::string &caCertDir)
std::string getCaCertDir () const
ConfigTlssetCaCertUseDefaultDir (bool set=true)
bool getCaCertUseDefaultDir () const
ConfigTlssetCaCertAcceptUnknown (bool set=true)
bool getCaCertAcceptUnknown () const
ConfigTlssetCipherList (const std::string &cipherList)
std::string getCipherList () const
ConfigTlssetSslOptions (ssl_option_t sslOptions)
ssl_option_t getSslOptions () const
ConfigTlssetNoCloseNotifyIsEOF (bool noCloseNotifyIsEOF=true)
bool getNoCloseNotifyIsEOF () const
Public Member Functions inherited from net::config::ConfigSection
template<typename T>
 ConfigSection (ConfigInstance *instance, T *sectionPtr, const std::string &group="Sections")
 ~ConfigSection () override
 ConfigSection (const ConfigSection &)=delete
 ConfigSection (ConfigSection &&)=delete
ConfigSectionoperator= (const ConfigSection &)=delete
Public Member Functions inherited from utils::SubCommand
 SubCommand (const SubCommand &)=delete
 SubCommand (SubCommand &&)=delete
SubCommandoperator= (const SubCommand &)=delete
SubCommandoperator= (SubCommand &&)=delete
virtual ~SubCommand ()
std::string getName () const
std::string version () const
CLI::Option * setConfig (const std::string &defaultConfigFile) const
CLI::Option * setLogFile (const std::string &defaultLogFile) const
CLI::Option * setVersionFlag (const std::string &version) const
bool hasParent () const
SubCommandgetParent () const
SubCommandallowExtras (bool allow=true)
SubCommandrequired (bool required=true, bool force=true)
SubCommandrequired (SubCommand *subCommand, bool required=true)
SubCommandrequired (CLI::Option *option, bool required=true)
bool getRequired () const
SubCommandneeds (SubCommand *subCommand, bool needs=true)
SubCommanddisabled (SubCommand *subCommand, bool disabled=true)
SubCommandsetRequireCallback (const std::function< void(void)> &callback)
SubCommandfinalCallback (const std::function< void()> &finalCallback)
std::string configToStr () const
std::string help (const CLI::App *helpApp, const CLI::AppFormatMode &mode) const
void addSubCommandApp (std::shared_ptr< utils::AppWithPtr > subCommand)
template<typename NewSubCommand, typename... Args>
NewSubCommand * newSubCommand (Args &&... args)
template<typename RequestedSubCommand>
RequestedSubCommand * getSubCommand ()
template<typename RequestedSubCommand>
RequestedSubCommand * getSubCommand () const
CLI::Option * getOption (const std::string &name) const
CLI::Option * addOption (const std::string &name, const std::string &description, const std::string &typeName, const CLI::Validator &validator) const
template<typename ValueTypeT>
CLI::Option * addOption (const std::string &name, const std::string &description, const std::string &typeName, ValueTypeT defaultValue, const CLI::Validator &validator) const
template<typename ValueTypeT>
CLI::Option * addOptionVariable (const std::string &name, ValueTypeT &variable, const std::string &description, const std::string &typeName, const CLI::Validator &additionalValidator) const
template<typename ValueTypeT>
CLI::Option * addOptionVariable (const std::string &name, ValueTypeT &variable, const std::string &description, const std::string &typeName, ValueTypeT defaultValue, const CLI::Validator &additionalValidator) const
CLI::Option * addOptionFunction (const std::string &name, const std::function< void(const std::string &)> &callback, const std::string &description, const std::string &typeName, const CLI::Validator &validator) const
template<typename ValueTypeT>
CLI::Option * addOptionFunction (const std::string &name, const std::function< void(const std::string &)> &callback, const std::string &description, const std::string &typeName, ValueTypeT defaultValue, const CLI::Validator &validator) const
CLI::Option * addFlag (const std::string &name, const std::string &description, const std::string &typeName, const CLI::Validator &validator) const
template<typename ValueTypeT>
CLI::Option * addFlag (const std::string &name, const std::string &description, const std::string &typeName, ValueTypeT defaultValue, const CLI::Validator &validator) const
CLI::Option * addFlagFunction (const std::string &name, const std::function< void()> &callback, const std::string &description, const std::string &typeName, const CLI::Validator &validator) const
CLI::Option * addFlagFunction (const std::string &name, const std::function< void()> &callback, const std::string &description, const std::string &typeName, const std::string &defaultValue, const CLI::Validator &validator) const

