server_factory.cpp
Go to the documentation of this file.
1 #include <websocketpp/common/connection_hdl.hpp>
2 
3 #include <foxglove_bridge/server_factory.hpp>
4 #include <foxglove_bridge/websocket_notls.hpp>
5 #include <foxglove_bridge/websocket_server.hpp>
6 #include <foxglove_bridge/websocket_tls.hpp>
7 
8 namespace foxglove {
9 
10 template <>
11 std::unique_ptr<ServerInterface<websocketpp::connection_hdl>> ServerFactory::createServer(
12  const std::string& name, const std::function<void(WebSocketLogLevel, char const*)>& logHandler,
13  const ServerOptions& options) {
14  if (options.useTls) {
15  return std::make_unique<foxglove::Server<foxglove::WebSocketTls>>(name, logHandler, options);
16  } else {
17  return std::make_unique<foxglove::Server<foxglove::WebSocketNoTls>>(name, logHandler, options);
18  }
19 }
20 
21 template <>
22 inline void Server<WebSocketNoTls>::setupTlsHandler() {
23  _server.get_alog().write(APP, "Server running without TLS");
24 }
25 
26 template <>
27 inline void Server<WebSocketTls>::setupTlsHandler() {
28  _server.set_tls_init_handler([this](ConnHandle hdl) {
29  (void)hdl;
30 
31  namespace asio = websocketpp::lib::asio;
32  auto ctx = websocketpp::lib::make_shared<asio::ssl::context>(asio::ssl::context::sslv23);
33 
34  try {
35  ctx->set_options(asio::ssl::context::default_workarounds | asio::ssl::context::no_tlsv1 |
36  asio::ssl::context::no_sslv2 | asio::ssl::context::no_sslv3);
37  ctx->use_certificate_chain_file(_options.certfile);
38  ctx->use_private_key_file(_options.keyfile, asio::ssl::context::pem);
39 
40  // Ciphers are taken from the websocketpp example echo tls server:
41  // https://github.com/zaphoyd/websocketpp/blob/1b11fd301/examples/echo_server_tls/echo_server_tls.cpp#L119
42  constexpr char ciphers[] =
43  "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:"
44  "ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+"
45  "AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-"
46  "AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-"
47  "ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-"
48  "AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:"
49  "!MD5:!PSK";
50 
51  if (SSL_CTX_set_cipher_list(ctx->native_handle(), ciphers) != 1) {
52  _server.get_elog().write(RECOVERABLE, "Error setting cipher list");
53  }
54  } catch (const std::exception& ex) {
55  _server.get_elog().write(RECOVERABLE,
56  std::string("Exception in TLS handshake: ") + ex.what());
57  }
58  return ctx;
59  });
60 }
61 
62 } // namespace foxglove
foxglove::RECOVERABLE
static const websocketpp::log::level RECOVERABLE
Definition: websocket_server.hpp:73
foxglove
Definition: base64.hpp:8
foxglove::ServerFactory::createServer
static std::unique_ptr< ServerInterface< ConnectionHandle > > createServer(const std::string &name, const std::function< void(WebSocketLogLevel, char const *)> &logHandler, const ServerOptions &options)
foxglove::ServerOptions::useTls
bool useTls
Definition: server_interface.hpp:50
foxglove::ConnHandle
websocketpp::connection_hdl ConnHandle
Definition: websocket_server.hpp:68
foxglove::Server::setupTlsHandler
void setupTlsHandler()
foxglove::ServerOptions
Definition: server_interface.hpp:45
foxglove::WebSocketLogLevel
WebSocketLogLevel
Definition: common.hpp:43
server_factory.hpp
websocket_notls.hpp
foxglove::APP
static const websocketpp::log::level APP
Definition: websocket_server.hpp:71
websocket_tls.hpp
websocket_server.hpp

foxglove_bridge
Author(s): Foxglove
autogenerated on Tue May 20 2025 02:34:26