Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix #86: ECDHE with ASIO (w/ pull request #117) #90

Closed
wants to merge 2 commits into from
Closed

Fix #86: ECDHE with ASIO (w/ pull request #117) #90

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0903c62
Enable ECDHE support in RestBed
Apr 21, 2016
adb3362
ECDHE Support With Patched ASIO
Apr 25, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ option( BUILD_SHARED "Build shared library." OFF )
option( BUILD_EXAMPLES "Build examples applications." OFF )
option( BUILD_TESTS "Build all available test suites." OFF )
option( BUILD_SSL "Build secure socket layer support." ON )
option( ECDHE_SUPPORT "Support for ECDHE-based cipher suites" OFF )

#
# Configuration
Expand All @@ -32,6 +33,10 @@ if ( BUILD_SSL )
include_directories( SYSTEM ${ssl_INCLUDE} )
endif ( )

if ( ECDHE_SUPPORT )
add_definitions(-DECDHE_SUPPORT)
endif ( ECDHE_SUPPORT )

#
# Build
#
Expand Down
4 changes: 4 additions & 0 deletions example/https_service/source/example.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,11 @@ int main( const int, const char** )
ssl_settings->set_http_disabled( true );
ssl_settings->set_private_key( Uri( "file:///tmp/server.key" ) );
ssl_settings->set_certificate( Uri( "file:///tmp/server.crt" ) );
#ifndef ECDHE_SUPPORT
ssl_settings->set_temporary_diffie_hellman( Uri( "file:///tmp/dh768.pem" ) );
#else
ssl_settings->set_temporary_ecc_diffie_hellman(true);
#endif

auto settings = make_shared< Settings >( );
settings->set_ssl_settings( ssl_settings );
Expand Down
7 changes: 7 additions & 0 deletions source/corvusoft/restbed/detail/service_impl.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -244,6 +244,13 @@ namespace restbed
options = ( m_ssl_settings->has_enabled_single_diffie_hellman_use( ) ) ? options | asio::ssl::context::single_dh_use : options;
m_ssl_context->set_options( options );

#ifdef ECDHE_SUPPORT
if ( m_ssl_settings->has_enabled_ecc_diffie_hellman_use() )
{
m_ssl_context->use_tmp_ecdh(m_ssl_settings->get_certificate());
}
#endif

if ( not m_ssl_settings->get_bind_address( ).empty( ) )
{
const auto address = address::from_string( m_ssl_settings->get_bind_address( ) );
Expand Down
8 changes: 8 additions & 0 deletions source/corvusoft/restbed/detail/ssl_settings_impl.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,10 @@ namespace restbed
bool m_default_workarounds_enabled = true;

bool m_single_diffie_hellman_use_enabled = true;

#ifdef ECDHE_SUPPORT
bool m_ecc_diffie_hellman_use_enabled = false;
#endif

std::string m_bind_address = "";

Expand All @@ -65,6 +69,10 @@ namespace restbed
std::string m_certificate_authority_pool = "";

std::string m_temporary_diffie_hellman = "";

#ifdef ECDHE_SUPPORT
std::string m_temporary_ecc_diffie_hellman = "";
#endif
};
}
}
Expand Down
15 changes: 15 additions & 0 deletions source/corvusoft/restbed/ssl_settings.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,13 @@ namespace restbed
{
return m_pimpl->m_single_diffie_hellman_use_enabled;
}

#ifdef ECDHE_SUPPORT
bool SSLSettings::has_enabled_ecc_diffie_hellman_use( void ) const
{
return m_pimpl->m_ecc_diffie_hellman_use_enabled;
}
#endif

uint16_t SSLSettings::get_port( void ) const
{
Expand Down Expand Up @@ -176,6 +183,13 @@ namespace restbed
{
m_pimpl->m_single_diffie_hellman_use_enabled = value;
}

#ifdef ECDHE_SUPPORT
void SSLSettings::set_ecc_diffie_hellman_use_enabled( const bool value )
{
m_pimpl->m_ecc_diffie_hellman_use_enabled = value;
}
#endif

void SSLSettings::set_certificate( const Uri& value )
{
Expand Down Expand Up @@ -211,4 +225,5 @@ namespace restbed
{
m_pimpl->m_temporary_diffie_hellman = String::remove( "file://", value.to_string( ), String::CASE_INSENSITIVE );
}

}
6 changes: 6 additions & 0 deletions source/corvusoft/restbed/ssl_settings.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,9 @@ namespace restbed
bool has_enabled_default_workarounds( void ) const;

bool has_enabled_single_diffie_hellman_use( void ) const;
#ifdef ECDHE_SUPPORT
bool has_enabled_ecc_diffie_hellman_use( void ) const;
#endif

//Getters
uint16_t get_port( void ) const;
Expand Down Expand Up @@ -115,6 +118,9 @@ namespace restbed
void set_private_rsa_key( const Uri& value );

void set_temporary_diffie_hellman( const Uri& value );
#ifdef ECDHE_SUPPORT
void set_ecc_diffie_hellman_use_enabled( bool value );
#endif

//Operators

Expand Down