Protected Member Functions

 ConfigTlsServer (ConfigInstance *instance)
 ~ConfigTlsServer () override
Protected Member Functions inherited from net::config::ConfigTls
template<typename ConcretConfigTls>
 ConfigTls (ConfigInstance *instance, ConcretConfigTls section)
 ~ConfigTls () override
Protected Member Functions inherited from utils::SubCommand
 SubCommand (SubCommand *parent, std::shared_ptr< utils::AppWithPtr > appWithPtr, const std::string &group, bool final=false)
template<typename ConcretSubCommand>
 SubCommand (SubCommand *parent, ConcretSubCommand *concretSubCommand, const std::string &group, bool final=false)
void parse (int argc, char *argv[]) const
SubCommanddescription (const std::string &description)
SubCommandfooter (const std::string &footer)
void removeSubCommand ()
template<typename ValueTypeT>
CLI::Option * setDefaultValue (CLI::Option *option, const ValueTypeT &value, bool clear=true) const
CLI::Option * setConfigurable (CLI::Option *option, bool configurable) const

Private Types

using Super = ConfigTls

Private Attributes

std::map< std::string, std::map< std::string, std::variant< std::string, bool, ssl_option_t > > > defaultSniCerts
std::map< std::string, std::map< std::string, std::variant< std::string, bool, ssl_option_t > > > configuredSniCerts
CLI::Option * sniCertsOpt = nullptr
CLI::Option * forceSniOpt = nullptr

Additional Inherited Members

Static Public Attributes inherited from net::config::ConfigTls
static constexpr std::string_view NAME {"tls"}
static constexpr std::string_view DESCRIPTION {"Configuration of SSL/TLS behavior"}
Static Protected Member Functions inherited from utils::SubCommand
static CLI::App * getHelpTriggerApp ()
static CLI::App * getShowConfigTriggerApp ()
static CLI::App * getCommandlineTriggerApp ()
Protected Attributes inherited from utils::SubCommand
CLI::Option * helpOpt = nullptr
Static Protected Attributes inherited from utils::SubCommand
static std::shared_ptr< CLI::Formatter > sectionFormatter = makeSectionFormatter()
static std::map< std::string, std::string > aliases
static CLI::App * helpTriggerApp = nullptr
static CLI::App * showConfigTriggerApp = nullptr
static CLI::App * commandlineTriggerApp = nullptr

Detailed Description

Definition at line 63 of file ConfigTlsServer.h.

Member Typedef Documentation

◆ Super

using net::config::ConfigTlsServer::Super = ConfigTls
private

Definition at line 65 of file ConfigTlsServer.h.

Constructor & Destructor Documentation

◆ ConfigTlsServer()

net::config::ConfigTlsServer::ConfigTlsServer ( ConfigInstance * instance)
explicitprotected

Definition at line 58 of file ConfigTlsServer.cpp.

