From: Francis Dupont Date: Tue, 31 May 2022 21:35:39 +0000 (+0200) Subject: [#1706] Added TLS context to CmdHttpListener X-Git-Tag: Kea-2.1.7~52 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5464cf3aa0790741bfbb5c5df1ce07d1160c29c9;p=thirdparty%2Fkea.git [#1706] Added TLS context to CmdHttpListener --- diff --git a/src/lib/config/cmd_http_listener.cc b/src/lib/config/cmd_http_listener.cc index 36c3678219..1a7ca5260f 100644 --- a/src/lib/config/cmd_http_listener.cc +++ b/src/lib/config/cmd_http_listener.cc @@ -1,4 +1,4 @@ -// Copyright (C) 2021 Internet Systems Consortium, Inc. ("ISC") +// Copyright (C) 2021-2022 Internet Systems Consortium, Inc. ("ISC") // // This Source Code Form is subject to the terms of the Mozilla Public // License, v. 2.0. If a copy of the MPL was not distributed with this @@ -27,9 +27,11 @@ namespace isc { namespace config { CmdHttpListener::CmdHttpListener(const IOAddress& address, const uint16_t port, - const uint16_t thread_pool_size /* = 1 */) + const uint16_t thread_pool_size /* = 1 */, + TlsContextPtr context /* = () */) : address_(address), port_(port), thread_io_service_(), http_listener_(), - thread_pool_size_(thread_pool_size), thread_pool_() { + thread_pool_size_(thread_pool_size), thread_pool_(), + tls_context_(context) { } CmdHttpListener::~CmdHttpListener() { @@ -60,8 +62,8 @@ CmdHttpListener::start() { // Create the HTTP listener. It will open up a TCP socket and be // prepared to accept incoming connections. - TlsContextPtr tls_context; - http_listener_.reset(new HttpListener(*thread_io_service_, address_, port_, tls_context, rcf, + http_listener_.reset(new HttpListener(*thread_io_service_, address_, + port_, tls_context_, rcf, HttpListener::RequestTimeout(TIMEOUT_AGENT_RECEIVE_COMMAND), HttpListener::IdleTimeout(TIMEOUT_AGENT_IDLE_CONNECTION_TIMEOUT))); @@ -74,9 +76,10 @@ CmdHttpListener::start() { // OK, seems like we're good to go. LOG_DEBUG(command_logger, DBG_COMMAND, COMMAND_HTTP_LISTENER_STARTED) - .arg(thread_pool_size_) - .arg(address_) - .arg(port_); + .arg(thread_pool_size_) + .arg(address_) + .arg(port_) + .arg(!!tls_context_); } catch (const std::exception& ex) { isc_throw(Unexpected, "CmdHttpListener::run failed:" << ex.what()); } diff --git a/src/lib/config/cmd_http_listener.h b/src/lib/config/cmd_http_listener.h index cee570be7a..3848630d17 100644 --- a/src/lib/config/cmd_http_listener.h +++ b/src/lib/config/cmd_http_listener.h @@ -1,4 +1,4 @@ -// Copyright (C) 2021 Internet Systems Consortium, Inc. ("ISC") +// Copyright (C) 2021-2022 Internet Systems Consortium, Inc. ("ISC") // // This Source Code Form is subject to the terms of the Mozilla Public // License, v. 2.0. If a copy of the MPL was not distributed with this @@ -33,7 +33,8 @@ class CmdHttpListener { public: /// @brief Constructor CmdHttpListener(const asiolink::IOAddress& address, const uint16_t port, - const uint16_t thread_pool_size = 1); + const uint16_t thread_pool_size = 1, + asiolink::TlsContextPtr context = asiolink::TlsContextPtr()); /// @brief Destructor virtual ~CmdHttpListener(); @@ -100,6 +101,13 @@ public: return (thread_pool_size_); } + /// @brief Fetches the TLS context. + /// + /// @return TLS context. + asiolink::TlsContextPtr getTlsContext() const { + return (tls_context_); + } + /// @brief Fetches the number of threads in the pool. /// /// @return uint16_t containing the number of running threads. @@ -138,6 +146,9 @@ private: /// @brief The pool of threads that do IO work. http::HttpThreadPoolPtr thread_pool_; + + /// @brief The TLS context. + asiolink::TlsContextPtr tls_context_; }; /// @brief Defines a shared pointer to CmdHttpListener. diff --git a/src/lib/config/config_messages.cc b/src/lib/config/config_messages.cc index e4d7ce3825..87af1265d3 100644 --- a/src/lib/config/config_messages.cc +++ b/src/lib/config/config_messages.cc @@ -43,7 +43,7 @@ const char* values[] = { "COMMAND_ACCEPTOR_START", "Starting to accept connections via unix domain socket bound to %1", "COMMAND_DEREGISTERED", "Command %1 deregistered", "COMMAND_EXTENDED_REGISTERED", "Command %1 registered", - "COMMAND_HTTP_LISTENER_STARTED", "Command HTTP listener started with %1 threads, listening on %2:%3", + "COMMAND_HTTP_LISTENER_STARTED", "Command HTTP listener started with %1 threads, listening on %2:%3, use TLS: %4", "COMMAND_HTTP_LISTENER_STOPPED", "Command HTTP listener for %1:%2 stopped.", "COMMAND_HTTP_LISTENER_STOPPING", "Stopping Command HTTP listener for %1:%2", "COMMAND_PROCESS_ERROR1", "Error while processing command: %1", diff --git a/src/lib/config/config_messages.mes b/src/lib/config/config_messages.mes index 8a65ce575a..840f713eeb 100644 --- a/src/lib/config/config_messages.mes +++ b/src/lib/config/config_messages.mes @@ -23,12 +23,12 @@ This debug message indicates that the daemon started supporting specified command. The handler for the registered command includes a parameter holding entire command to be processed. -% COMMAND_HTTP_LISTENER_STARTED Command HTTP listener started with %1 threads, listening on %2:%3 +% COMMAND_HTTP_LISTENER_STARTED Command HTTP listener started with %1 threads, listening on %2:%3, use TLS: %4 This debug messages is issued when an HTTP listener has been started to accept connections from Command API clients through which commands can be received and responses sent. Arguments detail the number of threads -that the listener is using, and the address and port at which it -is listening. +that the listener is using, the address and port at which it is listening, +and if HTTPS/TLS is used or not. % COMMAND_HTTP_LISTENER_STOPPED Command HTTP listener for %1:%2 stopped. This debug messages is issued when the Command HTTP listener, listening