59 : ConfigTls(instance, this) {
60 sniCertsOpt = addOptionVariable("--sni-cert",
61 configuredSniCerts,
62 "Server Name Indication (SNI) Certificates:\n"
63 "sni = SNI of the virtual server\n"
64 "<key> = {\n"
65 " Cert -> value:PEM-FILE [\"\"]\n"
66 " CertKey -> value:PEM-FILE [\"\"]\n"
67 " CertKeyPassword -> value:TEXT [\"\"]\n"
68 " CaCert -> value:PEM-FILE [\"\"]\n"
69 " CaCertDir -> value:PEM-CONTAINER-DIR [\"\"]\n"
70 " CaCertUseDefaultDir -> value:BOOLEAN [false]\n"
71 " CipherList -> value:CIPHER [\"\"]\n"
72 " SslOptions -> value:UINT [0]\n"
73 "}",
74 "sni <key> value [<key> value] ... [%% sni <key> value [<key> value] ...]",
75 CLI::TypeValidator<std::string>());
76
77 sniCertsOpt->default_function([this]() -> std::string {
78 std::string defaultValue;
79
80 for (const auto& [domain, sniCertConf] : defaultSniCerts) {
81 defaultValue += (!defaultValue.empty() ? "%% " : "") + domain + " ";
82
83 for (const auto& [key, value] : sniCertConf) {
84 defaultValue += key + " ";
85
86 if (key == "Cert") {
87 defaultValue += std::get<std::string>(value) + " ";
88 } else if (key == "CertKey") {
89 defaultValue += std::get<std::string>(value) + " ";
90 } else if (key == "CertKeyPassword") {
91 defaultValue += std::get<std::string>(value) + " ";
92 } else if (key == "CaCert") {
93 defaultValue += std::get<std::string>(value) + " ";
94 } else if (key == "CaCertDir") {
95 defaultValue += std::get<std::string>(value) + " ";
96 } else if (key == "CaCertUseDefaultDir") {
97 defaultValue += std::get<bool>(value) ? "true " : "false ";
98 } else if (key == "CipherList") {
99 defaultValue += std::get<std::string>(value) + " ";
100 } else if (key == "SslOptions") {
101 defaultValue += std::to_string(std::get<ssl_option_t>(value)) + " ";
102 }
103 }
104 }
105
106 defaultValue.pop_back();
107
108 return "[" + defaultValue + "]";
109 });
110
111 forceSniOpt = addFlag( //
112 "--force-sni{true}",
113 "Force using of the Server Name Indication",
114 "bool",
115 "false",
116 CLI::IsMember({"true", "false"}));
117
118 finalCallback([this]() {
119 for (auto& [domain, sniMap] : configuredSniCerts) {
120 if (domain.empty()) {
121 sniCertsOpt //
122 ->clear();
123 sniMap.clear();
124 break;
125 }
126 for (auto& [key, value] : sniMap) {
127 if (key != "Cert" && //
128 key != "CertKey" && //
129 key != "CertKeyPassword" && //
130 key != "CaCert" && //
131 key != "CaCertDir" && //
132 key != "CaCertUseDefaultDir" && //
133 key != "CipherList" && //
134 key != "SslOptions") {
135 throw CLI::ConversionError("'" + key + "' of option '--" + getParent()->getName() + "." + getName() + ".sni-cert'",
136 "<key>");
137 }
138 }
139 }
140 });
141 }
net::config::ConfigTlsServer::configuredSniCerts
std::map< std::string, std::map< std::string, std::variant< std::string, bool, ssl_option_t > > > configuredSniCerts
Definition ConfigTlsServer.h:84
net::config::ConfigTlsServer::defaultSniCerts
std::map< std::string, std::map< std::string, std::variant< std::string, bool, ssl_option_t > > > defaultSniCerts
Definition ConfigTlsServer.h:83
net::config::ConfigTls::ConfigTls
ConfigTls(ConfigInstance *instance, ConcretConfigTls section)
Definition ConfigTls.hpp:52
utils::SubCommand::finalCallback
SubCommand * finalCallback(const std::function< void()> &finalCallback)
Definition SubCommand.cpp:321
utils::SubCommand::getParent
SubCommand * getParent() const
Definition SubCommand.cpp:188
utils::SubCommand::getName
std::string getName() const
Definition SubCommand.cpp:129
utils::SubCommand::addFlag
CLI::Option * addFlag(const std::string &name, const std::string &description, const std::string &typeName, const CLI::Validator &validator) const
Definition SubCommand.cpp:395
utils::SubCommand::addOptionVariable
CLI::Option * addOptionVariable(const std::string &name, ValueTypeT &variable, const std::string &description, const std::string &typeName, const CLI::Validator &additionalValidator) const
Definition SubCommand.h:328

References utils::SubCommand::addFlag(), utils::SubCommand::addOptionVariable(), net::config::ConfigTls::ConfigTls(), configuredSniCerts, defaultSniCerts, utils::SubCommand::finalCallback(), forceSniOpt, utils::SubCommand::getName(), utils::SubCommand::getParent(), and sniCertsOpt.

Here is the call graph for this function:

◆ ~ConfigTlsServer()

net::config::ConfigTlsServer::~ConfigTlsServer ( )
overrideprotected

Definition at line 143 of file ConfigTlsServer.cpp.

143 {
144 }

Member Function Documentation

◆ addSniCert()

ConfigTlsServer * net::config::ConfigTlsServer::addSniCert ( const std::string & domain,
const std::map< std::string, std::variant< std::string, bool, ssl_option_t > > & sniCert )

Definition at line 164 of file ConfigTlsServer.cpp.

165 {
166 defaultSniCerts[domain] = sniCert;
167 sniCertsOpt->capture_default_str();
168
169 return this;
170 }

References defaultSniCerts, and sniCertsOpt.

◆ addSniCerts()

ConfigTlsServer * net::config::ConfigTlsServer::addSniCerts ( const std::map< std::string, std::map< std::string, std::variant< std::string, bool, ssl_option_t > > > & sniCerts)

Definition at line 156 of file ConfigTlsServer.cpp.

157 {
158 defaultSniCerts.insert(sniCerts.begin(), sniCerts.end());
159 sniCertsOpt->capture_default_str();
160
161 return this;
162 }

References defaultSniCerts, and sniCertsOpt.

◆ getForceSni()

bool net::config::ConfigTlsServer::getForceSni ( ) const

Definition at line 152 of file ConfigTlsServer.cpp.

152 {
153 return forceSniOpt->as<bool>();
154 }

References forceSniOpt.

◆ getSniCerts()

const std::map< std::string, std::map< std::string, std::variant< std::string, bool, ssl_option_t > > > & net::config::ConfigTlsServer::getSniCerts ( ) const

Definition at line 173 of file ConfigTlsServer.cpp.

173 {
174 return configuredSniCerts.empty() ? defaultSniCerts : configuredSniCerts;
175 }

References configuredSniCerts, and defaultSniCerts.

Referenced by net::config::stream::tls::ConfigSocketServer< ConfigSocketServerBaseT >::getSslCtx().

Here is the caller graph for this function:

◆ setForceSni()

ConfigTlsServer * net::config::ConfigTlsServer::setForceSni ( bool forceSni = true)

Definition at line 146 of file ConfigTlsServer.cpp.

146 {
147 setDefaultValue(forceSniOpt, forceSni ? "true" : "false");
148
149 return this;
150 }
utils::SubCommand::setDefaultValue
CLI::Option * setDefaultValue(CLI::Option *option, const ValueTypeT &value, bool clear=true) const
Definition SubCommand.h:367

References forceSniOpt, and utils::SubCommand::setDefaultValue().

Here is the call graph for this function:

Member Data Documentation

◆ configuredSniCerts

std::map<std::string, std::map<std::string, std::variant<std::string, bool, ssl_option_t> > > net::config::ConfigTlsServer::configuredSniCerts
private

Definition at line 84 of file ConfigTlsServer.h.

Referenced by ConfigTlsServer(), and getSniCerts().

◆ defaultSniCerts

std::map<std::string, std::map<std::string, std::variant<std::string, bool, ssl_option_t> > > net::config::ConfigTlsServer::defaultSniCerts
private

Definition at line 83 of file ConfigTlsServer.h.

Referenced by addSniCert(), addSniCerts(), ConfigTlsServer(), and getSniCerts().

◆ forceSniOpt

CLI::Option* net::config::ConfigTlsServer::forceSniOpt = nullptr
private

Definition at line 87 of file ConfigTlsServer.h.

Referenced by ConfigTlsServer(), getForceSni(), and setForceSni().

◆ sniCertsOpt

CLI::Option* net::config::ConfigTlsServer::sniCertsOpt = nullptr
private

Definition at line 86 of file ConfigTlsServer.h.

Referenced by addSniCert(), addSniCerts(), and ConfigTlsServer().

The documentation for this class was generated from the following files: