diff --git a/CMakeLists.txt b/CMakeLists.txt index d5f33be..2cccba0 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -5,14 +5,15 @@ project(tars_cpp) set(TARS_VERSION "2.0.0") add_definitions(-DTARS_VERSION="${TARS_VERSION}") set(TARS_MYSQL 1) -add_definitions(-DTARS_MYSQL=${TARS_MYSQL}) -set(TARS_SSL 1) -add_definitions(-DTARS_SSL=${TARS_SSL}) +set(TARS_SSL 0) set(TARS_HTTP2 0) -add_definitions(-DTARS_HTTP2=${TARS_HTTP2}) set(TARS_PROTOBUF 0) -add_definitions(-DTARS_PROTOBUF=${TARS_PROTOBUF}) set(TARS_ZLIB 0) + +add_definitions(-DTARS_MYSQL=${TARS_MYSQL}) +add_definitions(-DTARS_SSL=${TARS_SSL}) +add_definitions(-DTARS_HTTP2=${TARS_HTTP2}) +add_definitions(-DTARS_PROTOBUF=${TARS_PROTOBUF}) add_definitions(-DTARS_ZLIB=${TARS_ZLIB}) # list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_LIST_DIR}/cmake/modules/") @@ -29,7 +30,6 @@ IF (CMAKE_BUILD_TYPE STREQUAL "") set(CMAKE_BUILD_TYPE "Release") ENDIF() -message("CMAKE_BUILD_TYPE TYPE = " ${CMAKE_BUILD_TYPE}) #编译的可执行程序输出目录 set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib) @@ -43,16 +43,19 @@ add_definitions(-D_USE_OPENTRACKING=${_USE_OPENTRACKING}) endif() #------------------------------------------------------------- + +if("${INSTALL_PREFIX}" STREQUAL "") IF (UNIX) set(INSTALL_PREFIX "/usr/local/tars/cpp") ELSE() set(INSTALL_PREFIX "c:\\tars\\cpp") ENDIF() - set(CMAKE_INSTALL_PREFIX ${INSTALL_PREFIX}) +endif() + #------------------------------------------------------------- -set(APP_LIBRARIES) +#set(APP_LIBRARIES) set(OPEN_MYSQL "OFF") set(OPEN_NGHTTP2 "OFF") set(OPEN_SSL "OFF") @@ -100,6 +103,8 @@ if(TARS_SSL) link_directories(${SSL_DIR_LIB}) endif() +#------------------------------------------------------------- + set(LIB_MYSQL) set(LIB_NGHTTP2) set(LIB_SSL) @@ -146,30 +151,33 @@ if(TARS_PROTOBUF) endif() ENDIF() -if(TARS_MYSQL) -link_libraries(${LIB_MYSQL}) -endif() -if(TARS_ZLIB) -link_libraries(${LIB_ZLIB}) -endif() -if(TARS_HTTP2) - list(APPEND APP_LIBRARIES ${LIB_PROTOBUF}) -endif() +#------------------------------------------------------------- -if(TARS_PROTOBUF) - list(APPEND APP_LIBRARIES ${LIB_NGHTTP2}) -endif() + +#if(TARS_MYSQL) +#link_libraries(${LIB_MYSQL}) +#endif() +#if(TARS_ZLIB) +#link_libraries(${LIB_ZLIB}) +#endif() +# +#if(TARS_HTTP2) +# list(APPEND APP_LIBRARIES ${LIB_PROTOBUF}) +#endif() +# +#if(TARS_PROTOBUF) +# list(APPEND APP_LIBRARIES ${LIB_NGHTTP2}) +#endif() if(TARS_SSL) - list(APPEND APP_LIBRARIES ${LIB_SSL}) - list(APPEND APP_LIBRARIES ${LIB_CRYPTO}) + link_libraries(${LIB_SSL} ${LIB_CRYPTO}) endif() -list(LENGTH APP_LIBRARIES RET) -if(${RET} GREATER 0) - link_libraries(${APP_LIBRARIES}) -endif() +#list(LENGTH APP_LIBRARIES RET) +#if(${RET} GREATER 0) +# link_libraries(${APP_LIBRARIES}) +#endif() include(ExternalProject) @@ -197,7 +205,7 @@ ExternalProject_Add(${LIB_MYSQL} CONFIGURE_COMMAND cmake . -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DDISABLE_SHARED=1 SOURCE_DIR ${CMAKE_BINARY_DIR}/src/mysql-lib BUILD_IN_SOURCE 1 - BUILD_COMMAND make -j4 mysqlclient + BUILD_COMMAND make mysqlclient LOG_CONFIGURE 1 LOG_BUILD 1 INSTALL_COMMAND ${CMAKE_COMMAND} -E echo "install" @@ -231,7 +239,7 @@ ExternalProject_Add(${LIB_NGHTTP2} BUILD_IN_SOURCE 1 LOG_BUILD 1 LOG_CONFIGURE 1 - BUILD_COMMAND make -j4 + BUILD_COMMAND make INSTALL_COMMAND ${CMAKE_COMMAND} -E echo "install" URL_MD5 5df375bbd532fcaa7cd4044b54b1188d ) @@ -240,17 +248,18 @@ endif() if(TARS_SSL) ExternalProject_Add(${LIB_SSL} DEPENDS ${LIB_ZLIB} - URL http://cdn.tarsyun.com/src/openssl-1.1.1d.tar.gz + URL http://cdn.tarsyun.com/src/openssl-1.1.1c.tar.gz PREFIX ${CMAKE_BINARY_DIR} INSTALL_DIR ${CMAKE_SOURCE_DIR} - CONFIGURE_COMMAND ./config --with-zlib-lib=${CMAKE_BINARY_DIR}/src/z-lib --with-zlib-include=${CMAKE_BINARY_DIR}/src/z-lib no-shared + CONFIGURE_COMMAND ./config SOURCE_DIR ${CMAKE_BINARY_DIR}/src/openssl-lib BUILD_IN_SOURCE 1 - BUILD_COMMAND make -j4 + BUILD_COMMAND make LOG_CONFIGURE 1 LOG_BUILD 1 INSTALL_COMMAND ${CMAKE_COMMAND} -E echo "install" - URL_MD5 3be209000dbc7e1b95bcdf47980a3baa + #URL_MD5 3be209000dbc7e1b95bcdf47980a3baa + URL_MD5 15e21da6efe8aa0e0768ffd8cd37a5f6 ) endif() @@ -261,6 +270,7 @@ IF (APPLE) link_libraries(iconv) ENDIF(APPLE) +set(PLATFORM) IF (UNIX) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIC -std=c++11 -Wno-deprecated -fno-strict-aliasing -Wno-overloaded-virtual") @@ -269,8 +279,9 @@ IF (UNIX) set(CMAKE_CXX_FLAGS_DEBUG "$ENV{CXXFLAGS} -Wall -g") set(CMAKE_CXX_FLAGS_RELEASE "$ENV{CXXFLAGS} -O2 -Wall -fno-strict-aliasing") + set(PLATFORM "linux") IF(APPLE) - message("mac.....") + set(PLATFORM "mac") SET(CMAKE_C_ARCHIVE_CREATE " Scr ") SET(CMAKE_CXX_ARCHIVE_CREATE " Scr ") SET(CMAKE_C_ARCHIVE_FINISH " -no_warning_for_no_symbols -c ") @@ -278,7 +289,7 @@ IF (UNIX) ENDIF(APPLE) ELSEIF (WIN32) - message("window.....") + set(PLATFORM "window") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /wd4101 /wd4244 /wd4996 /wd4091 /wd4503 /wd4819 /wd4200 /wd4800") set(CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG} /bigobj " ) @@ -300,6 +311,23 @@ IF(WIN32) include_directories(${CMAKE_SOURCE_DIR}/util/src/epoll_windows) ENDIF() +message("----------------------------------------------------") + +message("CMAKE_BUILD_TYPE: ${CMAKE_BUILD_TYPE}") +message("PLATFORM: ${PLATFORM}") +message("INSTALL_PREFIX: ${INSTALL_PREFIX}") + +#------------------------------------------------------------- + +message("----------------------------------------------------") +message("OPEN_MYSQL: ${OPEN_MYSQL}") +message("OPEN_NGHTTP2: ${OPEN_NGHTTP2}") +message("OPEN_SSL: ${OPEN_SSL}") +message("OPEN_ZLIB: ${OPEN_ZLIB}") +message("OPEN_PROTOBUF: ${OPEN_PROTOBUF}") + +#------------------------------------------------------------- + include("${CMAKE_SOURCE_DIR}/cmake/BuildTarsServer.cmake") include_directories(${CMAKE_SOURCE_DIR}/util/include) diff --git a/examples/AuthDemo/Client/config.conf b/examples/AuthDemo/Client/config.conf index d53437b..5a8d9c7 100755 --- a/examples/AuthDemo/Client/config.conf +++ b/examples/AuthDemo/Client/config.conf @@ -22,17 +22,20 @@ mergenetasync = 0 #module name modulename = TestApp.AuthClient - #server crt - ca = ../examples/AuthDemo/certs/server.crt - #can be empty - cert = ../examples/AuthDemo/certs/client.crt - #can be empty - key = ../examples/AuthDemo/certs/client.key - - accesskey=tars-test-user - secretkey=123456 - + + #auth access key + accesskey = tars-test-user + #auth secret key + secretkey = 123456 + #server crt + ca = ../examples/SSLDemo/certs/server.crt + #can be empty + cert = ../examples/SSLDemo/certs/client.crt + #can be empty + key = ../examples/SSLDemo/certs/client.key + + diff --git a/examples/AuthDemo/Client/main.cpp b/examples/AuthDemo/Client/main.cpp index 36e73bc..1adc18e 100644 --- a/examples/AuthDemo/Client/main.cpp +++ b/examples/AuthDemo/Client/main.cpp @@ -25,7 +25,7 @@ using namespace TestApp; Communicator* _comm; -static string helloObj = "TestApp.AuthServer.AuthObj@ssl -h 127.0.0.1 -p 9016 -e 1"; +static string helloObj = "TestApp.AuthServer.AuthObj@tcp -h 127.0.0.1 -p 9016 -e 1"; struct Param { @@ -84,7 +84,6 @@ void syncCall(int c) try { - param.pPrx->testHello(buffer, r); } catch(exception& e) @@ -98,7 +97,6 @@ void syncCall(int c) cout << "syncCall total:" << cost << "us, avg:" << 1.*cost/c << "us" << endl; } - void asyncCall(int c) { int64_t t = TC_Common::now2us(); @@ -155,7 +153,7 @@ int main(int argc, char *argv[]) conf.parseFile(option.getValue("config")); _comm->setProperty(conf); - TarsRollLogger::getInstance()->logger()->setLogLevel(6); +// TarsRollLogger::getInstance()->logger()->setLogLevel(6); _comm->setProperty("sendqueuelimit", "1000000"); _comm->setProperty("asyncqueuecap", "1000000"); @@ -193,7 +191,7 @@ int main(int argc, char *argv[]) } std::thread print([&]{while(callback_count != param.count * param.thread) { - cout << param.call << ": ----------finish count:" << callback_count << endl; + cout << "Auth:" << param.call << " : ----------finish count:" << callback_count << endl; std::this_thread::sleep_for(std::chrono::seconds(1)); };}); @@ -212,7 +210,7 @@ int main(int argc, char *argv[]) std::this_thread::sleep_for(std::chrono::seconds(1)); } print.join(); - cout << "----------finish count:" << callback_count << endl; + cout << "Auth:" << param.call << " ----------finish count:" << callback_count << endl; } catch(exception &ex) { diff --git a/examples/AuthDemo/Server/HelloImp.cpp b/examples/AuthDemo/Server/HelloImp.cpp index e5f5767..b8cf947 100644 --- a/examples/AuthDemo/Server/HelloImp.cpp +++ b/examples/AuthDemo/Server/HelloImp.cpp @@ -36,7 +36,7 @@ void HelloImp::destroy() int HelloImp::testHello(const std::string &sReq, std::string &sRsp, tars::TarsCurrentPtr current) { // TLOGDEBUG("HelloImp::testHellosReq:"< #ip:port:timeout - endpoint = tcp -h 127.0.0.1 -p 9016 -t 10000 + endpoint = tcp -h 127.0.0.1 -p 9016 -t 10000 -e 1 #allow ip allow = #max connection num diff --git a/examples/AuthDemo/certs/ca.crt b/examples/AuthDemo/certs/ca.crt deleted file mode 100644 index a57ea14..0000000 --- a/examples/AuthDemo/certs/ca.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDCzCCAfOgAwIBAgIUfmd8TIa6hXXp/KibyRhjrYGhY+gwDQYJKoZIhvcNAQEL -BQAwFTETMBEGA1UEAwwKKi5kZW1vLmNvbTAeFw0yMDAyMTMxMjMwNDdaFw0zMzEw -MjIxMjMwNDdaMBUxEzARBgNVBAMMCiouZGVtby5jb20wggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDOV6uDon7+RDiCpHzOaAa5P1vtj1k0YEkWbLwsBBDT -wYdkXnnfYHxQfY9kh9Gp13Otx0xCdTVBDQAlAxqAK9zH7dgxxysvcQE2ZL9mnkFx -BksP6kHRM//HQM9ylaPCgyA5L2nsixLZ4ipkI1td+n/nL6mB4GIAhwSVJlN74CXE -FXPjMaS7dEdRfdVz6gD2h1L8jFF9f7S9ZawZ8kw+JWUKflzr0L9mRGbuhukCJ+3N -TZFKHSL1Yy0NsE0nM8X0ncmpQExQ0sqrKgmAHnju9jXvMbxMjFI2AwrLPtV8U2Hg -ziztJmdPqM8LIQZpmeynq9eP1+AD7PEu8C7LsV5wTWndAgMBAAGjUzBRMB0GA1Ud -DgQWBBQ4RfWqsDwlD00IhcvCY40gYJtTuDAfBgNVHSMEGDAWgBQ4RfWqsDwlD00I -hcvCY40gYJtTuDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCj -DbEL8nvVzyhW01O3/5oJSd8Z1g+7WupLmtF5OZuKN2XKDICLRxtow7XHiJLlkgZW -4K/kJeXvbPYRrKTm6PHJ63bWKl6YaD3/Vm9wgCLC48ikrOqiEL2w/mI/zFeEvZ3K -U50tLnllY2L0NZxgRZ7wZZqU6qKMxHn7UMYtfzSf7XzBBXi6qzf290DNminr9YgT -afsP+cjL74TchyZifFqI+sGhXO9IY8+lrRYoUXUwcE0DPWHe08UrAtT1E1b7SU2o -pvlUABuUbufvTwu1Cj6mDqOjQQUmWDqNgb2FeNWsmdkBqrhxkLorLiNb5o/YgCKJ -Patq2TfT09tiaeNAl/cF ------END CERTIFICATE----- diff --git a/examples/AuthDemo/certs/ca.key b/examples/AuthDemo/certs/ca.key deleted file mode 100644 index d91cf9c..0000000 --- a/examples/AuthDemo/certs/ca.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAzlerg6J+/kQ4gqR8zmgGuT9b7Y9ZNGBJFmy8LAQQ08GHZF55 -32B8UH2PZIfRqddzrcdMQnU1QQ0AJQMagCvcx+3YMccrL3EBNmS/Zp5BcQZLD+pB -0TP/x0DPcpWjwoMgOS9p7IsS2eIqZCNbXfp/5y+pgeBiAIcElSZTe+AlxBVz4zGk -u3RHUX3Vc+oA9odS/IxRfX+0vWWsGfJMPiVlCn5c69C/ZkRm7obpAiftzU2RSh0i -9WMtDbBNJzPF9J3JqUBMUNLKqyoJgB547vY17zG8TIxSNgMKyz7VfFNh4M4s7SZn -T6jPCyEGaZnsp6vXj9fgA+zxLvAuy7FecE1p3QIDAQABAoIBAG5V6tzEs2t7R0x0 -cFhev9mmy51IHccoBWz8T9KpieXxglhlPH35tf/EZDy5c5+CGdU+0MRosEVMkls4 -QZ9v1OsDf6t+eNUxdBiF3uMclJm/Z7vm47LeP1NokIURBzQnsb9iXx2hcD8Z9Nj/ -Hwgtvt78WYOdXEoz6HtotxNyVD940uEg9U3dPKBAVJRFtLa4pBtSbj1ZpElFsR/l -f94+uwgESsgZF7OZZiKEklLpC2/xPi4m/IDxCBjy3GW7nou6T1Cy90DBX7OfhFur -fQjcAzC4AKvGdkT/0ocQw6jdtGVzDgYEO7pD7r6rpubwsbYXaXOgBvzELUSM+nj3 -Lpv+anECgYEA9VBUAAzcn3mCvf5Dh/VrK997Ll4+/0F0SRFBGW2x/ChRKaIXIMCb -VGIRTIhPACl98v8ctwML9sYQ+4bBYabwTxkCtHS1OoZlUUUzCusVaQ+6VmbWHadd -Ua+Gl0cfM6S5jNpbkoiAG7lRA76GH+QfOlCawhgbWWGD5iT2wHBVk88CgYEA11S+ -kHDcPzlHHfiobFlJimeeb4j5G2I26fZSlaO5gAkD8yzxov7zMSSemfAE8j/fS0+6 -EZkArsyro9lATlWejdssndKku7uykuvwIQvKCYd13lD0/Cpvb101MuM7CcYXsoDv -z7vaaV94Xe8TgL3BY7+QYD7mANC1XwUZS17eVpMCgYEAxd+QkiXNw/kgg55X3JAS -bWYrl0BAMmcapGF9kERSX+IpbZqoayvRXyRnbcM5bhkJ1fr/r4OOn/Qt+KU+0UT1 -6+dxrhvBnz6O9RoLTRBIyeD83fq/VVYNyPj7aITe3ypM3Re4656dLz+w4INK7uh0 -Y/Zmjo8haFxnJznDq4AxFzMCgYAMwGb8lMJmOBUfED+hEvSI7rPyNPFTjtBjsIOZ -evWcQGxsdSfmGCT8rwd5ZD5WvjOR+SmyqxXgRByR+maVfPqDugv9WKEKwQXFL5Wr -z0/qmov/W1n2qOiqdqGU3uH7JTD4ECyjZ6N6g/3TyjmkcRhHuOtq1661M6bZ9qpV -zUtrYwKBgQDoV7ra5JQ217LB49ZXqWMyA5CGMf6NxMwVzPy7H+Pk2F6FQw7lXPEy -XCYD94lhcFuZIUkfqjbG96C1z18ALF7XaxwidYJlkrhXrgZigsJtcUG+RDaavpfI -u5qVhzJbGexoo7hXJeDvgilu525eoysmnlTATqNkRWdP7T4w+uu86w== ------END RSA PRIVATE KEY----- diff --git a/examples/AuthDemo/certs/ca.srl b/examples/AuthDemo/certs/ca.srl deleted file mode 100644 index 9bafb6c..0000000 --- a/examples/AuthDemo/certs/ca.srl +++ /dev/null @@ -1 +0,0 @@ -5C1561567852EF51D268687494029145127A56C3 diff --git a/examples/AuthDemo/certs/client.crt b/examples/AuthDemo/certs/client.crt deleted file mode 100644 index dde025d..0000000 --- a/examples/AuthDemo/certs/client.crt +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICsTCCAZkCFFwVYVZ4Uu9R0mhodJQCkUUSelbDMA0GCSqGSIb3DQEBCwUAMBUx -EzARBgNVBAMMCiouZGVtby5jb20wHhcNMjAwMjEzMTIzMDQ3WhcNMzMxMDIyMTIz -MDQ3WjAVMRMwEQYDVQQDDAoqLmRlbW8uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC -AQ8AMIIBCgKCAQEAqOp2R0JnTBeKjQmHDjIKHlT5RLfk/RTksrw88xdrQgOLbceB -rjZg82yfTJkFW4rTVjjSphNbPCynFwg+BxK9MXfJr9Rs9dsBSpmCViXiw6pmDSZz -on691cL4PYEEeom8y5egp/OU6IQRcNwpyffiVDPYSR8qH3PzTi7RXLGNGtdLFi0I -YeZ+FYlGjTlBQRyqNvOD3nEvIocNtyWP9+D17wtPENA2AbWbHV2CbKFoc6Zx98Fw -KtVkz94Z4duzjLUZOwjcTWK+zKxfRzVDZtxlMTOA261N8CUha8nl+c4uNgTC0h0J -PE5JTewwXdGftNiR2xWgVLvWfbFg73x0RemoyQIDAQABMA0GCSqGSIb3DQEBCwUA -A4IBAQBxnTndUG6zfHVz5t/2j6pppqY93lXaHoi8VD2dXgtzda8BqgulwZAe8x2v -BAP522Ch3AusIFZs9ejLZt97BHkf30uhnoKKGhHsKDxq4ll338+PEWkvUdQNl1Xi -RZyC4VXwji4DABlM5BKtr0vNbYW8hkZWzOCmM1qHx8FbGmb4Z5lO3t4e7tCiwX72 -yY7/5zqZSS8b5BDMQJtDXjV2yZDJLsfdRx8NRuwsSNPQTkm+MFHLV42mO5vH0Ugb -ULHNRXQsThwO4p1y0Nlo4/Ti0qIh4II0sIkW9chigaGuqxo2D27L2o1hkBbjiLIY -blrKSx8QEWyC7Etnm4KT9Cxs5xmg ------END CERTIFICATE----- diff --git a/examples/AuthDemo/certs/client.csr b/examples/AuthDemo/certs/client.csr deleted file mode 100644 index 2d8bd62..0000000 --- a/examples/AuthDemo/certs/client.csr +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICWjCCAUICAQAwFTETMBEGA1UEAwwKKi5kZW1vLmNvbTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKjqdkdCZ0wXio0Jhw4yCh5U+US35P0U5LK8PPMX -a0IDi23Hga42YPNsn0yZBVuK01Y40qYTWzwspxcIPgcSvTF3ya/UbPXbAUqZglYl -4sOqZg0mc6J+vdXC+D2BBHqJvMuXoKfzlOiEEXDcKcn34lQz2EkfKh9z804u0Vyx -jRrXSxYtCGHmfhWJRo05QUEcqjbzg95xLyKHDbclj/fg9e8LTxDQNgG1mx1dgmyh -aHOmcffBcCrVZM/eGeHbs4y1GTsI3E1ivsysX0c1Q2bcZTEzgNutTfAlIWvJ5fnO -LjYEwtIdCTxOSU3sMF3Rn7TYkdsVoFS71n2xYO98dEXpqMkCAwEAAaAAMA0GCSqG -SIb3DQEBCwUAA4IBAQBxzQt4BuF7HIAReW0RAWpAXoJVJlLKoObIuRwT0dqcHbRs -uZKovoKjhLlI0Cg2ljLj+p87fbHAl256pnUa91B+Qzy+NwNxltXqKE5fYuH1hvP1 -SRJ/qaXPbWmX7ZQ0y3eBE17HOAP4GVpURbsOVQdaxJOjxIeFG6H+FmKNMzCo8e+B -KB3bYCHCPSI8VLWPbKF8fbu1JmBstjikHEEW85WiV/ZGqnYIT2CijyuKFEzYwkZg -sIW5xjzqaYKo+RzwYeYqvL6kvniWHaxwdnEz3t0yr4V51ouPvoimSPHsA8qklQil -+ZgYlvSmeNTlQy80UoY81IzHiADxBTzscBPUjILW ------END CERTIFICATE REQUEST----- diff --git a/examples/AuthDemo/certs/client.key b/examples/AuthDemo/certs/client.key deleted file mode 100644 index ff280b6..0000000 --- a/examples/AuthDemo/certs/client.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAqOp2R0JnTBeKjQmHDjIKHlT5RLfk/RTksrw88xdrQgOLbceB -rjZg82yfTJkFW4rTVjjSphNbPCynFwg+BxK9MXfJr9Rs9dsBSpmCViXiw6pmDSZz -on691cL4PYEEeom8y5egp/OU6IQRcNwpyffiVDPYSR8qH3PzTi7RXLGNGtdLFi0I -YeZ+FYlGjTlBQRyqNvOD3nEvIocNtyWP9+D17wtPENA2AbWbHV2CbKFoc6Zx98Fw -KtVkz94Z4duzjLUZOwjcTWK+zKxfRzVDZtxlMTOA261N8CUha8nl+c4uNgTC0h0J -PE5JTewwXdGftNiR2xWgVLvWfbFg73x0RemoyQIDAQABAoIBACJPfbb7xf+uyHXd -eZFomKWQnRFYSSsfE1U65yZ5m0/NaITkAXNhmE/ZwIHOk0gE6uiYojEZvW57o3UK -N484PzXNHyqX+4n08k404ESfbXBRLGl/Zf2bwPOqpsHXcxFw6Ohx5DA5SgXwzZof -Hl3n/BEedtBjhCrfYox+9gfeCMtqm1s/TkiTe5l8slzzx0V7nLugz2xzaqnI8zpO -+JZpMlnQUh2XJ6ORHyHCI7sEqu/k2AswB+PduDUk/F2HdVzHBMcE8ZC4DrBaO7mS -SKwNwtw+SlakTnMvMhcHG29qMyLQKtHzc6SLlDCRtOjRDVgxecEDAkqyfve9FN93 -F6siQAECgYEA0FNIZSr/nTStT3B1K3XHSKiKJN8cZktUFfC15Yo7cYuT7aqnYh6g -dlm3Po0T66viL/yTA+vhbTTOTn5m0Gx3Yq6lPC4UVBp4s39UCzxQfXOJyTB/1ht2 -6SDEnom83EW6S/FklOnG5NZSDODw8B4XopMFnx6+69p32kldcJ/Ysw0CgYEAz5Jh -YJnx4AN4C4rNPBPkuRv/T/kfar2XVUA9dMlN9srMsIQiksH9tQQ9i1ABrjsnzCJp -IgRiMlHiiODr6JU71kdHddwLWetC0sjXVIF/7RZBl0QgcnS5z47YADxEWRKwWyUP -uz7Z/mMuV0kSGxp3+WMzoi2Wk6vqg6Nt9DilDa0CgYEAvgwsEDcAx96FeOID0ij5 -K1yt4eM0GlIAHJ/ioMvRXM1Tn06+snF0O2OvGr5C/Q1qJBLL35jxptm0l8ESdHNv -GjRvAw6advtLP50aA8H7P+cGPOckyCN4AEdnd6X6CA0IXj2SX5NBYgPvCFaxFqyt -LR/o0fePfsRn8FhbiOIaI4UCgYBOfM4/ZdaU2xrwWlrChc8tw41l4xBjHy9y9+iF -GX1WfVaqxDwCfEH/yYuv+t+3zvx8buKMD1ZGKrpbAZmSh6Npoeg+g6bzKEdLRtBN -Tu5datYAaa1POh3sgtngNOmvOKbgwAHTzq9FRqGGNcYX44lMDpu+jjhqvE3f2tM/ -zo9yvQKBgAfobnvYbaehkUB0bWlw9oURMfI6fI8T9EGhM0PvWsn0KaPqzsm9pBwS -eQKD88t+DxGQCFszdGE51N3av3matPABiiz0xSDbC0ywSkbcgiF3F3V6Ss9pYnVQ -NzLekf3JFRbpknvTeHbyaSqodeU8NC9lgVTGr46xkvUmNW4ixmqA ------END RSA PRIVATE KEY----- diff --git a/examples/AuthDemo/certs/create.sh b/examples/AuthDemo/certs/create.sh deleted file mode 100644 index b1b2375..0000000 --- a/examples/AuthDemo/certs/create.sh +++ /dev/null @@ -1,28 +0,0 @@ - -#create ca key -openssl genrsa -out ca.key 2048 - -#create ca crt -openssl req -x509 -new -nodes -key ca.key -subj "/CN=*.demo.com" -days 5000 -out ca.crt - -######################################################################################### -#create server key -openssl genrsa -out server.key 2048 - -#create server csr -openssl req -new -key server.key -subj "/CN=*.demo.com" -out server.csr - -#ca sign server, create server crt -openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 5000 - -######################################################################################### -#create client key -openssl genrsa -out client.key 2048 - -#create clilent csr -openssl req -new -key client.key -subj "/CN=*.demo.com" -out client.csr - -#ca sign client, create client crt -openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days 5000 - -######################################################################################### \ No newline at end of file diff --git a/examples/AuthDemo/certs/server.crt b/examples/AuthDemo/certs/server.crt deleted file mode 100644 index be34e7e..0000000 --- a/examples/AuthDemo/certs/server.crt +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICsTCCAZkCFFwVYVZ4Uu9R0mhodJQCkUUSelbCMA0GCSqGSIb3DQEBCwUAMBUx -EzARBgNVBAMMCiouZGVtby5jb20wHhcNMjAwMjEzMTIzMDQ3WhcNMzMxMDIyMTIz -MDQ3WjAVMRMwEQYDVQQDDAoqLmRlbW8uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC -AQ8AMIIBCgKCAQEA74MHigfRUfFvvS0ZSMCRiuxtkBZtAk+EeTMTcjamwgV8fMWz -JbtTqxn4325CqvXIcSs2H+c09C7pBufWzkwFFcEpSMokGEyjeKxXMmxhUC+q28yq -WiYim8l7btJZhMa3tpSQaWu+Ul0SctSt0OpM2onxq9s8KN7B0zM9tCmyLZ++IXxx -3yGjRRk1VtVyVePNILdf7EZBZXHu2daxf2GusYfQmV+KAG/r+YbX+7GXh2wZ/lGV -Ur4B6Pzoi/zUGoA7i7Zs/Y2S/yXsRD8UG6jid0slO4uBuiHa9RIjxNoe1NAqirBj -wBVNAbzfKOC7f/qiu5JhIg0qHbb50tXUvLZzbwIDAQABMA0GCSqGSIb3DQEBCwUA -A4IBAQCtk9bOoKdoF3UpDLijhBrmL7a13xT+Q5U3SiZiYw2pdz2FtGzZooQejmm6 -tDCmAisIZMiYS+X6Y2OoWe9dzEE1Rnx0227XPjhQvHAKsBfwL03N1Hw1LSzU7czf -/0pYWSyCVfL6f8DOeH2rnhBPHAE/FzDtnCaIDUtGC3I4ZuYrPBqDmmYTentWsPK3 -2++ay1Hcu/k9vSWTVQZG2bA1XEAlvy5lNaGRop+HI5V3fZiQiZe0+HM65dt68N4W -T72XY35kP3XXyYZLZjhMZPMZHrOeApSmfvFJimAyp2Ax1xtlmyBxyxh7vH33vxna -TXcK3o3hbraYKFihReIdzouG/4rN ------END CERTIFICATE----- diff --git a/examples/AuthDemo/certs/server.csr b/examples/AuthDemo/certs/server.csr deleted file mode 100644 index b9df041..0000000 --- a/examples/AuthDemo/certs/server.csr +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICWjCCAUICAQAwFTETMBEGA1UEAwwKKi5kZW1vLmNvbTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAO+DB4oH0VHxb70tGUjAkYrsbZAWbQJPhHkzE3I2 -psIFfHzFsyW7U6sZ+N9uQqr1yHErNh/nNPQu6Qbn1s5MBRXBKUjKJBhMo3isVzJs -YVAvqtvMqlomIpvJe27SWYTGt7aUkGlrvlJdEnLUrdDqTNqJ8avbPCjewdMzPbQp -si2fviF8cd8ho0UZNVbVclXjzSC3X+xGQWVx7tnWsX9hrrGH0JlfigBv6/mG1/ux -l4dsGf5RlVK+Aej86Iv81BqAO4u2bP2Nkv8l7EQ/FBuo4ndLJTuLgboh2vUSI8Ta -HtTQKoqwY8AVTQG83yjgu3/6oruSYSINKh22+dLV1Ly2c28CAwEAAaAAMA0GCSqG -SIb3DQEBCwUAA4IBAQCVy2KgCiuQWWgy735Ym9hHoDaUtLgU1MG62s+ECgYlzz6j -ft88gCqZxVIMFUNqowekh9wan9XlGKYBwdPXpkIRB1Zg4mFoPamD6AMZEfUT1ooK -XJ0K6LE7Q4XY+HR/tHDsAf71QyKFblcIuRcIMFbOcp8paQENjYJpqiXfvQbmV7lS -StkIX3A2BBvogCc4qPZ90QHyOaALuVuquCkh1ULJhNLq+6sVW+bhUs9fGTOuhnJU -zYohoIJznxr5xglsLA5VnjZkmbtdewoHrvY+tNaAVEXFMEF9oBr8jtVuUiQGk7mF -o+dC43546tSaiqNxZ13rHsMDucC9fAS/O8AdeGr7 ------END CERTIFICATE REQUEST----- diff --git a/examples/AuthDemo/certs/server.key b/examples/AuthDemo/certs/server.key deleted file mode 100644 index 622c9b9..0000000 --- a/examples/AuthDemo/certs/server.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEA74MHigfRUfFvvS0ZSMCRiuxtkBZtAk+EeTMTcjamwgV8fMWz -JbtTqxn4325CqvXIcSs2H+c09C7pBufWzkwFFcEpSMokGEyjeKxXMmxhUC+q28yq -WiYim8l7btJZhMa3tpSQaWu+Ul0SctSt0OpM2onxq9s8KN7B0zM9tCmyLZ++IXxx -3yGjRRk1VtVyVePNILdf7EZBZXHu2daxf2GusYfQmV+KAG/r+YbX+7GXh2wZ/lGV -Ur4B6Pzoi/zUGoA7i7Zs/Y2S/yXsRD8UG6jid0slO4uBuiHa9RIjxNoe1NAqirBj -wBVNAbzfKOC7f/qiu5JhIg0qHbb50tXUvLZzbwIDAQABAoIBADt/OSg4uO66Ix/D -TDyeWYlBIhZg+8NPLYFOBs6gdNxNsJbuJYqB9k7SrNgT88u0Mo6qRU+3h5gA7zIf -9WRZzgmRakgCruS6ZQFdDmwgMCxTKwZe2RJ71q0MZ/Unm8U39/sK/LSzZxvesu6D -looHKgA/tCEU3OTqMQvd9r4CfZiHUxHMdVbaV4skgLxUVSrkwPEv1OyreRsr6iVF -o+NJIN+WdPz236vrooYI91H17j8Tl5acHluu7Dr/q696FUYmrnfyO6dVMjai99fW -1124BGBH7kefJIDuxaur8J2txR4OBEVVhSx2Ghpe2JfNjZvpmia2m9Wo4t3JUSL0 -mxRl54ECgYEA+5kMNi9zDPKuGmUPLFsQAfk4eqcF69paBnEMOTd2nvWz03p/ugTW -o2bFs9s4McYJvnvWLSDlKP6NVIuSLaEBYuIHvjwR245NDxu9p+u9PTHZxbApkxNj -C3H/aIm/k0wtzHf943ShvLspjFqw7+q/nCf0T0oMrJaWkZWVI4vn1GcCgYEA87PY -qNPKiii3JwIMcgV9b3rDG6ulIj0lKKx5T8Jd+dVgLqGk3aah/PEsnVnBeg5YEB8r -MfqJ2OKzZ3t7jvJTX4pY9Q1zxFZ5R+rCWN5JdVZbofkekK29EkXIscVBf6YFlgAt -PbdVxZtZSKMRJB8+c+P9ovK5B0xQGg0bfJdRQ7kCgYEA8coFiFVVVc4rL0aLrG7f -FWZytryo3h57gdFGk/4PS3iJFuWUtipMM8BioxQ8DulpF9xe2gPQ9vKa0/NFyf// -Gw5prpJ//uXkfG6Gd0gAFz0/MdK4QZXSC3/Emqw2pdIB+YwfPGYrwPqFVVMa05Zg -CiwDh+d8Aqi9jq+YIg8j/mUCgYEAqzxGUzIlkXhUYOtWlVN4NLmcmDe+G1W9Y1v1 -DW70G1SrdXiM4FVyYsmPYKytfrbPd9x+vGpfK273QhII2oM4w9vw75bZLi7Ynwi8 -MDdYhEL+tcvWhzActtcj0o1YnXmpWSGcqE3Gzcd/L8OsiqYNet7K3BESo6cibXui -QaQNLLkCgYEA+tUOLkaJZlOuiEE5H5RDmFyC46G6R3Ukd5CQ/Dp4U75NLTIlEuGw -lIV/vcA0vy6WPL6rX2Gdm30oYq+xb+m9bDDCaXnkOxdPr5+1Zg4n3ibcFbBz/wmF -MjcYzC/D6dGK4r6h3tZeX7byNDVM26+qMJlgYd31FhoiFjlPLGuqFrs= ------END RSA PRIVATE KEY----- diff --git a/examples/CMakeLists.txt b/examples/CMakeLists.txt index 1050248..c25a3e7 100644 --- a/examples/CMakeLists.txt +++ b/examples/CMakeLists.txt @@ -66,15 +66,28 @@ if(WIN32) COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-push.bat COMMENT "call run push") + if(TARS_SSL) add_custom_target(run-all WORKING_DIRECTORY ${CMAKE_BINARY_DIR} - DEPENDS QuickStartDemo QuickStartDemoClient HttpServer HttpClient CoroutineDemoAServer CoroutineDemoBServer CoroutineDemoClient testCoro testParallelCoro PushServer PushClient + DEPENDS QuickStartDemo QuickStartDemoClient HttpServer HttpClient AuthServer AuthClient SSLServer SSLClient CoroutineDemoAServer CoroutineDemoBServer CoroutineDemoClient testCoro testParallelCoro PushServer PushClient COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-quick-start.bat COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-http.bat COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-co.bat COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-push.bat COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-auth.bat + COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-ssl.bat COMMENT "call run all ${CMAKE_BINARY_DIR}") + else() + add_custom_target(run-all + WORKING_DIRECTORY ${CMAKE_BINARY_DIR} + DEPENDS QuickStartDemo QuickStartDemoClient HttpServer HttpClient AuthServer AuthClient CoroutineDemoAServer CoroutineDemoBServer CoroutineDemoClient testCoro testParallelCoro PushServer PushClient + COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-quick-start.bat + COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-http.bat + COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-co.bat + COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-push.bat + COMMAND ../servant/script/busybox.exe bash ../examples/scripts/run-auth.bat + COMMENT "call run all ${CMAKE_BINARY_DIR}") + endif() add_custom_target(run-kill WORKING_DIRECTORY ${CMAKE_BINARY_DIR} @@ -135,15 +148,28 @@ else(WIN32) COMMAND sh ../examples/scripts/run-push.sh COMMENT "call run push") + if(TARS_SSL) add_custom_target(run-all WORKING_DIRECTORY ${CMAKE_BINARY_DIR} - DEPENDS run-quick-start run-http run-co run-push run-auth + DEPENDS QuickStartDemo QuickStartDemoClient HttpServer HttpClient AuthServer AuthClient SSLServer SSLClient CoroutineDemoAServer CoroutineDemoBServer CoroutineDemoClient testCoro testParallelCoro PushServer PushClient COMMAND sh ../examples/scripts/run-quick-start.sh COMMAND sh ../examples/scripts/run-http.sh COMMAND sh ../examples/scripts/run-co.sh COMMAND sh ../examples/scripts/run-push.sh COMMAND sh ../examples/scripts/run-auth.sh + COMMAND sh ../examples/scripts/run-ssl.sh COMMENT "call run all") + else() + add_custom_target(run-all + WORKING_DIRECTORY ${CMAKE_BINARY_DIR} + DEPENDS QuickStartDemo QuickStartDemoClient HttpServer HttpClient AuthServer AuthClient CoroutineDemoAServer CoroutineDemoBServer CoroutineDemoClient testCoro testParallelCoro PushServer PushClient + COMMAND sh ../examples/scripts/run-quick-start.sh + COMMAND sh ../examples/scripts/run-http.sh + COMMAND sh ../examples/scripts/run-co.sh + COMMAND sh ../examples/scripts/run-push.sh + COMMAND sh ../examples/scripts/run-auth.sh + COMMENT "call run all") + endif() add_custom_target(run-kill WORKING_DIRECTORY ${CMAKE_BINARY_DIR} diff --git a/examples/CoroutineDemo/client/main.cpp b/examples/CoroutineDemo/client/main.cpp index 6785514..2242333 100644 --- a/examples/CoroutineDemo/client/main.cpp +++ b/examples/CoroutineDemo/client/main.cpp @@ -16,115 +16,234 @@ #include "BServant.h" #include "servant/Communicator.h" -#include "util/tc_thread_pool.h" +#include "util/tc_thread.h" +#include "util/tc_option.h" #include using namespace std; using namespace Test; using namespace tars; -class Test1 +Communicator* _comm; + +static string coroObj = "TestApp.BServer.BServantObj@tcp -h 127.0.0.1 -p 9100"; + +struct Param { -public: - Test1(); + int count; + string call; + int thread; + int buffersize; + int netthread; - ~Test1(); - - void queryResult(int iFlag, int iExecuteNum); - -private: - Communicator _comm; - BServantPrx _prx; + BServantPrx pPrx; }; -Test1::Test1() +Param param; +std::atomic callback_count(0); + +void serialCall(int c) { - // _comm.setProperty("locator", "tars.tarsregistry.QueryObj@tcp -h 10.208.139.242 -p 17890 -t 10000"); - // _comm.setProperty("stat", "tars.tarsstat.StatObj"); - _prx = _comm.stringToProxy("TestApp.BServer.BServantObj@tcp -h 127.0.0.1 -p 9100"); + string buffer(param.buffersize, 'a'); + + int64_t t = TC_Common::now2us(); + //发起远程调用 + for (int i = 0; i < c; ++i) + { + string r; + + try + { + param.pPrx->testCoroSerial(buffer, r); + } + catch(exception& e) + { + cout << "exception:" << e.what() << endl; + } + ++callback_count; + + } + + int64_t cost = TC_Common::now2us() - t; + cout << "serialCall total:" << cost << "us, avg:" << 1.*cost/c << "us" << endl; } -Test1::~Test1() +void parallelCall(int c) { - -} + string buffer(param.buffersize, 'a'); -void Test1::queryResult(int iFlag, int iExecuteNum) + int64_t t = TC_Common::now2us(); + //发起远程调用 + for (int i = 0; i < c; ++i) + { + string r; + + try + { + param.pPrx->testCoroParallel(buffer, r); + } + catch(exception& e) + { + cout << "exception:" << e.what() << endl; + } + ++callback_count; + + } + + int64_t cost = TC_Common::now2us() - t; + cout << "parallelCall total:" << cost << "us, avg:" << 1.*cost/c << "us" << endl; +} +// +//class Test1 +//{ +//public: +// Test1(); +// +// ~Test1(); +// +// void queryResult(int iFlag, int iExecuteNum); +// +//private: +// Communicator _comm; +// BServantPrx _prx; +//}; +// +//Test1::Test1() +//{ +// // _comm.setProperty("locator", "tars.tarsregistry.QueryObj@tcp -h 10.208.139.242 -p 17890 -t 10000"); +// // _comm.setProperty("stat", "tars.tarsstat.StatObj"); +// _prx = _comm.stringToProxy("TestApp.BServer.BServantObj@tcp -h 127.0.0.1 -p 9100"); +//} +// +//Test1::~Test1() +//{ +// +//} +// +//void Test1::queryResult(int iFlag, int iExecuteNum) +//{ +// string sIn(10,'a'); +// string sOut(""); +// +// time_t t = TC_Common::now2us(); +// +// for(int i=0; itestCoroSerial(sIn, sOut); +// } +// else +// { +// ret = _prx->testCoroParallel(sIn, sOut); +// } +// +// assert(sIn == sOut); +// // cout << ret << ", " << sIn << ", " << sOut << endl; +// } +// catch(TC_Exception &e) +// { +// cout << "pthread id: " << std::this_thread::get_id() << "id: " << i << "exception: " << e.what() << endl; +// } +// catch(...) +// { +// cout << "pthread id: " << std::this_thread::get_id() << "id: " << i << "unknown exception." << endl; +// } +// } +// +// int64_t cost = TC_Common::now2us() - t; +// cout << "syncCall total:" << cost << "us, avg:" << 1.*cost/iExecuteNum << "us" << endl; +//} + +int main(int argc, char *argv[]) { - string sIn(10,'a'); - string sOut(""); + try + { + if (argc < 5) + { + cout << "Usage:" << argv[0] << " --count=1000 --call=[serial|parallel] --thread=1 --buffersize=1000 --netthread=1" << endl; - time_t t = TC_Common::now2us(); + return 0; + } - for(int i=0; itestCoroSerial(sIn, sOut); - } - else - { - ret = _prx->testCoroParallel(sIn, sOut); - } + TC_Option option; + option.decode(argc, argv); - assert(sIn == sOut); - // cout << ret << ", " << sIn << ", " << sOut << endl; - } - catch(TC_Exception &e) - { - cout << "pthread id: " << std::this_thread::get_id() << "id: " << i << "exception: " << e.what() << endl; - } - catch(...) - { - cout << "pthread id: " << std::this_thread::get_id() << "id: " << i << "unknown exception." << endl; - } - } + param.count = TC_Common::strto(option.getValue("count")); + if(param.count <= 0) param.count = 1000; + param.buffersize = TC_Common::strto(option.getValue("buffersize")); + if(param.buffersize <= 0) param.buffersize = 1000; + param.call = option.getValue("call"); + if(param.call.empty()) param.call = "sync"; + param.thread = TC_Common::strto(option.getValue("thread")); + if(param.thread <= 0) param.thread = 1; + param.netthread = TC_Common::strto(option.getValue("netthread")); + if(param.netthread <= 0) param.netthread = 1; - int64_t cost = TC_Common::now2us() - t; - cout << "syncCall total:" << cost << "us, avg:" << 1.*cost/iExecuteNum << "us" << endl; -} - -int main(int argc,char ** argv) -{ - if(argc != 4) - { - cout << "usage: " << argv[0] << " ThreadNum CallTimes CallMode" << endl; - return -1; - } - - Test1 test1; - - try - { - tars::Int32 threads = TC_Common::strto(string(argv[1])); - - TC_ThreadPool tp; - tp.init(threads); - tp.start(); - - tars::Int32 times = TC_Common::strto(string(argv[2])); - tars::Int32 callMode = TC_Common::strto(string(argv[3])); - - for(int i = 0; istringToProxy(coroObj); + +// TarsRollLogger::getInstance()->logger()->setLogLevel(6); + + _comm->setProperty("sendqueuelimit", "1000000"); + _comm->setProperty("asyncqueuecap", "1000000"); + + _comm->setProperty("netthread", TC_Common::tostr(param.netthread)); + + int64_t start = TC_Common::now2us(); + + std::function func; + + if (param.call == "serial") + { + func = serialCall; + } + else if (param.call == "parallel") + { + func = parallelCall; + } + + param.pPrx->tars_connect_timeout(5000); + param.pPrx->tars_async_timeout(60*1000); + + vector vt; + for(int i = 0 ; i< param.thread; i++) + { + vt.push_back(new std::thread(func, param.count)); + } + + std::thread print([&]{while(callback_count != param.count * param.thread) { + cout << "coro:" << param.call << ": ----------finish count:" << callback_count << endl; + std::this_thread::sleep_for(std::chrono::seconds(1)); + };}); + + for(size_t i = 0 ; i< vt.size(); i++) + { + vt[i]->join(); + delete vt[i]; + } + + cout << "(pid:" << std::this_thread::get_id() << ")" + << "(count:" << param.count << ")" + << "(use ms:" << (TC_Common::now2us() - start)/1000 << ")" + << endl; + + while(callback_count != param.count * param.thread) { + std::this_thread::sleep_for(std::chrono::seconds(1)); + } + print.join(); + cout << "----------finish count:" << callback_count << endl; + } + catch(exception &ex) + { + cout << ex.what() << endl; + } + cout << "main return." << endl; + + return 0; } diff --git a/examples/CustomDemo/CustomClient/main.cpp b/examples/CustomDemo/CustomClient/main.cpp index 2c3fedd..d27fe06 100644 --- a/examples/CustomDemo/CustomClient/main.cpp +++ b/examples/CustomDemo/CustomClient/main.cpp @@ -233,7 +233,7 @@ int main(int argc, char *argv[]) } std::thread print([&]{while(callback_count != param.count * param.thread) { - cout << param.call << ": ----------finish count:" << callback_count << endl; + cout << "Custom:" << param.call << ": ----------finish count:" << callback_count << endl; std::this_thread::sleep_for(std::chrono::seconds(1)); };}); diff --git a/examples/HttpDemo/Http2Client/main.cpp b/examples/HttpDemo/Http2Client/main.cpp index de4159b..688f7d2 100644 --- a/examples/HttpDemo/Http2Client/main.cpp +++ b/examples/HttpDemo/Http2Client/main.cpp @@ -170,7 +170,7 @@ int main(int argc, char *argv[]) } std::thread print([&]{while(callback_count != param.count * param.thread) { - cout << param.call << ": ----------finish count:" << callback_count << endl; + cout << "Http2:" << param.call << ": ----------finish count:" << callback_count << endl; std::this_thread::sleep_for(std::chrono::seconds(1)); };}); diff --git a/examples/HttpDemo/HttpClient/main.cpp b/examples/HttpDemo/HttpClient/main.cpp index c83c868..3aa8ec6 100644 --- a/examples/HttpDemo/HttpClient/main.cpp +++ b/examples/HttpDemo/HttpClient/main.cpp @@ -204,7 +204,7 @@ int main(int argc, char *argv[]) } std::thread print([&]{while(callback_count != param.count * param.thread) { - cout << param.call << ": ----------finish count:" << callback_count << endl; + cout << "Http:" << param.call << ": ----------finish count:" << callback_count << endl; std::this_thread::sleep_for(std::chrono::seconds(1)); };}); diff --git a/examples/QuickStartDemo/HelloServer/Client/main.cpp b/examples/QuickStartDemo/HelloServer/Client/main.cpp index e310d97..386f833 100644 --- a/examples/QuickStartDemo/HelloServer/Client/main.cpp +++ b/examples/QuickStartDemo/HelloServer/Client/main.cpp @@ -341,7 +341,7 @@ int main(int argc, char *argv[]) } std::thread print([&]{while(callback_count != param.count * param.thread) { - cout << param.call << ": ----------finish count:" << callback_count << endl; + cout << "Hello:" << param.call << ": ----------finish count:" << callback_count << endl; std::this_thread::sleep_for(std::chrono::seconds(1)); };}); diff --git a/examples/SSLDemo/Client/config.conf b/examples/SSLDemo/Client/config.conf index 07daeb5..7c1ad85 100755 --- a/examples/SSLDemo/Client/config.conf +++ b/examples/SSLDemo/Client/config.conf @@ -28,6 +28,37 @@ cert = ../examples/SSLDemo/certs/client.crt #can be empty key = ../examples/SSLDemo/certs/client.key + + + #server crt + ca = ../examples/SSLDemo/certs/server1.crt + #can be empty + # cert = ../examples/SSLDemo/certs/client1.crt + #can be empty + # key = ../examples/SSLDemo/certs/client1.key + + + + #server crt + ca = ../examples/SSLDemo/certs/server1.crt + #can be empty + cert = ../examples/SSLDemo/certs/client1.crt + #can be empty + key = ../examples/SSLDemo/certs/client1.key + + + + #auth access key + accesskey = tars-test-user + #auth secret key + secretkey = 123456 + #server crt + ca = ../examples/SSLDemo/certs/server1.crt + #can be empty + cert = ../examples/SSLDemo/certs/client1.crt + #can be empty + key = ../examples/SSLDemo/certs/client1.key + diff --git a/examples/SSLDemo/Client/main.cpp b/examples/SSLDemo/Client/main.cpp index 740d566..3db68db 100644 --- a/examples/SSLDemo/Client/main.cpp +++ b/examples/SSLDemo/Client/main.cpp @@ -26,6 +26,9 @@ using namespace TestApp; Communicator* _comm; static string helloObj = "TestApp.SSLServer.SSLObj@ssl -h 127.0.0.1 -p 9005"; +static string hello1Obj = "TestApp.SSLServer.SSL1Obj@ssl -h 127.0.0.1 -p 9006"; +static string hello2Obj = "TestApp.SSLServer.SSL2Obj@ssl -h 127.0.0.1 -p 9007"; +static string hello3Obj = "TestApp.SSLServer.SSL3Obj@ssl -h 127.0.0.1 -p 9008 -e 1"; struct Param { @@ -84,7 +87,7 @@ void syncCall(int c) try { - param.pPrx->testHello(buffer, r); + param.pPrx->testHello(buffer, r); } catch(exception& e) { @@ -118,19 +121,23 @@ void asyncCall(int c) { cout << "exception:" << e.what() << endl; } + + if(i % 1000 == 0) + TC_Common::msleep(100); } int64_t cost = TC_Common::now2us() - t; cout << "asyncCall send:" << cost << "us, avg:" << 1.*cost/c << "us" << endl; } + int main(int argc, char *argv[]) { try { if (argc < 6) { - cout << "Usage:" << argv[0] << "--config=conf --count=1000 --call=[sync|async] --thread=1 --buffersize=1000 --netthread=1" << endl; + cout << "Usage:" << argv[0] << "--config=conf --count=1000 --call=[sync|async|sync1|async1|sync2|async2] --thread=1 --buffersize=1000 --netthread=1" << endl; return 0; } @@ -162,12 +169,6 @@ int main(int argc, char *argv[]) _comm->setProperty("netthread", TC_Common::tostr(param.netthread)); - param.pPrx = _comm->stringToProxy(helloObj); - - param.pPrx->tars_connect_timeout(5000); - param.pPrx->tars_async_timeout(60*1000); - param.pPrx->tars_ping(); - int64_t start = TC_Common::now2us(); std::function func; @@ -175,17 +176,52 @@ int main(int argc, char *argv[]) if (param.call == "sync") { func = syncCall; + param.pPrx = _comm->stringToProxy(helloObj); } else if (param.call == "async") { func = asyncCall; + param.pPrx = _comm->stringToProxy(helloObj); + } + else if (param.call == "sync1") + { + func = syncCall; + param.pPrx = _comm->stringToProxy(hello1Obj); + } + else if (param.call == "async1") + { + func = asyncCall; + param.pPrx = _comm->stringToProxy(hello1Obj); + } + else if (param.call == "sync2") + { + func = syncCall; + param.pPrx = _comm->stringToProxy(hello2Obj); + } + else if (param.call == "async2") + { + func = asyncCall; + param.pPrx = _comm->stringToProxy(hello2Obj); + } + else if (param.call == "sync3") + { + func = syncCall; + param.pPrx = _comm->stringToProxy(hello3Obj); + } + else if (param.call == "async3") + { + func = asyncCall; + param.pPrx = _comm->stringToProxy(hello3Obj); } else { - cout << "no func, exits" << endl; + cout << "no func, exits:" << param.call << endl; exit(0); } + param.pPrx->tars_connect_timeout(5000); + param.pPrx->tars_async_timeout(60*1000); + vector vt; for(int i = 0 ; i< param.thread; i++) { @@ -193,7 +229,7 @@ int main(int argc, char *argv[]) } std::thread print([&]{while(callback_count != param.count * param.thread) { - cout << param.call << ": ----------finish count:" << callback_count << endl; + cout << "SSL:" << param.call << ": ----------finish count:" << callback_count << endl; std::this_thread::sleep_for(std::chrono::seconds(1)); };}); diff --git a/examples/SSLDemo/Server/SSLServer.cpp b/examples/SSLDemo/Server/SSLServer.cpp index a615809..7b76048 100644 --- a/examples/SSLDemo/Server/SSLServer.cpp +++ b/examples/SSLDemo/Server/SSLServer.cpp @@ -29,7 +29,9 @@ SSLServer::initialize() //... addServant(ServerConfig::Application + "." + ServerConfig::ServerName + ".SSLObj"); + addServant(ServerConfig::Application + "." + ServerConfig::ServerName + ".SSL1Obj"); addServant(ServerConfig::Application + "." + ServerConfig::ServerName + ".SSL2Obj"); + addServant(ServerConfig::Application + "." + ServerConfig::ServerName + ".SSL3Obj"); } ///////////////////////////////////////////////////////////////// void diff --git a/examples/SSLDemo/Server/config.conf b/examples/SSLDemo/Server/config.conf index 002c91e..6570aeb 100755 --- a/examples/SSLDemo/Server/config.conf +++ b/examples/SSLDemo/Server/config.conf @@ -56,7 +56,7 @@ cert = ../examples/SSLDemo/certs/server.crt key = ../examples/SSLDemo/certs/server.key #default is 0 - verifyclient = 0 + verifyclient = 1 #ip:port:timeout @@ -74,6 +74,7 @@ #tars protocol protocol = tars + #ip:port:timeout endpoint = ssl -h 127.0.0.1 -p 9006 -t 10000 @@ -84,12 +85,66 @@ #imp thread num threads = 5 #servant + servant = TestApp.SSLServer.SSL1Obj + #queue capacity + queuecap = 1000000 + #tars protocol + protocol = tars + # ca = ../examples/SSLDemo/certs/client1.crt + cert = ../examples/SSLDemo/certs/server1.crt + key = ../examples/SSLDemo/certs/server1.key + #default is 0 + verifyclient = 0 + + + + #ip:port:timeout + endpoint = ssl -h 127.0.0.1 -p 9007 -t 10000 + #allow ip + allow = + #max connection num + maxconns = 4096 + #imp thread num + threads = 5 + #servant servant = TestApp.SSLServer.SSL2Obj #queue capacity queuecap = 1000000 #tars protocol protocol = tars - + ca = ../examples/SSLDemo/certs/client1.crt + cert = ../examples/SSLDemo/certs/server1.crt + key = ../examples/SSLDemo/certs/server1.key + #default is 0 + verifyclient = 1 + + + + #ip:port:timeout + endpoint = ssl -h 127.0.0.1 -p 9008 -t 10000 -e 1 + #allow ip + allow = + #max connection num + maxconns = 4096 + #imp thread num + threads = 5 + #servant + servant = TestApp.SSLServer.SSL3Obj + #queue capacity + queuecap = 1000000 + #tars protocol + protocol = tars + #auth access key + accesskey = tars-test-user + #auth secret key + secretkey = 123456 + ca = ../examples/SSLDemo/certs/client1.crt + cert = ../examples/SSLDemo/certs/server1.crt + key = ../examples/SSLDemo/certs/server1.key + #default is 0 + verifyclient = 1 + + diff --git a/examples/SSLDemo/certs/ca.crt b/examples/SSLDemo/certs/ca.crt index a57ea14..7b784f3 100644 --- a/examples/SSLDemo/certs/ca.crt +++ b/examples/SSLDemo/certs/ca.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDCzCCAfOgAwIBAgIUfmd8TIa6hXXp/KibyRhjrYGhY+gwDQYJKoZIhvcNAQEL -BQAwFTETMBEGA1UEAwwKKi5kZW1vLmNvbTAeFw0yMDAyMTMxMjMwNDdaFw0zMzEw -MjIxMjMwNDdaMBUxEzARBgNVBAMMCiouZGVtby5jb20wggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDOV6uDon7+RDiCpHzOaAa5P1vtj1k0YEkWbLwsBBDT -wYdkXnnfYHxQfY9kh9Gp13Otx0xCdTVBDQAlAxqAK9zH7dgxxysvcQE2ZL9mnkFx -BksP6kHRM//HQM9ylaPCgyA5L2nsixLZ4ipkI1td+n/nL6mB4GIAhwSVJlN74CXE -FXPjMaS7dEdRfdVz6gD2h1L8jFF9f7S9ZawZ8kw+JWUKflzr0L9mRGbuhukCJ+3N -TZFKHSL1Yy0NsE0nM8X0ncmpQExQ0sqrKgmAHnju9jXvMbxMjFI2AwrLPtV8U2Hg -ziztJmdPqM8LIQZpmeynq9eP1+AD7PEu8C7LsV5wTWndAgMBAAGjUzBRMB0GA1Ud -DgQWBBQ4RfWqsDwlD00IhcvCY40gYJtTuDAfBgNVHSMEGDAWgBQ4RfWqsDwlD00I -hcvCY40gYJtTuDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCj -DbEL8nvVzyhW01O3/5oJSd8Z1g+7WupLmtF5OZuKN2XKDICLRxtow7XHiJLlkgZW -4K/kJeXvbPYRrKTm6PHJ63bWKl6YaD3/Vm9wgCLC48ikrOqiEL2w/mI/zFeEvZ3K -U50tLnllY2L0NZxgRZ7wZZqU6qKMxHn7UMYtfzSf7XzBBXi6qzf290DNminr9YgT -afsP+cjL74TchyZifFqI+sGhXO9IY8+lrRYoUXUwcE0DPWHe08UrAtT1E1b7SU2o -pvlUABuUbufvTwu1Cj6mDqOjQQUmWDqNgb2FeNWsmdkBqrhxkLorLiNb5o/YgCKJ -Patq2TfT09tiaeNAl/cF +MIIDCzCCAfOgAwIBAgIUblg0MMUtu1YdIF1CmdlcKCXdg5gwDQYJKoZIhvcNAQEL +BQAwFTETMBEGA1UEAwwKKi5kZW1vLmNvbTAeFw0yMDAyMTQxMjQ5MDVaFw0zMzEw +MjMxMjQ5MDVaMBUxEzARBgNVBAMMCiouZGVtby5jb20wggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQCv8i3rLGi7j1E62fvpZ+9DI0kz6ASNOrmphzHS/E9p +X7EijiLpat+YARsYC42qA4+Cky1ItDTASUAkvVZNCj+6TNsFx1LSesgE28roOBOi +qXCtwBIQvAJBPRpgZtX5++BWyxexBsHszp8t1k7QKgVY3eXeGCQHOHZZltXNFGKP +2hruxct2VEcZWqWdYKE1hy0GSyxvejsT2GLv2OMlWwD/iE+UvTKU5+9CTq/vfx3j +vGUo410DniMz1OqqxAAamKhx4lzKvPfZeW/CQe929qwQONxGQENRXKiCiPkMTRIo +JCdXBDS6ztolq4URIB57yCq88qMO8ZY6URA6U97qyhlJAgMBAAGjUzBRMB0GA1Ud +DgQWBBSAwN6/0NtVoAWC7TB9PnYMzJhMJTAfBgNVHSMEGDAWgBSAwN6/0NtVoAWC +7TB9PnYMzJhMJTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBX +rGw19azPpFebPM5WHOUNBF5CesevnE4md0lE/9DcXl1wSLAwJC7bVijqt/gA4AgO +i+7AnVxlrrMZ4UBEgMu8cHyAGuaC/u+wSJ49TpciMk3/bKfN1gnQ1O/bzm8zpP/B +zQmffhiQcuM1wqStQeTnqD7bP4vAQKqLZGb0Hca2dPsRYIgW+z1dxLg6dxrFlkG8 +dunwDDQXsnYf3PcB2fMQuK1lJltiiu7sVe+XeFeRTFSDGyxDs9q28SwRIHWlzIIC +j+57DkNAgBf9aYf7QM2dnmFNMHSs9fP8MZX7kltu5GadJKprDbjBtJd4IWSCMOv5 +A/fdjurUkf3aCj1qGj+o -----END CERTIFICATE----- diff --git a/examples/SSLDemo/certs/ca.key b/examples/SSLDemo/certs/ca.key index d91cf9c..d4d34a0 100644 --- a/examples/SSLDemo/certs/ca.key +++ b/examples/SSLDemo/certs/ca.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAzlerg6J+/kQ4gqR8zmgGuT9b7Y9ZNGBJFmy8LAQQ08GHZF55 -32B8UH2PZIfRqddzrcdMQnU1QQ0AJQMagCvcx+3YMccrL3EBNmS/Zp5BcQZLD+pB -0TP/x0DPcpWjwoMgOS9p7IsS2eIqZCNbXfp/5y+pgeBiAIcElSZTe+AlxBVz4zGk -u3RHUX3Vc+oA9odS/IxRfX+0vWWsGfJMPiVlCn5c69C/ZkRm7obpAiftzU2RSh0i -9WMtDbBNJzPF9J3JqUBMUNLKqyoJgB547vY17zG8TIxSNgMKyz7VfFNh4M4s7SZn -T6jPCyEGaZnsp6vXj9fgA+zxLvAuy7FecE1p3QIDAQABAoIBAG5V6tzEs2t7R0x0 -cFhev9mmy51IHccoBWz8T9KpieXxglhlPH35tf/EZDy5c5+CGdU+0MRosEVMkls4 -QZ9v1OsDf6t+eNUxdBiF3uMclJm/Z7vm47LeP1NokIURBzQnsb9iXx2hcD8Z9Nj/ -Hwgtvt78WYOdXEoz6HtotxNyVD940uEg9U3dPKBAVJRFtLa4pBtSbj1ZpElFsR/l -f94+uwgESsgZF7OZZiKEklLpC2/xPi4m/IDxCBjy3GW7nou6T1Cy90DBX7OfhFur -fQjcAzC4AKvGdkT/0ocQw6jdtGVzDgYEO7pD7r6rpubwsbYXaXOgBvzELUSM+nj3 -Lpv+anECgYEA9VBUAAzcn3mCvf5Dh/VrK997Ll4+/0F0SRFBGW2x/ChRKaIXIMCb -VGIRTIhPACl98v8ctwML9sYQ+4bBYabwTxkCtHS1OoZlUUUzCusVaQ+6VmbWHadd -Ua+Gl0cfM6S5jNpbkoiAG7lRA76GH+QfOlCawhgbWWGD5iT2wHBVk88CgYEA11S+ -kHDcPzlHHfiobFlJimeeb4j5G2I26fZSlaO5gAkD8yzxov7zMSSemfAE8j/fS0+6 -EZkArsyro9lATlWejdssndKku7uykuvwIQvKCYd13lD0/Cpvb101MuM7CcYXsoDv -z7vaaV94Xe8TgL3BY7+QYD7mANC1XwUZS17eVpMCgYEAxd+QkiXNw/kgg55X3JAS -bWYrl0BAMmcapGF9kERSX+IpbZqoayvRXyRnbcM5bhkJ1fr/r4OOn/Qt+KU+0UT1 -6+dxrhvBnz6O9RoLTRBIyeD83fq/VVYNyPj7aITe3ypM3Re4656dLz+w4INK7uh0 -Y/Zmjo8haFxnJznDq4AxFzMCgYAMwGb8lMJmOBUfED+hEvSI7rPyNPFTjtBjsIOZ -evWcQGxsdSfmGCT8rwd5ZD5WvjOR+SmyqxXgRByR+maVfPqDugv9WKEKwQXFL5Wr -z0/qmov/W1n2qOiqdqGU3uH7JTD4ECyjZ6N6g/3TyjmkcRhHuOtq1661M6bZ9qpV -zUtrYwKBgQDoV7ra5JQ217LB49ZXqWMyA5CGMf6NxMwVzPy7H+Pk2F6FQw7lXPEy -XCYD94lhcFuZIUkfqjbG96C1z18ALF7XaxwidYJlkrhXrgZigsJtcUG+RDaavpfI -u5qVhzJbGexoo7hXJeDvgilu525eoysmnlTATqNkRWdP7T4w+uu86w== +MIIEowIBAAKCAQEAr/It6yxou49ROtn76WfvQyNJM+gEjTq5qYcx0vxPaV+xIo4i +6WrfmAEbGAuNqgOPgpMtSLQ0wElAJL1WTQo/ukzbBcdS0nrIBNvK6DgToqlwrcAS +ELwCQT0aYGbV+fvgVssXsQbB7M6fLdZO0CoFWN3l3hgkBzh2WZbVzRRij9oa7sXL +dlRHGVqlnWChNYctBkssb3o7E9hi79jjJVsA/4hPlL0ylOfvQk6v738d47xlKONd +A54jM9TqqsQAGpioceJcyrz32XlvwkHvdvasEDjcRkBDUVyogoj5DE0SKCQnVwQ0 +us7aJauFESAee8gqvPKjDvGWOlEQOlPe6soZSQIDAQABAoIBADujNRlPtjhM/dWa +6Z5V0m3JWhiz/kb4rtHdt2+ygiBPhTUXRJIl3aAiT9K4p84G4u/5fxHzsyWyLoHF +g6kdXjiBsIOm6lXZtE6hSYeo6k7qa/0Y64ask38VfQlMEh9n1sTUljU0+yqPZrkc +uR4qACH9JNtBB4VDCCqZy+J1lGr5jJjNB54Lv104bv0v5oF/CcT/D5r9fWbrFtKA +9RI4s0hc01ODlFOX8/N/Wemh/XMogi4Kt6n2Qkxdkt/eEheIs1oqbobO74rdXmOp +XhgLb/7QN9xqJVOsz7Bei4wevZYTj2IFAr5jpjoaItFP4aVw2QqiZwjdVPi8RhNg +TeaYxhkCgYEA4izPmmq7nWiisnkfTmWLp96OVcKDEP4RLdQcxC8sRgf8nj5SeVOj +pW2AXZ0sTDJQzjevox10keYDMeq0tgyBKAvmuHUMcHqUrNohvI6gbb40ldP40u1Q +Aqp1VCbHCaag/j5d30mVv6UTa47SB0V4e6a+xlfDvF6XuALO2Hp5qvMCgYEAxyW+ +OZV63i8G3ZKUBm/CmUa0jqX+AVqGuH1ZEDJvHE/MGAmzcY99gAZSfRabHCBmP/8u +osYImu5ai+d8H/kV4MEYpuzHY445it0oUJPqYDjMlQja4ikRDrOE4evhs1rwXuV6 +O65R9z2uGbMjBmUAe89J5n8e8MSLvslve60bwdMCgYEAr2Yg+ZecN85VniLgbGPD +kkO+DjPygNMHb4r3ZA1RQF4hQncCbqS2XCw3SGIDYHQExmfZBZ5qMFs4TxW9XxED +eJMCMjpTk0b81a+0Sg4xy+mdzjO825a+XdLjeoc4A/v9Di4/jlH6l8zk6pyvtIPj +k8EUYazeVs7kygcjci5I/JECgYB7h4HznjFU2L7deiqvw2tmQGGHipeAp3Khxb8V +OPOLEER9NKdGbcdfPoy0Yu1cCQzj7Zo0BbsYv3kTB0gLXSqg+6YbBQy5SGORK5Xy +RY5AmXrth0yetPKLt/dZXEPoSSSI+LdVhc/6GRyBfIjhUo12PyKMA5Zhqsk0UycA +BGUPWQKBgF745ohbFbAWgbbqRrFK6C8E3yAPfg5xOlve0p+yWbqe5Sv1NSQ+Zk3t ++7mBy6ygxNklq3oll8/9c7sYfnAZwdxGlqFj0Aj8CYOm81MfBfd6e1NYXgIaeh3z +MzeZRsobsroKUa2ULlyFmn2MX5HADo0YeTBYj6EZqT6VTAsKdPAN -----END RSA PRIVATE KEY----- diff --git a/examples/SSLDemo/certs/ca.srl b/examples/SSLDemo/certs/ca.srl index 9bafb6c..c54ce59 100644 --- a/examples/SSLDemo/certs/ca.srl +++ b/examples/SSLDemo/certs/ca.srl @@ -1 +1 @@ -5C1561567852EF51D268687494029145127A56C3 +5C1561567852EF51D268687494029145127A56C7 diff --git a/examples/SSLDemo/certs/client.crt b/examples/SSLDemo/certs/client.crt index dde025d..ec3e2c9 100644 --- a/examples/SSLDemo/certs/client.crt +++ b/examples/SSLDemo/certs/client.crt @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE----- -MIICsTCCAZkCFFwVYVZ4Uu9R0mhodJQCkUUSelbDMA0GCSqGSIb3DQEBCwUAMBUx -EzARBgNVBAMMCiouZGVtby5jb20wHhcNMjAwMjEzMTIzMDQ3WhcNMzMxMDIyMTIz -MDQ3WjAVMRMwEQYDVQQDDAoqLmRlbW8uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC -AQ8AMIIBCgKCAQEAqOp2R0JnTBeKjQmHDjIKHlT5RLfk/RTksrw88xdrQgOLbceB -rjZg82yfTJkFW4rTVjjSphNbPCynFwg+BxK9MXfJr9Rs9dsBSpmCViXiw6pmDSZz -on691cL4PYEEeom8y5egp/OU6IQRcNwpyffiVDPYSR8qH3PzTi7RXLGNGtdLFi0I -YeZ+FYlGjTlBQRyqNvOD3nEvIocNtyWP9+D17wtPENA2AbWbHV2CbKFoc6Zx98Fw -KtVkz94Z4duzjLUZOwjcTWK+zKxfRzVDZtxlMTOA261N8CUha8nl+c4uNgTC0h0J -PE5JTewwXdGftNiR2xWgVLvWfbFg73x0RemoyQIDAQABMA0GCSqGSIb3DQEBCwUA -A4IBAQBxnTndUG6zfHVz5t/2j6pppqY93lXaHoi8VD2dXgtzda8BqgulwZAe8x2v -BAP522Ch3AusIFZs9ejLZt97BHkf30uhnoKKGhHsKDxq4ll338+PEWkvUdQNl1Xi -RZyC4VXwji4DABlM5BKtr0vNbYW8hkZWzOCmM1qHx8FbGmb4Z5lO3t4e7tCiwX72 -yY7/5zqZSS8b5BDMQJtDXjV2yZDJLsfdRx8NRuwsSNPQTkm+MFHLV42mO5vH0Ugb -ULHNRXQsThwO4p1y0Nlo4/Ti0qIh4II0sIkW9chigaGuqxo2D27L2o1hkBbjiLIY -blrKSx8QEWyC7Etnm4KT9Cxs5xmg +MIICsTCCAZkCFFwVYVZ4Uu9R0mhodJQCkUUSelbFMA0GCSqGSIb3DQEBCwUAMBUx +EzARBgNVBAMMCiouZGVtby5jb20wHhcNMjAwMjE0MTI0OTA2WhcNMzMxMDIzMTI0 +OTA2WjAVMRMwEQYDVQQDDAoqLmRlbW8uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAzXLpEt1TWXzwWx6eQPGztqo7MSx8r3vxh5l5Wm45tRTNXot8 +eh7QWvJChflUlnz9y0J7O2SxFnjdpHrp29AkLlt/aRjvRfLfgDcc7LqfUpWcc3qz +bkYPnktywXAuA1R3JnnsrDKFiwPY5Fc0bVuiZ0VZD9ufalvoc+kd3PjeQYvYkvUa +axZ0iaxKs5PaKwYIKW7RsWQa2bNkArH+slet50JDbDXuZXEnPghBLyjAhkhPmLQ8 +jjrMX1t4fl0qQ21/q7TDf4FL+QNTcmEWQFEpz2H3qhM+J8UU2JdW36p+++Nj3CaF +lcWpCpxqJ8UGMqCfTM+KcPmBg/UQ/ByRb0wiqwIDAQABMA0GCSqGSIb3DQEBCwUA +A4IBAQBMED94VcdZJwznIJ3FOyv+8D7P9PYS1KvIVclsC1G2Wzrhohx4sMcCE4QE +43TJDc0Vj/fQR+g3IyPL3TTWofLuif/Pp+7t2mieST7USrIWPJuUYYdkbch/WUEX ++p9vzdKJOnClCcdcMIptUJdHd7/X+qHPo0m4xg8qEfkW79IvcOQqAcl0Mx+Lxiny +Xps3VTe7j6IOdv4ZycD0OtYj3RSoQPfjWZ8yFV7riYjd0hj05sG/CNJ/9Nvy34tn +xRZnlWzMziOqYK+U/2BS1+j+LrfMJCgeShGdmBziqMde99Vovj2dv7sDvXqfZfCz +jLWfPO5ShCU72n7MoM/yqsTD8FmS -----END CERTIFICATE----- diff --git a/examples/SSLDemo/certs/client.csr b/examples/SSLDemo/certs/client.csr index 2d8bd62..0c0c57e 100644 --- a/examples/SSLDemo/certs/client.csr +++ b/examples/SSLDemo/certs/client.csr @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE REQUEST----- MIICWjCCAUICAQAwFTETMBEGA1UEAwwKKi5kZW1vLmNvbTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKjqdkdCZ0wXio0Jhw4yCh5U+US35P0U5LK8PPMX -a0IDi23Hga42YPNsn0yZBVuK01Y40qYTWzwspxcIPgcSvTF3ya/UbPXbAUqZglYl -4sOqZg0mc6J+vdXC+D2BBHqJvMuXoKfzlOiEEXDcKcn34lQz2EkfKh9z804u0Vyx -jRrXSxYtCGHmfhWJRo05QUEcqjbzg95xLyKHDbclj/fg9e8LTxDQNgG1mx1dgmyh -aHOmcffBcCrVZM/eGeHbs4y1GTsI3E1ivsysX0c1Q2bcZTEzgNutTfAlIWvJ5fnO -LjYEwtIdCTxOSU3sMF3Rn7TYkdsVoFS71n2xYO98dEXpqMkCAwEAAaAAMA0GCSqG -SIb3DQEBCwUAA4IBAQBxzQt4BuF7HIAReW0RAWpAXoJVJlLKoObIuRwT0dqcHbRs -uZKovoKjhLlI0Cg2ljLj+p87fbHAl256pnUa91B+Qzy+NwNxltXqKE5fYuH1hvP1 -SRJ/qaXPbWmX7ZQ0y3eBE17HOAP4GVpURbsOVQdaxJOjxIeFG6H+FmKNMzCo8e+B -KB3bYCHCPSI8VLWPbKF8fbu1JmBstjikHEEW85WiV/ZGqnYIT2CijyuKFEzYwkZg -sIW5xjzqaYKo+RzwYeYqvL6kvniWHaxwdnEz3t0yr4V51ouPvoimSPHsA8qklQil -+ZgYlvSmeNTlQy80UoY81IzHiADxBTzscBPUjILW +AQEBBQADggEPADCCAQoCggEBAM1y6RLdU1l88FsenkDxs7aqOzEsfK978YeZeVpu +ObUUzV6LfHoe0FryQoX5VJZ8/ctCeztksRZ43aR66dvQJC5bf2kY70Xy34A3HOy6 +n1KVnHN6s25GD55LcsFwLgNUdyZ57KwyhYsD2ORXNG1bomdFWQ/bn2pb6HPpHdz4 +3kGL2JL1GmsWdImsSrOT2isGCClu0bFkGtmzZAKx/rJXredCQ2w17mVxJz4IQS8o +wIZIT5i0PI46zF9beH5dKkNtf6u0w3+BS/kDU3JhFkBRKc9h96oTPifFFNiXVt+q +fvvjY9wmhZXFqQqcaifFBjKgn0zPinD5gYP1EPwckW9MIqsCAwEAAaAAMA0GCSqG +SIb3DQEBCwUAA4IBAQCG6KZeU22DzRgfoljtuyPNuONyBPLsDbT2nhM8UFNS7Io9 +hJYIn5FA57PC6vfJOPW4lvg5c73pjccJlLMYzPZ/TwvxUwcQzjeebZeRpPCB2fgQ +ihX/6pyN0s2Li2WK8dNq02y0bH+f+ItftCoFnrhJPfNxObaSpNQh7rIbkxujOprG +wqPmVFvEydzPwFwe6O42b2Ame+qdjva9QH4nbd8dG47kKCVhP8CMq8UbMvngVcbn +9A5dg4mS3OnTAdR21bNlZGQVHTiojKd3go7KrFwMlcRrCZ63+M510wIpUBxmFClA +icfaUazi62EikDnnFExu60xQ8MpWL9U57foKV8ci -----END CERTIFICATE REQUEST----- diff --git a/examples/SSLDemo/certs/client.key b/examples/SSLDemo/certs/client.key index ff280b6..f5541f0 100644 --- a/examples/SSLDemo/certs/client.key +++ b/examples/SSLDemo/certs/client.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAqOp2R0JnTBeKjQmHDjIKHlT5RLfk/RTksrw88xdrQgOLbceB -rjZg82yfTJkFW4rTVjjSphNbPCynFwg+BxK9MXfJr9Rs9dsBSpmCViXiw6pmDSZz -on691cL4PYEEeom8y5egp/OU6IQRcNwpyffiVDPYSR8qH3PzTi7RXLGNGtdLFi0I -YeZ+FYlGjTlBQRyqNvOD3nEvIocNtyWP9+D17wtPENA2AbWbHV2CbKFoc6Zx98Fw -KtVkz94Z4duzjLUZOwjcTWK+zKxfRzVDZtxlMTOA261N8CUha8nl+c4uNgTC0h0J -PE5JTewwXdGftNiR2xWgVLvWfbFg73x0RemoyQIDAQABAoIBACJPfbb7xf+uyHXd -eZFomKWQnRFYSSsfE1U65yZ5m0/NaITkAXNhmE/ZwIHOk0gE6uiYojEZvW57o3UK -N484PzXNHyqX+4n08k404ESfbXBRLGl/Zf2bwPOqpsHXcxFw6Ohx5DA5SgXwzZof -Hl3n/BEedtBjhCrfYox+9gfeCMtqm1s/TkiTe5l8slzzx0V7nLugz2xzaqnI8zpO -+JZpMlnQUh2XJ6ORHyHCI7sEqu/k2AswB+PduDUk/F2HdVzHBMcE8ZC4DrBaO7mS -SKwNwtw+SlakTnMvMhcHG29qMyLQKtHzc6SLlDCRtOjRDVgxecEDAkqyfve9FN93 -F6siQAECgYEA0FNIZSr/nTStT3B1K3XHSKiKJN8cZktUFfC15Yo7cYuT7aqnYh6g -dlm3Po0T66viL/yTA+vhbTTOTn5m0Gx3Yq6lPC4UVBp4s39UCzxQfXOJyTB/1ht2 -6SDEnom83EW6S/FklOnG5NZSDODw8B4XopMFnx6+69p32kldcJ/Ysw0CgYEAz5Jh -YJnx4AN4C4rNPBPkuRv/T/kfar2XVUA9dMlN9srMsIQiksH9tQQ9i1ABrjsnzCJp -IgRiMlHiiODr6JU71kdHddwLWetC0sjXVIF/7RZBl0QgcnS5z47YADxEWRKwWyUP -uz7Z/mMuV0kSGxp3+WMzoi2Wk6vqg6Nt9DilDa0CgYEAvgwsEDcAx96FeOID0ij5 -K1yt4eM0GlIAHJ/ioMvRXM1Tn06+snF0O2OvGr5C/Q1qJBLL35jxptm0l8ESdHNv -GjRvAw6advtLP50aA8H7P+cGPOckyCN4AEdnd6X6CA0IXj2SX5NBYgPvCFaxFqyt -LR/o0fePfsRn8FhbiOIaI4UCgYBOfM4/ZdaU2xrwWlrChc8tw41l4xBjHy9y9+iF -GX1WfVaqxDwCfEH/yYuv+t+3zvx8buKMD1ZGKrpbAZmSh6Npoeg+g6bzKEdLRtBN -Tu5datYAaa1POh3sgtngNOmvOKbgwAHTzq9FRqGGNcYX44lMDpu+jjhqvE3f2tM/ -zo9yvQKBgAfobnvYbaehkUB0bWlw9oURMfI6fI8T9EGhM0PvWsn0KaPqzsm9pBwS -eQKD88t+DxGQCFszdGE51N3av3matPABiiz0xSDbC0ywSkbcgiF3F3V6Ss9pYnVQ -NzLekf3JFRbpknvTeHbyaSqodeU8NC9lgVTGr46xkvUmNW4ixmqA +MIIEowIBAAKCAQEAzXLpEt1TWXzwWx6eQPGztqo7MSx8r3vxh5l5Wm45tRTNXot8 +eh7QWvJChflUlnz9y0J7O2SxFnjdpHrp29AkLlt/aRjvRfLfgDcc7LqfUpWcc3qz +bkYPnktywXAuA1R3JnnsrDKFiwPY5Fc0bVuiZ0VZD9ufalvoc+kd3PjeQYvYkvUa +axZ0iaxKs5PaKwYIKW7RsWQa2bNkArH+slet50JDbDXuZXEnPghBLyjAhkhPmLQ8 +jjrMX1t4fl0qQ21/q7TDf4FL+QNTcmEWQFEpz2H3qhM+J8UU2JdW36p+++Nj3CaF +lcWpCpxqJ8UGMqCfTM+KcPmBg/UQ/ByRb0wiqwIDAQABAoIBAQCTm5HVmeq+isNt +1CvDYWTLQrdQdzQGKLi5wgysajFP5ug+m10NqIHuNcyR0Tdy/86gcN11KL0K9j/Y +Yu8OnRbBr7901RNkYEEwL2i6tMKvZQqI9YlhGzkxc+e5D04f2lnY7RScC5hi7pqw +Q+9I+uNN60c324VHt0zlqoFoN+4HjJT786goeZVEBpUBVnJck31X7dtEpEDHFIaj +FMf7UPz+hA3vjB/tvK4gaBkCjPaNaYndTlclh8EHIPBFSoNX2EomIcluKclDgJfr +kVwGF/XAT0bHe9TABnp6/p08abYPKk6xUXZeBp7TjisRlslgcUbNAdeMQFThYwXH +0DXmiPSBAoGBAP48Qpxc33sYfMX5V0qZy5YLftgfhaV5ozPqBWGLQwSicx1pE/uQ +laYU4yBUVOsGOYwU72jU90DbCQvDb7F5I2gaznrUlb9cNIYn6pnSeHcUQP7+cFZS +ntp+uHDro0gRZcv+XMfOpHORErbzO/H9us8CmJhmCcDiY6ha789FC5iLAoGBAM7f +9q5P+DOpgydNCObCEujLv074I5Br/A/pjPzA/jHE8Hwflrwz4Suk1RcN1hQvaCOG +a8IIaKShYHG4UEy0yH/EPt/bK8tYzenVYOdoYIiVPTnrZYLkhKF9vLXEJWLzJOLd +TEKiwHMr2cKESLvfanSUU4/lYR2f7TWNGhyQqsJhAoGAMFviB8Aaul10DmxZUFVk +xku1ewKz9z/l7VAMafuFafJEl0mPhYCBFrBOa63e4T2z4JNy3qvzxCBl3hj0u/tg +4sKGmBKr0VSGoSYil9PTGkN+AYMAd0sL8F++UaxgyKqWhHED0PXbjigAOVCXDHbI +++twfzyZilkFv9ZcWz607/UCgYAdMgxdQ1ny6Ixi4oNMFb2XbxG7sldKjYLQOBS2 +owH8wh9yVP7v5p5zi1qrWz+IL7yRrunMQ2WJPmEfC3UBrk3Rgj+hVgwTMaA1zPBV +GCzveahfYTI9S8TQCa+1M05XbZsaDUMy8EcaueiMhCDDqt8aPsigOS4AgU53zUcP +GveOYQKBgCokPs5b7Lbb8j1QjU7g8TJ4t9NhWfgMXYzet5djhbzpP/dSG9RaJn4Q +JOfUcMpQ3INkwq7t2T3PgZO3l8drBP52JscvzHYMgSdD0EbfIK5ekNMGE/G+0pD2 +kALU50yc7f7FaP8142/sqlCg8cwMi6LQSN00hqw6yELQGKwjzRIs -----END RSA PRIVATE KEY----- diff --git a/examples/SSLDemo/certs/client1.crt b/examples/SSLDemo/certs/client1.crt new file mode 100644 index 0000000..61380dc --- /dev/null +++ b/examples/SSLDemo/certs/client1.crt @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICsTCCAZkCFFwVYVZ4Uu9R0mhodJQCkUUSelbHMA0GCSqGSIb3DQEBCwUAMBUx +EzARBgNVBAMMCiouZGVtby5jb20wHhcNMjAwMjE0MTI0OTA2WhcNMzMxMDIzMTI0 +OTA2WjAVMRMwEQYDVQQDDAoqLmRlbW8uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEA7Qw+OBtzkGG38r4IOBzgpJte5qHPCTBCeowt/6dmwY3W+1bU +cf5wdHBtSsuv3M5OpWKCG8gu3gpBZQvpz7MfN50ouuM0sDvKUxIUP2KX/nv7uiDg +R4iJy47M4XSH2qbRovKPZeRCeigkiU4gKMnJ0Vx82EgEdOLzBt1wLL8a0q1zVOwC +stII/0d4VhCoWgurddJa1gU7EwQ+ZRLwSbbvtgsEfVYCvwC/gb3fGrljJ2PpeY2/ +UfxggnqGcG0IZoT4zi0uyRgK094nPVupS9JM5ig4I/FpP+KQ1LTlDh9LrwZrCQXj +/DFp0Wka5DWHTXWb7TwZShFo3r3emD3gGZi0owIDAQABMA0GCSqGSIb3DQEBCwUA +A4IBAQB9+YqEgsabF3hh3OBFZmg0Je12mkFBsMCRPwMOXfEY8Mzt7xVHHx5iKsBa +u3XaLhVnOgu6VryGSIRmD7lGMctfIELysWu5xQtoY+m9xWZfDhY8G9sNhLSShJ/H +7UZ5/FUi+meohIM0SHEdzTyQtBSs+lfhgshsgtpZ4ysZDQTM/ukuOyBf1vXcs+Gx +pQa4hDQ+Tnev0h6z4PIDCeg88KohDgrzFMSFZ04bNUSLeIxjgo47hLxVNa/3xokh +yaTz4QZ3OcOjjfw//5lyfLDAZ7Rk1FBZ+NjdGRPjmTVIic2utT4QwS8aQyqDN/jA +gxo1xb+Tu5YxHXkMGa2hwV3VvhkF +-----END CERTIFICATE----- diff --git a/examples/SSLDemo/certs/client1.csr b/examples/SSLDemo/certs/client1.csr new file mode 100644 index 0000000..dc5eedc --- /dev/null +++ b/examples/SSLDemo/certs/client1.csr @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICWjCCAUICAQAwFTETMBEGA1UEAwwKKi5kZW1vLmNvbTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAO0MPjgbc5Bht/K+CDgc4KSbXuahzwkwQnqMLf+n +ZsGN1vtW1HH+cHRwbUrLr9zOTqVighvILt4KQWUL6c+zHzedKLrjNLA7ylMSFD9i +l/57+7og4EeIicuOzOF0h9qm0aLyj2XkQnooJIlOICjJydFcfNhIBHTi8wbdcCy/ +GtKtc1TsArLSCP9HeFYQqFoLq3XSWtYFOxMEPmUS8Em277YLBH1WAr8Av4G93xq5 +Yydj6XmNv1H8YIJ6hnBtCGaE+M4tLskYCtPeJz1bqUvSTOYoOCPxaT/ikNS05Q4f +S68GawkF4/wxadFpGuQ1h011m+08GUoRaN693pg94BmYtKMCAwEAAaAAMA0GCSqG +SIb3DQEBCwUAA4IBAQDrJMiKZIriezIo2PaJzm1Da4vcB41oiFVQGZuFRRN7Mt9t +tMDuZeVILSqkT1zHu0lamGuS/SKk1VSV0Or7S5Y2Bzm6MtsbVSpbMsRSj9HvXhZJ +lC6+YV1BfiZdSLdWPh/0vn6ku6/znKl8o68DvZyvSDoBahafbQluab/KGf85B0JP +vJ0AHAokfGMiragnKfJhPO18+IT5OClDDdjXbVs/PWx0SLt1EHjzqJOTNtvpDIw+ +BZIiOcxhz7UjnGeyp5dvpnEbmhmk0WhZ0tsP2czOQwZIDesx2Nhbz/V45X1qDU3O +W0K9g37n7m1zsWHlA7LXwpSzG+wJTRWMOVGUxfyg +-----END CERTIFICATE REQUEST----- diff --git a/examples/SSLDemo/certs/client1.key b/examples/SSLDemo/certs/client1.key new file mode 100644 index 0000000..bfcd3eb --- /dev/null +++ b/examples/SSLDemo/certs/client1.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA7Qw+OBtzkGG38r4IOBzgpJte5qHPCTBCeowt/6dmwY3W+1bU +cf5wdHBtSsuv3M5OpWKCG8gu3gpBZQvpz7MfN50ouuM0sDvKUxIUP2KX/nv7uiDg +R4iJy47M4XSH2qbRovKPZeRCeigkiU4gKMnJ0Vx82EgEdOLzBt1wLL8a0q1zVOwC +stII/0d4VhCoWgurddJa1gU7EwQ+ZRLwSbbvtgsEfVYCvwC/gb3fGrljJ2PpeY2/ +UfxggnqGcG0IZoT4zi0uyRgK094nPVupS9JM5ig4I/FpP+KQ1LTlDh9LrwZrCQXj +/DFp0Wka5DWHTXWb7TwZShFo3r3emD3gGZi0owIDAQABAoIBAQCbBXWvJay20GEG +22XupFv46i7u7wTBgpEHKaNvXJ+jlsnwBsHaZsZOL7QZxQkWgskF+V0TJCAaT2Si +216l2QNiUGHxjmLHmeJf3yPkq+qwn45pE9T4kv9iYtnz20x5Hr1cLfq/bL5YuuXh +8Xiwk/5q72wp2Tco5b5/T9NrP/MfsNKpyGhFg3iuUfVWpbt9pHZQH+XRsv8N1j5J +vLpokbN4yu+vJAiFvbAFB3dUIgtsGO+z3yuYuaPnyAPpKJ2Ddj+yKhYZlLVitEgr +5SdiMY63fzg08LiJ4bdGNNBfa18rCTT2UiELDcs/g9+L/UQZLUgP43qYp3Gg9jwD +MqS36QgJAoGBAP6bxt31acB9/0iXGYYFNUzawTLJTmKY0lHtFL2ONshWyw/JTMDA +jwJYwtYP/Fonj6+021idhzy+2eneRvvk93ZD13kn9/LXHomjGNhvjY4C5RAy/eEv +eUxgLsEyMpBHREOdJaw+d0G70QDOpzp+iT1GbDI6xdxU1LqTmFzSpdwFAoGBAO5X +5aS4LS2xcGY3fuCbf8c1bATpl/pt5QmciUAfTdYcha09rm7oJULW1HujRUWNswdM +CRqBzGukQdzQ9VWcLRqCxjFenceCdS+W5W5f0ePTLV42LHbHyHcgDubwNHD3ZxOZ +fd5vxIAJOSK3U2Sey8Xy7gQTfnMoHUeiDRGI2FaHAoGBAPpspbFyzM00IH95fvU+ +8inhj90v+xUnUtaZ5ah71I5AMAIa8I811nNsclax6neSKdWcgZIrfvTUkulgY1km +3+9G0wyrr0j/JV4jOTDIp+ZiGoNQZD20wA3LHLGRegJG1nHag09jMVFKNkwg9oKm +Kr5GIe1VuX75QTMyMM47sj8xAoGAbJVMwMNLidKZs2e6/Na62uWipYZKP8QLIVrY +SIc6bb4mxGsiadKHDzFSMlWKvIo2sq9YQmQ53hxCCTiFXJA/GCHV6y4A0aDEhH7J +XYR32cQemhoyHZcc4/CN+XYbXg/IPOyjpE/lBLOu/PrqGiAiE7d96gt7gzkWRck1 +DPT8IkcCgYA519bOhJadqF7klt1VcJUm4bWDiZNy8SqnGwDUhV36TCvTILxxGIJj +GKsfDYwC/6icQa0U0pP58xgbB7ObHTfe2A2PtMN1Wx/Lu9Jnysn4pXbYOHADIKaF +Rtog1jYgGtIbaGhdZuPRURoJiPjm9N1ZNaZlAtQFsRWgk+sI7XLSvw== +-----END RSA PRIVATE KEY----- diff --git a/examples/SSLDemo/certs/create.sh b/examples/SSLDemo/certs/create.sh index b1b2375..6ba24eb 100644 --- a/examples/SSLDemo/certs/create.sh +++ b/examples/SSLDemo/certs/create.sh @@ -25,4 +25,23 @@ openssl req -new -key client.key -subj "/CN=*.demo.com" -out client.csr #ca sign client, create client crt openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days 5000 -######################################################################################### \ No newline at end of file +######################################################################################### +#create server1 key +openssl genrsa -out server1.key 2048 + +#create server1 csr +openssl req -new -key server1.key -subj "/CN=*.demo.com" -out server1.csr + +#ca sign server1, create server crt +openssl x509 -req -in server1.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server1.crt -days 5000 + +######################################################################################### + +#create client1 key +openssl genrsa -out client1.key 2048 + +#create clilent1 csr +openssl req -new -key client1.key -subj "/CN=*.demo.com" -out client1.csr + +#ca sign client1, create client1 crt +openssl x509 -req -in client1.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client1.crt -days 5000 \ No newline at end of file diff --git a/examples/SSLDemo/certs/server.crt b/examples/SSLDemo/certs/server.crt index be34e7e..772db23 100644 --- a/examples/SSLDemo/certs/server.crt +++ b/examples/SSLDemo/certs/server.crt @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE----- -MIICsTCCAZkCFFwVYVZ4Uu9R0mhodJQCkUUSelbCMA0GCSqGSIb3DQEBCwUAMBUx -EzARBgNVBAMMCiouZGVtby5jb20wHhcNMjAwMjEzMTIzMDQ3WhcNMzMxMDIyMTIz -MDQ3WjAVMRMwEQYDVQQDDAoqLmRlbW8uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC -AQ8AMIIBCgKCAQEA74MHigfRUfFvvS0ZSMCRiuxtkBZtAk+EeTMTcjamwgV8fMWz -JbtTqxn4325CqvXIcSs2H+c09C7pBufWzkwFFcEpSMokGEyjeKxXMmxhUC+q28yq -WiYim8l7btJZhMa3tpSQaWu+Ul0SctSt0OpM2onxq9s8KN7B0zM9tCmyLZ++IXxx -3yGjRRk1VtVyVePNILdf7EZBZXHu2daxf2GusYfQmV+KAG/r+YbX+7GXh2wZ/lGV -Ur4B6Pzoi/zUGoA7i7Zs/Y2S/yXsRD8UG6jid0slO4uBuiHa9RIjxNoe1NAqirBj -wBVNAbzfKOC7f/qiu5JhIg0qHbb50tXUvLZzbwIDAQABMA0GCSqGSIb3DQEBCwUA -A4IBAQCtk9bOoKdoF3UpDLijhBrmL7a13xT+Q5U3SiZiYw2pdz2FtGzZooQejmm6 -tDCmAisIZMiYS+X6Y2OoWe9dzEE1Rnx0227XPjhQvHAKsBfwL03N1Hw1LSzU7czf -/0pYWSyCVfL6f8DOeH2rnhBPHAE/FzDtnCaIDUtGC3I4ZuYrPBqDmmYTentWsPK3 -2++ay1Hcu/k9vSWTVQZG2bA1XEAlvy5lNaGRop+HI5V3fZiQiZe0+HM65dt68N4W -T72XY35kP3XXyYZLZjhMZPMZHrOeApSmfvFJimAyp2Ax1xtlmyBxyxh7vH33vxna -TXcK3o3hbraYKFihReIdzouG/4rN +MIICsTCCAZkCFFwVYVZ4Uu9R0mhodJQCkUUSelbEMA0GCSqGSIb3DQEBCwUAMBUx +EzARBgNVBAMMCiouZGVtby5jb20wHhcNMjAwMjE0MTI0OTA1WhcNMzMxMDIzMTI0 +OTA1WjAVMRMwEQYDVQQDDAoqLmRlbW8uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAwLHEXgjzTX6Z7MvPI1IAgwiEGuFyPl8b8o/tY9+2mvvs7EU4 +oK3DDRFoGwkTGfuLwstuhKllE2QyIr5QN6FmfWWiitjOovlEVRTJ5a274YXes9Kz +uFlw6RT9WDj2iEkgdB7KWfQjaoCWrjhNt1rzh/jRpcmHsLmpOiQYBPeIpqVTnK1o +risQ6352qnmperB8lcj731rKebDwZIo9y5nL/qDzwH3dBJQeFqvNuPcSd76lrpy+ +9GTA3lFgQQJyUiSwzBD005LKKW4fEcdllPa+/jLAuKO/atm+6dv186w7ojIMceir +549jn9UUyvWXfSfXl+68Aku1FTFFhRdS6OMsWQIDAQABMA0GCSqGSIb3DQEBCwUA +A4IBAQCLCr8rsrgZskc3Ou7dZ5Br8xA2m7lrLSkFQIsDRosfBPerhGr83mgeyp2+ +DNbPy0+IzgBUyN8N/P3QlZbQFq/3u9bjih3QukJuJe6KfYI0/iQu5jHxFv7VgbE+ +a8yqUsrirWsmpltOMobv19jtWm/v1kofvCIUSBCJXkVi2L75164MhkKTGbSV1dl/ +Ujg+X9yss5ZcDR+MqzuHZOO9580Ky0p+9m+STpZFG7QvC9QQtbvUBogAWECg+sSB +RQ7Maq337ERpJg5EGOG2R+sa8rssMGFMRJ9OfenS+KaRF/oNKKL12pG7Y+oYpfEj +WfSt4Lv16RWdV2vkmrorTovSuTIa -----END CERTIFICATE----- diff --git a/examples/SSLDemo/certs/server.csr b/examples/SSLDemo/certs/server.csr index b9df041..0131768 100644 --- a/examples/SSLDemo/certs/server.csr +++ b/examples/SSLDemo/certs/server.csr @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE REQUEST----- MIICWjCCAUICAQAwFTETMBEGA1UEAwwKKi5kZW1vLmNvbTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAO+DB4oH0VHxb70tGUjAkYrsbZAWbQJPhHkzE3I2 -psIFfHzFsyW7U6sZ+N9uQqr1yHErNh/nNPQu6Qbn1s5MBRXBKUjKJBhMo3isVzJs -YVAvqtvMqlomIpvJe27SWYTGt7aUkGlrvlJdEnLUrdDqTNqJ8avbPCjewdMzPbQp -si2fviF8cd8ho0UZNVbVclXjzSC3X+xGQWVx7tnWsX9hrrGH0JlfigBv6/mG1/ux -l4dsGf5RlVK+Aej86Iv81BqAO4u2bP2Nkv8l7EQ/FBuo4ndLJTuLgboh2vUSI8Ta -HtTQKoqwY8AVTQG83yjgu3/6oruSYSINKh22+dLV1Ly2c28CAwEAAaAAMA0GCSqG -SIb3DQEBCwUAA4IBAQCVy2KgCiuQWWgy735Ym9hHoDaUtLgU1MG62s+ECgYlzz6j -ft88gCqZxVIMFUNqowekh9wan9XlGKYBwdPXpkIRB1Zg4mFoPamD6AMZEfUT1ooK -XJ0K6LE7Q4XY+HR/tHDsAf71QyKFblcIuRcIMFbOcp8paQENjYJpqiXfvQbmV7lS -StkIX3A2BBvogCc4qPZ90QHyOaALuVuquCkh1ULJhNLq+6sVW+bhUs9fGTOuhnJU -zYohoIJznxr5xglsLA5VnjZkmbtdewoHrvY+tNaAVEXFMEF9oBr8jtVuUiQGk7mF -o+dC43546tSaiqNxZ13rHsMDucC9fAS/O8AdeGr7 +AQEBBQADggEPADCCAQoCggEBAMCxxF4I801+mezLzyNSAIMIhBrhcj5fG/KP7WPf +tpr77OxFOKCtww0RaBsJExn7i8LLboSpZRNkMiK+UDehZn1loorYzqL5RFUUyeWt +u+GF3rPSs7hZcOkU/Vg49ohJIHQeyln0I2qAlq44Tbda84f40aXJh7C5qTokGAT3 +iKalU5ytaK4rEOt+dqp5qXqwfJXI+99aynmw8GSKPcuZy/6g88B93QSUHharzbj3 +Ene+pa6cvvRkwN5RYEECclIksMwQ9NOSyiluHxHHZZT2vv4ywLijv2rZvunb9fOs +O6IyDHHoq+ePY5/VFMr1l30n15fuvAJLtRUxRYUXUujjLFkCAwEAAaAAMA0GCSqG +SIb3DQEBCwUAA4IBAQBLD12Bwb5YZE0PSLMm37/KMoN1nl1bug002HXGjtK48I+J +8pyd4BX5yW69gIP/CeHouDqJ/vhTdJmm/mLsexcby21RW55XYouCGLT/Cmh5qj+K +HmcMR6lo38Q324cjNaMiqX8yAthbfWIC2Wupzb69SUiaXqXZ7F5dC+tB8DSVEvIY +LBwxcXQBHC4C4k5aCIaPTlA20wdT0CKmD914Jby+iP5HP64nvc5yxacjKO+uOwNB +AZe/uLWeCJs6v372oiFaiN+m8EQhmcD/2i8qSiFCcC3V3MRAZitoJseaYnRR9Aev +wYCI6lpn2nCdM/L0+uOxZ2sA3hkb2muoUSPaRLq/ -----END CERTIFICATE REQUEST----- diff --git a/examples/SSLDemo/certs/server.key b/examples/SSLDemo/certs/server.key index 622c9b9..8338ebe 100644 --- a/examples/SSLDemo/certs/server.key +++ b/examples/SSLDemo/certs/server.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEA74MHigfRUfFvvS0ZSMCRiuxtkBZtAk+EeTMTcjamwgV8fMWz -JbtTqxn4325CqvXIcSs2H+c09C7pBufWzkwFFcEpSMokGEyjeKxXMmxhUC+q28yq -WiYim8l7btJZhMa3tpSQaWu+Ul0SctSt0OpM2onxq9s8KN7B0zM9tCmyLZ++IXxx -3yGjRRk1VtVyVePNILdf7EZBZXHu2daxf2GusYfQmV+KAG/r+YbX+7GXh2wZ/lGV -Ur4B6Pzoi/zUGoA7i7Zs/Y2S/yXsRD8UG6jid0slO4uBuiHa9RIjxNoe1NAqirBj -wBVNAbzfKOC7f/qiu5JhIg0qHbb50tXUvLZzbwIDAQABAoIBADt/OSg4uO66Ix/D -TDyeWYlBIhZg+8NPLYFOBs6gdNxNsJbuJYqB9k7SrNgT88u0Mo6qRU+3h5gA7zIf -9WRZzgmRakgCruS6ZQFdDmwgMCxTKwZe2RJ71q0MZ/Unm8U39/sK/LSzZxvesu6D -looHKgA/tCEU3OTqMQvd9r4CfZiHUxHMdVbaV4skgLxUVSrkwPEv1OyreRsr6iVF -o+NJIN+WdPz236vrooYI91H17j8Tl5acHluu7Dr/q696FUYmrnfyO6dVMjai99fW -1124BGBH7kefJIDuxaur8J2txR4OBEVVhSx2Ghpe2JfNjZvpmia2m9Wo4t3JUSL0 -mxRl54ECgYEA+5kMNi9zDPKuGmUPLFsQAfk4eqcF69paBnEMOTd2nvWz03p/ugTW -o2bFs9s4McYJvnvWLSDlKP6NVIuSLaEBYuIHvjwR245NDxu9p+u9PTHZxbApkxNj -C3H/aIm/k0wtzHf943ShvLspjFqw7+q/nCf0T0oMrJaWkZWVI4vn1GcCgYEA87PY -qNPKiii3JwIMcgV9b3rDG6ulIj0lKKx5T8Jd+dVgLqGk3aah/PEsnVnBeg5YEB8r -MfqJ2OKzZ3t7jvJTX4pY9Q1zxFZ5R+rCWN5JdVZbofkekK29EkXIscVBf6YFlgAt -PbdVxZtZSKMRJB8+c+P9ovK5B0xQGg0bfJdRQ7kCgYEA8coFiFVVVc4rL0aLrG7f -FWZytryo3h57gdFGk/4PS3iJFuWUtipMM8BioxQ8DulpF9xe2gPQ9vKa0/NFyf// -Gw5prpJ//uXkfG6Gd0gAFz0/MdK4QZXSC3/Emqw2pdIB+YwfPGYrwPqFVVMa05Zg -CiwDh+d8Aqi9jq+YIg8j/mUCgYEAqzxGUzIlkXhUYOtWlVN4NLmcmDe+G1W9Y1v1 -DW70G1SrdXiM4FVyYsmPYKytfrbPd9x+vGpfK273QhII2oM4w9vw75bZLi7Ynwi8 -MDdYhEL+tcvWhzActtcj0o1YnXmpWSGcqE3Gzcd/L8OsiqYNet7K3BESo6cibXui -QaQNLLkCgYEA+tUOLkaJZlOuiEE5H5RDmFyC46G6R3Ukd5CQ/Dp4U75NLTIlEuGw -lIV/vcA0vy6WPL6rX2Gdm30oYq+xb+m9bDDCaXnkOxdPr5+1Zg4n3ibcFbBz/wmF -MjcYzC/D6dGK4r6h3tZeX7byNDVM26+qMJlgYd31FhoiFjlPLGuqFrs= +MIIEpAIBAAKCAQEAwLHEXgjzTX6Z7MvPI1IAgwiEGuFyPl8b8o/tY9+2mvvs7EU4 +oK3DDRFoGwkTGfuLwstuhKllE2QyIr5QN6FmfWWiitjOovlEVRTJ5a274YXes9Kz +uFlw6RT9WDj2iEkgdB7KWfQjaoCWrjhNt1rzh/jRpcmHsLmpOiQYBPeIpqVTnK1o +risQ6352qnmperB8lcj731rKebDwZIo9y5nL/qDzwH3dBJQeFqvNuPcSd76lrpy+ +9GTA3lFgQQJyUiSwzBD005LKKW4fEcdllPa+/jLAuKO/atm+6dv186w7ojIMceir +549jn9UUyvWXfSfXl+68Aku1FTFFhRdS6OMsWQIDAQABAoIBAQCQot5qVv2JJYYU +H8cTE/IeaL4AD0jZWDp6D154oOtH2eE0V6Dxunu1y2MBKAaWciGtzVTfbubXb1XS +jldX6mYrqaYf4iz4V3HbCwegxo9H8FwBTh5oOXpu+bpQBjHGil05zALHEmGjB3IS +w2BSSIqTfUif0G1xUWqcoYsF72c67X0O2lFhhJdG+pP9jje1xliPVzRX4YHfNOj0 +erxfaZlljYNSN9c4l/GwCMsoXyYSsrCqp8LfM8TLO99MiZNpzP4uwTJcqV+bxOkA +t6/L78Y/YwYps5bWbhkVBU8osPqX9CsjCvuG3b8aElBHDjclWZqp5E8/N32+Zcxz +w5z+wcgBAoGBAP6xCRLP+LvFzMBkO5jgsIfXrv5EhTtzhslk9ZVHNvoI9BHgp/6s +XzZOn5lgS+7RB4E6V3UPOPNq11lEPVLrW6OIraUhQsbyUa8TS2DITtEm4HmV3QZ9 +4yoDPDxUWy5KT8DnKuHfL55u7KC38DtmsHzgHFQ0aUuvHL5zBokCAY/5AoGBAMGv +McLCZX7C7nr9FQd2lJf/LL9zq0Aq+XDuU1T9lvCwZ28tbCfIU/5DZIha8kGTWiis +Q7gvk3KHv5UenOfYhiXj7VwdP2ulKibGPCbAwFCD4fciecg8ah17WDhHmHoVUdAw +KIBf69VjHBuDpT0tfDmvYDNpblr2kbPb+/fkzldhAoGBAKZWlSh2L2rjSlA0pj+4 +L1Lo6F8j/SfQ0azihQnTkvJFurGaWd2YUi6ztsSDAdSdLBuYMNpA8N75Xl/sk2h+ +UkFB2LbKPESWqgZ/wXEaIW+zxlNiLxI4UY50wnhcV5ip6+B+maEfFIiSxXRJ7Vm+ +PXGxJI9SE5rcaRdxJEmCx+ZxAoGAKtl6lc7yK2gu4JDLLTqDx1jR6o1JjsmzI9Pm +JcBwu1EboRIYgnikdHUucahFPlK+OI9b8Ay+fzEfJnt+VSCnFQzm/2ENHeCNgcSL +nDs6kNWMkWNUNAOBqoIWU2Uri57Z2cg9vaD7CNuDZWbrkKxWdmChVN53ZrJ0K6l4 +hjBdoiECgYA2jgAPqVMY+12vipImOAZ9+/Ly8aVgFqZFN4DJOk8HjvMlBOEfq/cJ +cOPMgS2yZ8Rtqg/u7YxFBSVuLwqH/u+q/Ld1rymALM8Ilja0A7FPUUTnuq6iYFD9 +n/1eQW6jCQQY+ALo2MIZ4co0MviK8lj4kC8occqojllFQPU88xt32w== -----END RSA PRIVATE KEY----- diff --git a/examples/SSLDemo/certs/server1.crt b/examples/SSLDemo/certs/server1.crt new file mode 100644 index 0000000..4c93f2a --- /dev/null +++ b/examples/SSLDemo/certs/server1.crt @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICsTCCAZkCFFwVYVZ4Uu9R0mhodJQCkUUSelbGMA0GCSqGSIb3DQEBCwUAMBUx +EzARBgNVBAMMCiouZGVtby5jb20wHhcNMjAwMjE0MTI0OTA2WhcNMzMxMDIzMTI0 +OTA2WjAVMRMwEQYDVQQDDAoqLmRlbW8uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEA3o5I31gvK3AiF0sFAtHSt1diLMZEG1JtkeaKm9lIQgzqdG8+ +f2nZPVAvU66M3B6uiYMU/QQVh3KAXF5bMyKhJtLGNYHqj6VoJatvWVdb1iasQW9M +8eGl2exxDMTPHWJ44vOYLcXJ6M3WRcfIXHC9K3rIjz2bWjDqHU8Y0fecCSJX8ctR +gxgNBwM41P45dExbxQp5RGye7TOfXnf0yQJReFx2JDzzYqQ61VoqlkTw2RkuSr0Q +ydr8S7CuReWF0xbKzMGf1L+SzmyGB2SAc9jkJ7T3Y4B36iy3y8hvMBTbCmke4ZpO +FDrTw95wfC611nTXNKjUOlulKxSf+cfhACPFWwIDAQABMA0GCSqGSIb3DQEBCwUA +A4IBAQCpQEXaFJiXSLeL9HKnvIexlxWfjTvikMoNR0t3UMxShazKE5gkQSw3WtCo +E+LmmDvt0bqn54fk77oWxwZTx/qe8vJwpo0/gl/tNnGnzdzIAXk10G1W7kWkU2eG +gpvYcQXKpW0QORHRzEXMbGIzdqjZOaFZYA+VtbtFB0cSLx8eNtd/bKxtwZyl66es +uhPF40TnH6ccyq0Z2WuQylG4aSZ7qQcxCJUKj/Ych1+wr45ncgTZIsKXPBd0k7Kx +xYvEuW8WGSjpJD8qPXt8hEwWpOfwLsmpnF1kMyaONLSHcqhfNU0bPTolLUSDJxkY +0JVVfeStdEsrmos1SrpEjD+wGlng +-----END CERTIFICATE----- diff --git a/examples/SSLDemo/certs/server1.csr b/examples/SSLDemo/certs/server1.csr new file mode 100644 index 0000000..c6a72f8 --- /dev/null +++ b/examples/SSLDemo/certs/server1.csr @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICWjCCAUICAQAwFTETMBEGA1UEAwwKKi5kZW1vLmNvbTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAN6OSN9YLytwIhdLBQLR0rdXYizGRBtSbZHmipvZ +SEIM6nRvPn9p2T1QL1OujNweromDFP0EFYdygFxeWzMioSbSxjWB6o+laCWrb1lX +W9YmrEFvTPHhpdnscQzEzx1ieOLzmC3FyejN1kXHyFxwvSt6yI89m1ow6h1PGNH3 +nAkiV/HLUYMYDQcDONT+OXRMW8UKeURsnu0zn1539MkCUXhcdiQ882KkOtVaKpZE +8NkZLkq9EMna/EuwrkXlhdMWyszBn9S/ks5shgdkgHPY5Ce092OAd+ost8vIbzAU +2wppHuGaThQ608PecHwutdZ01zSo1DpbpSsUn/nH4QAjxVsCAwEAAaAAMA0GCSqG +SIb3DQEBCwUAA4IBAQBUY5PIac76NGf+rHFG0xAXrZDuttwJOUjywz0La//+iPPK +RFm+x+LK5tLc6Iunfo3Po7BedISIQ1+QxA8l2x6SmEczrJxGolwgjkj4iozhL5m+ +UKbsKF6V+3ZF7wHcbVZ9dCQsr6dO39Qg4x07U0DUDll4L3bk7cMyZBX2WAq3Tp6u +jBJI96A8VcnVs0lTghQNfJlGBv6OFPXJPHpgJucZ/e4Kpbr/bMxVF/bRRoEaNz1G +1JbieeB4Ohv0P3SzYTj4zgOYV1NTizg1a7SeODFJ3uDtGm2oN3TAzE6yg3ngzxvk +u+F5d+KbhSewBe/AuAWIK1Jn1Ez3NGMoR5zMbKCg +-----END CERTIFICATE REQUEST----- diff --git a/examples/SSLDemo/certs/server1.key b/examples/SSLDemo/certs/server1.key new file mode 100644 index 0000000..5624a76 --- /dev/null +++ b/examples/SSLDemo/certs/server1.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA3o5I31gvK3AiF0sFAtHSt1diLMZEG1JtkeaKm9lIQgzqdG8+ +f2nZPVAvU66M3B6uiYMU/QQVh3KAXF5bMyKhJtLGNYHqj6VoJatvWVdb1iasQW9M +8eGl2exxDMTPHWJ44vOYLcXJ6M3WRcfIXHC9K3rIjz2bWjDqHU8Y0fecCSJX8ctR +gxgNBwM41P45dExbxQp5RGye7TOfXnf0yQJReFx2JDzzYqQ61VoqlkTw2RkuSr0Q +ydr8S7CuReWF0xbKzMGf1L+SzmyGB2SAc9jkJ7T3Y4B36iy3y8hvMBTbCmke4ZpO +FDrTw95wfC611nTXNKjUOlulKxSf+cfhACPFWwIDAQABAoIBADGK4QP/AHkd/CjN +RW9MQCkaJbur4ytl3QhWltJ8uw4hC+whe3snl/mDKRXqzGaP2fC4omp0h0pgndxy +EMFAWzlmQENXCV0yyA1irWXpAYOZlkz2tt09iwsJDF14TlbPPfPfoCfIWNsfPyzH +fX2+hw3vxkfEwhmAvA0MN40+HpkVhsg2nEMGnFYmViFtVW5smZ/xt9kBenzdhC3X +OUmRZy5/MlFfTCPpf0NBG2rDMqwDUqdghRVza84cnC+iOoV7fb2YFjjhRUhYPbvs +EM4S0nSZ6QoR8k82UItJmjV2LaEQ3R0GNDaTyOMB1+hvR0Jarfp6DAjnw8euRQlL +wSEIV7kCgYEA9Xk8/Aoj4B1yoGXVOCwKrdO4IaLjS9N8ZN1WVEYAh1yDTy+FvJXk +qCoiiHgot18Hgz6vwrUp5YYQJ5VaSJyvU+N0cX5G2Qec4KIJnftzPcIagxCx+Kvv +APp2UGSGX40CEcJP29L0O02TQNcHESu5SJAG11n+w+L1CH+uLMFbdVUCgYEA6Bl1 +meV8tLdnAMaOU5oG9vu0J9Gp1Ncj/KkvZkZ9v8rppmkmXkcl9ZaXsaHCE1etEwnj +/Xxe8dw9C1gdbKF/AmCKIGfaO+7T5CSORLdULlRmgK1ejhphce7ruNxcOY9K1O/s +tB1NsbLxRj3MCIS51Or/Zss0Pt9CRT1WUrhcT+8CgYEAyh1mGjwbJ+f3Ppw6QEL7 +E/8USBW/QurCLKaV81OkEdAZifSeEBX3LINs5aLSG5HSNL1DqHTUJ1kIKh9uNAVW +0yKf+Oa5XO9IuyiP9JVaYMpWW/4+G3stkkenbTAn97q5rneom14JnF6WVTf3aKrw +pw93oo9GFnHjwXinp9AZBvUCgYEAylRfY3BdvQBgh5mPuyt7xNT5YPjyLvv5gClQ +i70JpCdUdeAWNXuaiLPlu1EC6W+2DfHCUViZQAg5IumGhQtnt//Giade5H43Mxv2 +9cpHVTf4P1ZjJkezCOo5jWZz8y2KE4Sv+PfOogkXMZ9vfUGO6iCN0uNzwRdJIyjs +VqImvvsCgYAeimY5ZUIKKXPSjEI/k0mEAcYrIY4JVRn1ZN6AZju0L50k0QM+VZFp +FKhfm79TGCsoWgufa4Dhe5H4gMx1UtkYVpvPnkvlcPYCsLSiSXYZO7A6fOgrPdny +15IUMoM/8DfYtEiFa3sQRd/yhhDMHk4RFtE380BpUlds17PWS7zRjQ== +-----END RSA PRIVATE KEY----- diff --git a/examples/scripts/run-co.sh b/examples/scripts/run-co.sh index c7dccee..972be5b 100644 --- a/examples/scripts/run-co.sh +++ b/examples/scripts/run-co.sh @@ -25,9 +25,9 @@ sleep 1 echo "client: ./bin/CoroutineDemoClient" -./bin/CoroutineDemoClient 2 10000 0 +./bin/CoroutineDemoClient --count=10000 --call=serial --thread=2 --buffersize=100 --netthread=2 -./bin/CoroutineDemoClient 2 10000 1 +./bin/CoroutineDemoClient --count=10000 --call=parallel --thread=2 --buffersize=100 --netthread=2 ./bin/testCoro 1000 diff --git a/examples/scripts/run-http.sh b/examples/scripts/run-http.sh index 7f48653..226c1fd 100644 --- a/examples/scripts/run-http.sh +++ b/examples/scripts/run-http.sh @@ -14,7 +14,7 @@ sleep 1 echo "client: ./bin/HttpClient" ./bin/HttpClient --count=10000 --thread=2 --call=basehttp -./bin/HttpClient --count=10000 --thread=2 --call=synchttp +#./bin/HttpClient --count=10000 --thread=2 --call=synchttp sleep 1 diff --git a/examples/scripts/run-ssl.bat b/examples/scripts/run-ssl.bat index b5a2306..e0a455a 100644 --- a/examples/scripts/run-ssl.bat +++ b/examples/scripts/run-ssl.bat @@ -15,6 +15,9 @@ echo "client: .\\bin\\Release\\SSLClient.exe" .\\bin\\Release\\SSLClient.exe --count=10000 --thread=2 --call=sync --buffersize=1000 --netthread=1 .\\bin\\Release\\SSLClient.exe --count=10000 --thread=2 --call=async --buffersize=1000 --netthread=1 +.\\bin\\Release\\SSLClient.exe --count=10000 --thread=2 --call=syncauth --buffersize=1000 --netthread=1 +.\\bin\\Release\\SSLClient.exe --count=10000 --thread=2 --call=asyncauth --buffersize=1000 --netthread=1 + sleep 1 killall -9 SSLServer.exe diff --git a/examples/scripts/run-ssl.sh b/examples/scripts/run-ssl.sh index 6ae529f..4e10bfe 100644 --- a/examples/scripts/run-ssl.sh +++ b/examples/scripts/run-ssl.sh @@ -13,8 +13,17 @@ sleep 1 echo "client: ./bin/SSLClient" -./bin/SSLClient --config=../examples/SSLDemo/Client/config.conf --count=10000 --thread=2 --call=sync --buffersize=1000 --netthread=1 -./bin/SSLClient --config=../examples/SSLDemo/Client/config.conf --count=10000 --thread=2 --call=async --buffersize=1000 --netthread=1 +./bin/SSLClient --config=../examples/SSLDemo/Client/config.conf --count=10000 --thread=2 --call=sync --buffersize=100 --netthread=1 +./bin/SSLClient --config=../examples/SSLDemo/Client/config.conf --count=10000 --thread=2 --call=async --buffersize=100 --netthread=1 + +./bin/SSLClient --config=../examples/SSLDemo/Client/config.conf --count=10000 --thread=2 --call=sync1 --buffersize=100 --netthread=1 +./bin/SSLClient --config=../examples/SSLDemo/Client/config.conf --count=10000 --thread=2 --call=async1 --buffersize=100 --netthread=1 + +./bin/SSLClient --config=../examples/SSLDemo/Client/config.conf --count=10000 --thread=2 --call=sync2 --buffersize=100 --netthread=1 +./bin/SSLClient --config=../examples/SSLDemo/Client/config.conf --count=10000 --thread=2 --call=async2 --buffersize=100 --netthread=1 + +./bin/SSLClient --config=../examples/SSLDemo/Client/config.conf --count=10000 --thread=2 --call=sync3 --buffersize=100 --netthread=1 +./bin/SSLClient --config=../examples/SSLDemo/Client/config.conf --count=10000 --thread=2 --call=async3 --buffersize=100 --netthread=1 sleep 1 diff --git a/servant/libservant/Application.cpp b/servant/libservant/Application.cpp index b7964be..16eed0c 100644 --- a/servant/libservant/Application.cpp +++ b/servant/libservant/Application.cpp @@ -40,7 +40,7 @@ // #include #if TARS_SSL -#include "util/tc_sslmgr.h" +#include "util/tc_openssl.h" #endif @@ -622,6 +622,7 @@ void Application::main(const TC_Option &option) #if TARGET_PLATFORM_LINUX || TARGET_PLATFORM_IOS TC_Common::ignorePipe(); #endif + //解析配置文件 parseConfig(option); @@ -885,6 +886,39 @@ void Application::addServantOnClose(const string& servant, const TC_EpollServer: getEpollServer()->getBindAdapter(adapterName)->setOnClose(cf); } +void Application::outServer(ostream &os) +{ + os << TC_Common::outfill("Application(app)") << ServerConfig::Application << endl; + os << TC_Common::outfill("ServerName(server)") << ServerConfig::ServerName << endl; + os << TC_Common::outfill("BasePath(basepath)") << ServerConfig::BasePath << endl; + os << TC_Common::outfill("DataPath(datapath)") << ServerConfig::DataPath << endl; + os << TC_Common::outfill("LocalIp(localip)") << ServerConfig::LocalIp << endl; + os << TC_Common::outfill("Local(local)") << ServerConfig::Local << endl; + os << TC_Common::outfill("LogPath(logpath)") << ServerConfig::LogPath << endl; + os << TC_Common::outfill("LogSize(logsize)") << ServerConfig::LogSize << endl; + os << TC_Common::outfill("LogNum(lognum)") << ServerConfig::LogNum << endl; + os << TC_Common::outfill("LogLevel(loglevel)") << ServerConfig::LogLevel << endl; + os << TC_Common::outfill("Log(log)") << ServerConfig::Log << endl; + os << TC_Common::outfill("Node(node)") << ServerConfig::Node << endl; + os << TC_Common::outfill("Config(config)") << ServerConfig::Config << endl; + os << TC_Common::outfill("Notify(notify)") << ServerConfig::Notify << endl; + os << TC_Common::outfill("OpenCoroutine(opencoroutine)") << ServerConfig::OpenCoroutine << endl; + os << TC_Common::outfill("CoroutineMemSize(coroutinememsize)") << ServerConfig::CoroutineMemSize << endl; + os << TC_Common::outfill("CoroutineStackSize(coroutinestack)") << ServerConfig::CoroutineStackSize << endl; + os << TC_Common::outfill("CloseCout(closecout)") << ServerConfig::CloseCout << endl; + os << TC_Common::outfill("NetThread(netthread)") << ServerConfig::NetThread << endl; + os << TC_Common::outfill("ManualListen(manuallisten)") << ServerConfig::ManualListen << endl; + os << TC_Common::outfill("MergeNetImp(mergenetimp)") << ServerConfig::MergeNetImp << endl; + os << TC_Common::outfill("ReportFlow") << ServerConfig::ReportFlow<< endl; +#if TARS_SSL + cout << TC_Common::outfill("Ca") << ServerConfig::CA << endl; + cout << TC_Common::outfill("Cert") << ServerConfig::Cert << endl; + cout << TC_Common::outfill("Key") << ServerConfig::Key << endl; + cout << TC_Common::outfill("VerifyClient") << ServerConfig::VerifyClient << endl; +#endif + +} + void Application::initializeServer() { @@ -956,12 +990,13 @@ void Application::initializeServer() ServerConfig::Key = _conf.get("/tars/application/server"); ServerConfig::VerifyClient = _conf.get("/tars/application/server","0")=="0"?false:true; - bool flag = TC_SSLManager::getInstance()->addCtx("server", ServerConfig::CA, ServerConfig::Cert, ServerConfig::Key, ServerConfig::VerifyClient); + if(!ServerConfig::Cert.empty()) { + _ctx = TC_OpenSSL::newCtx(ServerConfig::CA, ServerConfig::Cert, ServerConfig::Key, ServerConfig::VerifyClient); - if(!flag) - { - TLOGERROR("[TARS]load server ssl error, ca:" << ServerConfig::CA << endl); - exit(-1); + if (!_ctx) { + TLOGERROR("[TARS]load server ssl error, ca:" << ServerConfig::CA << endl); + exit(-1); + } } #endif @@ -1071,7 +1106,9 @@ void Application::initializeServer() TC_EpollServer::BindAdapterPtr lsPtr = new TC_EpollServer::BindAdapter(_epollServer.get()); - lsPtr->setName("AdminAdapter"); + setAdapter(lsPtr, "AdminAdapter"); + +// lsPtr->setName("AdminAdapter"); lsPtr->setEndpoint(ServerConfig::Local); @@ -1104,35 +1141,44 @@ void Application::initializeServer() } -void Application::outServer(ostream &os) +void Application::setAdapter(TC_EpollServer::BindAdapterPtr& adapter, const string &name) { - os << TC_Common::outfill("Application(app)") << ServerConfig::Application << endl; - os << TC_Common::outfill("ServerName(server)") << ServerConfig::ServerName << endl; - os << TC_Common::outfill("BasePath(basepath)") << ServerConfig::BasePath << endl; - os << TC_Common::outfill("DataPath(datapath)") << ServerConfig::DataPath << endl; - os << TC_Common::outfill("LocalIp(localip)") << ServerConfig::LocalIp << endl; - os << TC_Common::outfill("Local(local)") << ServerConfig::Local << endl; - os << TC_Common::outfill("LogPath(logpath)") << ServerConfig::LogPath << endl; - os << TC_Common::outfill("LogSize(logsize)") << ServerConfig::LogSize << endl; - os << TC_Common::outfill("LogNum(lognum)") << ServerConfig::LogNum << endl; - os << TC_Common::outfill("LogLevel(loglevel)") << ServerConfig::LogLevel << endl; - os << TC_Common::outfill("Log(log)") << ServerConfig::Log << endl; - os << TC_Common::outfill("Node(node)") << ServerConfig::Node << endl; - os << TC_Common::outfill("Config(config)") << ServerConfig::Config << endl; - os << TC_Common::outfill("Notify(notify)") << ServerConfig::Notify << endl; - os << TC_Common::outfill("OpenCoroutine(opencoroutine)") << ServerConfig::OpenCoroutine << endl; - os << TC_Common::outfill("CoroutineMemSize(coroutinememsize)") << ServerConfig::CoroutineMemSize << endl; - os << TC_Common::outfill("CoroutineStackSize(coroutinestack)") << ServerConfig::CoroutineStackSize << endl; - os << TC_Common::outfill("CloseCout(closecout)") << ServerConfig::CloseCout << endl; - os << TC_Common::outfill("NetThread(netthread)") << ServerConfig::NetThread << endl; - os << TC_Common::outfill("ManualListen(manuallisten)") << ServerConfig::ManualListen << endl; - os << TC_Common::outfill("MergeNetImp(mergenetimp)") << ServerConfig::MergeNetImp << endl; - os << TC_Common::outfill("ReportFlow") << ServerConfig::ReportFlow<< endl; + adapter->setName(name); + + // 设置该obj的鉴权账号密码,只要一组就够了 + { + std::string accKey = _conf.get("/tars/application/server/" + name + ""); + std::string secretKey = _conf.get("/tars/application/server/" + name + ""); + + if (!accKey.empty()) + adapter->setAkSk(accKey, secretKey); + + adapter->setAuthProcessWrapper(&tars::processAuth); + } + #if TARS_SSL - cout << TC_Common::outfill("Ca") << ServerConfig::CA << endl; - cout << TC_Common::outfill("Cert") << ServerConfig::Cert << endl; - cout << TC_Common::outfill("Key") << ServerConfig::Key << endl; - cout << TC_Common::outfill("VerifyClient") << ServerConfig::VerifyClient << endl; + string cert = _conf.get("/tars/application/server/" + name + ""); + + if (!cert.empty()) + { + string ca = _conf.get("/tars/application/server/" + name + ""); + string key = _conf.get("/tars/application/server/" + name + ""); + bool verifyClient = + _conf.get("/tars/application/server/" + name + "", "0") == "0" ? false : true; + + shared_ptr ctx = TC_OpenSSL::newCtx(ca, cert, key, verifyClient); + + if (!ctx) { + TLOGERROR("[TARS]load server ssl error, cert:" << cert << endl); + exit(-1); + } + + adapter->setSSLCtx(ctx); + } + else + { + adapter->setSSLCtx(_ctx); + } #endif } @@ -1159,16 +1205,8 @@ void Application::bindAdapter(vector& adapters) TC_EpollServer::BindAdapterPtr bindAdapter = new TC_EpollServer::BindAdapter(_epollServer.get()); - // 设置该obj的鉴权账号密码,只要一组就够了 - { - std::string accKey = _conf.get("/tars/application/server/" + adapterName[i] + ""); - std::string secretKey = _conf.get("/tars/application/server/" + adapterName[i] + ""); - - if (!accKey.empty()) - bindAdapter->setAkSk(accKey, secretKey); - - bindAdapter->setAuthProcessWrapper(&tars::processAuth); - } + //init auth & ssl + setAdapter(bindAdapter, adapterName[i]); string sLastPath = "/tars/application/server/" + adapterName[i]; TC_Endpoint ep; @@ -1203,7 +1241,6 @@ void Application::bindAdapter(vector& adapters) bindAdapter->setHandle(TC_Common::strto(_conf.get(sLastPath + "", "0"))); - // bindAdapter->setBackPacketBuffLimit(iBackPacketBuffLimit); if(ServerConfig::ManualListen) { //手工监听 bindAdapter->enableManualListen(); diff --git a/servant/libservant/AuthLogic.cpp b/servant/libservant/AuthLogic.cpp index 68a3b72..e5b669b 100644 --- a/servant/libservant/AuthLogic.cpp +++ b/servant/libservant/AuthLogic.cpp @@ -29,34 +29,38 @@ namespace tars bool processAuth(TC_EpollServer::Connection *conn, const shared_ptr &data) { - // TC_EpollServer::NetThread::Connection* const conn = (TC_EpollServer::NetThread::Connection*)c; - // conn->tryInitAuthState(AUTH_INIT); + conn->tryInitAuthState(AUTH_INIT); if (conn->_authState == AUTH_SUCC) return false; // data to be processed TC_EpollServer::BindAdapterPtr adapter = data->adapter(); - const int type = adapter->getEndpoint().getAuthType(); + int type = adapter->getEndpoint().getAuthType(); if (type == AUTH_TYPENONE) { - adapter->getEpollServer()->info("no auth func, so eAuthSucc"); + adapter->getEpollServer()->info("[TARS]processAuth no need auth func, auth succ"); conn->_authState = AUTH_SUCC; return false; } // got auth request RequestPacket request; + if (adapter->isTarsProtocol()) { TarsInputStream is; + is.setBuffer(data->buffer().data(), data->buffer().size()); - try { + + try + { request.readFrom(is); - ostringstream oos; - request.display(oos); } - catch(...) { + catch(...) + { + adapter->getEpollServer()->error("[TARS]processAuth tars protocol decode error, close connection."); + conn->setClose(); return true; } @@ -66,7 +70,7 @@ bool processAuth(TC_EpollServer::Connection *conn, const shared_ptrbuffer(); } - const int currentState = conn->_authState; + int currentState = conn->_authState; int newstate = tars::defaultProcessAuthReq(request.sBuffer.data(), request.sBuffer.size(), adapter->getName()); std::string out = tars::etos((tars::AUTH_STATE)newstate); @@ -79,7 +83,7 @@ bool processAuth(TC_EpollServer::Connection *conn, const shared_ptrgetEpollServer()->info(TC_Common::tostr(conn->getId()) + "'s auth response[" + out + "], change state from " + - TC_Common::tostr(currentState) + " to " + out); + tars::etos((tars::AUTH_STATE)currentState) + " to " + out); conn->_authState = newstate; shared_ptr sData = data->createSendContext(); @@ -101,15 +105,19 @@ bool processAuth(TC_EpollServer::Connection *conn, const shared_ptr buff; - sData->buffer()->swap(os.getByteBuffer()); + buff.swap(os.getByteBuffer()); - //重写头4个字节 - memcpy(sData->buffer()->buffer(), (const char *)&iHeaderLen, sizeof(iHeaderLen)); + assert(buff.size() >= 4); + iHeaderLen = htonl((int)(buff.size())); + + memcpy((void*)buff.data(), (const char *)&iHeaderLen, sizeof(iHeaderLen)); + + sData->buffer()->swap(buff); } else { @@ -230,7 +238,7 @@ string defaultCreateAuthReq(const BasicAuthInfo& info /*, const string& hashMeth { // 明文:objName, accessKey, time, hashMethod // 密文:use TmpKey to enc secret1; - TarsOutputStream os; + TarsOutputStream os; BasicAuthPackage pkg; pkg.sObjName = info.sObjName; pkg.sAccessKey = info.sAccessKey; @@ -260,7 +268,7 @@ string defaultCreateAuthReq(const BasicAuthInfo& info /*, const string& hashMeth pkg.sSignature.assign(secret1Enc.begin(), secret1Enc.end()); pkg.writeTo(os); - return string(os.getBuffer(), os.getLength()); + return os.getByteBuffer(); } } // end namespace tars diff --git a/servant/libservant/Communicator.cpp b/servant/libservant/Communicator.cpp index 1f10c10..d94c489 100644 --- a/servant/libservant/Communicator.cpp +++ b/servant/libservant/Communicator.cpp @@ -15,9 +15,6 @@ */ #include "util/tc_file.h" -#if TARS_SSL -#include "util/tc_sslmgr.h" -#endif #include "servant/Communicator.h" #include "servant/StatReport.h" @@ -77,6 +74,60 @@ bool Communicator::isTerminating() return _terminating; } +map Communicator::getServantProperty(const string &sObj) +{ + TC_LockT lock(*this); + + auto it = _objInfo.find(sObj); + if(it != _objInfo.end()) + { + return it->second; + } + + return map(); +} + +void Communicator::setServantProperty(const string &sObj, const string& name, const string& value) +{ + TC_LockT lock(*this); + + _objInfo[sObj][name] = value; +} + +string Communicator::getServantProperty(const string &sObj, const string& name) +{ + TC_LockT lock(*this); + + auto it = _objInfo.find(sObj); + if(it != _objInfo.end()) + { + auto vit = it->second.find(name); + + if(vit != it->second.end()) + { + return vit->second; + } + } + + return ""; +} + +#if TARS_SSL +shared_ptr Communicator::newClientSSL(const string & objName) +{ + TC_LockT lock(*this); + + auto it = _objCtx.find(objName); + if(it != _objCtx.end()) + { + return TC_OpenSSL::newSSL(it->second); + } + + return TC_OpenSSL::newSSL(_ctx); +} + +#endif + void Communicator::setProperty(TC_Config& conf, const string& domain/* = CONFIG_ROOT_PATH*/) { TC_LockT lock(*this); @@ -90,6 +141,35 @@ void Communicator::setProperty(TC_Config& conf, const string& domain/* = CONFIG_ _properties["setdivision"] = conf.get("/tars/application", "NULL"); } + vector auths; + + if (conf.getDomainVector("/tars/application/client", auths)) + { + for(size_t i = 0; i < auths.size(); i++) + { + map &data = _objInfo[auths[i]]; + data["accesskey"] = conf.get("/tars/application/client/" + auths[i] + ""); + data["secretkey"] = conf.get("/tars/application/client/" + auths[i] + ""); + data["ca"] = conf.get("/tars/application/client/" + auths[i] + ""); + data["cert"] = conf.get("/tars/application/client/" + auths[i] + ""); + data["key"] = conf.get("/tars/application/client/" + auths[i] + ""); +#if TARS_SSL + + if(!data["ca"].empty()) + { + shared_ptr ctx = TC_OpenSSL::newCtx( data["ca"], data["cert"], data["key"], false); + if(!ctx) + { + TLOGERROR("[TARS]load obj:" << auths[i] << ", ssl error, ca:" << data["ca"] << endl); + exit(-1); + } + + _objCtx[auths[i]] = ctx; + } +#endif + } + } + initClientConfig(); } @@ -262,7 +342,6 @@ void Communicator::initialize() _initialized = true; - #if TARS_SSL string ca = getProperty("ca"); @@ -270,9 +349,9 @@ void Communicator::initialize() string key = getProperty("key"); if(!ca.empty()) { - bool flag = TC_SSLManager::getInstance()->addCtx("client", ca, cert, key, false); + _ctx = TC_OpenSSL::newCtx(ca, cert, key, false); - if(!flag) + if(!_ctx) { TLOGERROR("[TARS]load client ssl error, ca:" << ca << endl); exit(-1); diff --git a/servant/libservant/EndpointInfo.cpp b/servant/libservant/EndpointInfo.cpp index 028e22b..3fe6e32 100755 --- a/servant/libservant/EndpointInfo.cpp +++ b/servant/libservant/EndpointInfo.cpp @@ -28,7 +28,7 @@ EndpointInfo::EndpointInfo() , _type(TCP) , _weight(-1) , _weighttype(0) -, _authType(0) +, _authType(AUTH_TYPENONE) , _isIPv6(false) , _addressSucc(false) { @@ -45,7 +45,7 @@ EndpointInfo::EndpointInfo(const string& host, uint16_t port, EndpointInfo::ETyp , _setDivision(setDivision) , _weight(weight) , _weighttype(weighttype) -, _authType(authType) +, _authType((AUTH_TYPE)authType) , _addressSucc(false) { _isIPv6 = TC_Socket::addressIsIPv6(host); diff --git a/servant/libservant/ServantHandle.cpp b/servant/libservant/ServantHandle.cpp index 1a18783..07b68a7 100644 --- a/servant/libservant/ServantHandle.cpp +++ b/servant/libservant/ServantHandle.cpp @@ -67,193 +67,59 @@ ServantHandle::~ServantHandle() void ServantHandle::run() { - initialize(); + try + { + initialize(); - if(!ServerConfig::OpenCoroutine) - { - handleImp(); - } - else - { - unsigned int iThreadNum = getEpollServer()->getLogicThreadNum(); + if (!ServerConfig::OpenCoroutine) { + handleImp(); + } + else { + unsigned int iThreadNum = getEpollServer()->getLogicThreadNum(); - size_t iCoroutineNum = (ServerConfig::CoroutineMemSize > ServerConfig::CoroutineStackSize) ? (ServerConfig::CoroutineMemSize / (ServerConfig::CoroutineStackSize * iThreadNum) ) : 1; - if(iCoroutineNum < 1) - iCoroutineNum = 1; + size_t iCoroutineNum = + (ServerConfig::CoroutineMemSize > ServerConfig::CoroutineStackSize) ? (ServerConfig::CoroutineMemSize + / (ServerConfig::CoroutineStackSize * iThreadNum)) : 1; + if (iCoroutineNum < 1) + iCoroutineNum = 1; - startHandle(); + startHandle(); - _coroSched = new CoroutineScheduler(); - _coroSched->init(iCoroutineNum, ServerConfig::CoroutineStackSize); - _coroSched->setHandle(this); + _coroSched = new CoroutineScheduler(); + _coroSched->init(iCoroutineNum, ServerConfig::CoroutineStackSize); + _coroSched->setHandle(this); - _coroSched->createCoroutine(std::bind(&ServantHandle::handleRequest, this)); + _coroSched->createCoroutine(std::bind(&ServantHandle::handleRequest, this)); - ServantProxyThreadData * pSptd = ServantProxyThreadData::getData(); + ServantProxyThreadData *pSptd = ServantProxyThreadData::getData(); - assert(pSptd != NULL); + assert(pSptd != NULL); - pSptd->_sched = _coroSched; + pSptd->_sched = _coroSched; - while (!getEpollServer()->isTerminate()) - { - _coroSched->tars_run(); - } + while (!getEpollServer()->isTerminate()) { + _coroSched->tars_run(); + } - _coroSched->terminate(); + _coroSched->terminate(); - _coroSched->destroy(); + _coroSched->destroy(); - stopHandle(); - } + stopHandle(); + } + } + catch(exception &ex) + { + TLOGERROR("[TARS]ServantHandle::run exception error:" << ex.what() << endl); + cerr << "[TARS]ServantHandle::run exception error:" << ex.what() << endl; + } + catch(...) + { + TLOGERROR("[TARS]ServantHandle::run unknown exception error." << endl); + cerr << "[TARS]ServantHandle::run unknown exception error." << endl; + } } -// void ServantHandle::handleRequest() -// { -// bool bYield = false; -// while (!getEpollServer()->isTerminate()) -// { -// bool bServerReqEmpty = false; - -// { -// TC_ThreadLock::Lock lock(_handleGroup->monitor); - -// if (allAdapterIsEmpty() && allFilterIsEmpty()) -// { -// if(_coroSched->getResponseCoroSize() > 0) -// { -// bServerReqEmpty = true; -// } -// else -// { -// _handleGroup->monitor.timedWait(3000); -// } -// } -// } - -// //上报心跳 -// heartbeat(); - -// //为了实现所有主逻辑的单线程化,在每次循环中给业务处理自有消息的机会 -// handleAsyncResponse(); - -// handleCustomMessage(true); - -// if(bServerReqEmpty) -// { -// _coroSched->yield(); - -// continue; -// } - -// bYield = false; - -// TC_EpollServer::tagRecvData* recv = NULL; - -// map& adapters = _handleGroup->adapters; - -// for (map::iterator it = adapters.begin(); it != adapters.end(); ++it) -// { -// TC_EpollServer::BindAdapterPtr& adapter = it->second; - -// try -// { -// bool bFlag = true; -// int iLoop = 100; -// while(bFlag && iLoop > 0) -// { -// --iLoop; - -// if(adapter->waitForRecvQueue(recv, 0)) -// { -// bYield = true; - -// //上报心跳 -// heartbeat(); - -// //为了实现所有主逻辑的单线程化,在每次循环中给业务处理自有消息的机会 -// handleAsyncResponse(); - -// TC_EpollServer::tagRecvData& stRecvData = *recv; - -// int64_t now = TNOWMS; - -// stRecvData.adapter = adapter; - -// //数据已超载 overload -// if (stRecvData.isOverload) -// { -// handleOverload(stRecvData); -// delete recv; -// recv = NULL; -// } -// //关闭连接的通知消息 -// else if (stRecvData.isClosed) -// { -// handleClose(stRecvData); -// delete recv; -// recv = NULL; -// } -// //数据在队列中已经超时了 -// else if ( (now - stRecvData.recvTimeStamp) > (int64_t)adapter->getQueueTimeout()) -// { -// handleTimeout(stRecvData); -// delete recv; -// recv = NULL; -// } -// else -// { -// uint32_t iRet = _coroSched->createCoroutine(std::bind(&ServantHandle::handleRecvData, this, recv)); -// if(iRet == 0) -// { -// handleOverload(stRecvData); -// delete recv; -// recv = NULL; -// } -// } -// handleCustomMessage(false); -// } -// else -// { -// bFlag = false; -// bYield = false; -// } -// } - -// if(iLoop == 0) -// bYield = false; -// } -// catch (exception &ex) -// { -// if(recv) -// { -// close(recv->uid, recv->fd); -// delete recv; -// recv = NULL; -// } - -// getEpollServer()->error("[Handle::handleImp] error:" + string(ex.what())); -// } -// catch (...) -// { -// if(recv) -// { -// close(recv->uid, recv->fd); -// delete recv; -// recv = NULL; -// } - -// getEpollServer()->error("[Handle::handleImp] unknown error"); -// } -// } - -// if(!bYield) -// { -// _coroSched->yield(); -// } -// } -// } - void ServantHandle::handleRequest() { @@ -472,24 +338,6 @@ bool ServantHandle::allFilterIsEmpty() void ServantHandle::initialize() { - // map::iterator adpit; - - // map& adapters = _handleGroup->adapters; - - // for (adpit = adapters.begin(); adpit != adapters.end(); ++adpit) - // { - // ServantPtr servant = ServantHelperManager::getInstance()->create(adpit->first); - - // if (servant) - // { - // _servants[servant->getName()] = servant; - // } - // else - // { - // TLOGERROR("[TARS]ServantHandle initialize createServant ret null, for adapter `" + adpit->first + "`" << endl); - // } - // } - ServantPtr servant = ServantHelperManager::getInstance()->create(_bindAdapter->getName()); if (servant) @@ -499,6 +347,8 @@ void ServantHandle::initialize() else { TLOGERROR("[TAF]ServantHandle initialize createServant ret null, for adapter `" +_bindAdapter->getName() + "`" << endl); + cerr << "[TAF]ServantHandle initialize createServant ret null, for adapter `" +_bindAdapter->getName() + "`" << endl; + exit(-1); } map::iterator it = _servants.begin(); diff --git a/servant/libservant/ServantProxy.cpp b/servant/libservant/ServantProxy.cpp index 316c8e4..26de607 100644 --- a/servant/libservant/ServantProxy.cpp +++ b/servant/libservant/ServantProxy.cpp @@ -257,24 +257,29 @@ ServantProxy::ServantProxy(Communicator * pCommunicator, ObjectProxy ** ppObject _minTimeout = 1; } // get AK/SK - const TC_Config& conf = Application::getConfig(); - vector adapterNames; - - if (conf.getDomainVector("/tars/application/client", adapterNames)) - { - auto it = std::find(adapterNames.begin(), adapterNames.end(), tars_name()); - if (it != adapterNames.end()) - { - string accessKey = conf.get("/tars/application/client/" + *it + ""); - string secretKey = conf.get("/tars/application/client/" + *it + ""); +// const TC_Config& conf = Application::getConfig(); +// vector adapterNames; +// +// cout << "accessKey:" << conf.get("/tars/application/client/TestApp.AuthServer.AuthObj") << ", obj:" << tars_name() << endl; +// +// if (conf.getDomainVector("/tars/application/client", adapterNames)) +// { +// cout << TC_Common::tostr(adapterNames.begin(), adapterNames.end()) << ", " << tars_name() << endl; +// auto it = std::find(adapterNames.begin(), adapterNames.end(), tars_name()); +// if (it != adapterNames.end()) +// { +// string accessKey = conf.get("/tars/application/client/" + *it + ""); +// string secretKey = conf.get("/tars/application/client/" + *it + ""); +// +// cout << "accessKey:" << accessKey << ", secretKey:" << secretKey << endl; - for(size_t i = 0;i < _objectProxyNum; ++i) - { - _objectProxy[i]->setAccessKey(accessKey); - _objectProxy[i]->setSecretKey(secretKey); - } - } - } +// for(size_t i = 0;i < _objectProxyNum; ++i) +// { +// _objectProxy[i]->setAccessKey(pCommunicator->getServantProperty(tars_name(), "accesskey")); +// _objectProxy[i]->setSecretKey(pCommunicator->getServantProperty(tars_name(), "secretkey")); +// } +// } +// } } ServantProxy::~ServantProxy() diff --git a/servant/libservant/Transceiver.cpp b/servant/libservant/Transceiver.cpp index c41e2f0..2c193d5 100755 --- a/servant/libservant/Transceiver.cpp +++ b/servant/libservant/Transceiver.cpp @@ -24,7 +24,6 @@ #if TARS_SSL #include "util/tc_openssl.h" -#include "util/tc_sslmgr.h" #endif #if TARS_HTTP2 @@ -99,7 +98,6 @@ void Transceiver::connect() if (_ep.type() == EndpointInfo::UDP) { fd = NetworkUtil::createSocket(true, false, _ep.isIPv6()); - // NetworkUtil::setBlock(fd, false); _connStatus = eConnected; _adapterProxy->getObjProxy()->getCommunicatorEpoll()->addFd(fd, &_fdInfo, EPOLLIN | EPOLLOUT); @@ -107,7 +105,6 @@ void Transceiver::connect() else { fd = NetworkUtil::createSocket(false, false, _ep.isIPv6()); - // NetworkUtil::setBlock(fd, false); _adapterProxy->getObjProxy()->getCommunicatorEpoll()->addFd(fd, &_fdInfo, EPOLLIN | EPOLLOUT); @@ -126,7 +123,7 @@ void Transceiver::connect() _fd = fd; - TLOGTARS("[TARS][Transceiver::connect objname:" << _adapterProxy->getObjProxy()->name() + TLOGTARS("[TARS][Transceiver::connect obj:" << _adapterProxy->getObjProxy()->name() << ",connect:" << _ep.desc() << ",fd:" << _fd << "]" << endl); // //设置网络qos的dscp标志 @@ -170,8 +167,7 @@ void Transceiver::onConnect() #if TARS_SSL if (isSSL()) { - // 分配ssl对象 - _openssl = TC_SSLManager::getInstance()->newSSL("client"); + _openssl = _adapterProxy->getObjProxy()->getCommunicatorEpoll()->getCommunicator()->newClientSSL(_adapterProxy->getObjProxy()->getServantProxy()->tars_name()); if (!_openssl) { ObjectProxy* obj = _adapterProxy->getObjProxy(); @@ -181,6 +177,10 @@ void Transceiver::onConnect() } _openssl->init(false); + + _openssl->setReadBufferSize(1024 * 8); + _openssl->setWriteBufferSize(1024 * 8); + int ret = _openssl->doHandshake(_sendBuffer); if (ret != 0) { @@ -192,7 +192,7 @@ void Transceiver::onConnect() // send the encrypt data from write buffer if (!_sendBuffer.empty()) { - TLOGTARS("[TARS][Transceiver::onConnect doRequest handshake:" << _openssl->isHandshaked() << ", length:" << _sendBuffer.getBufferLength() << endl); + TLOGTARS("[TARS][Transceiver::onConnect handshake:" << _openssl->isHandshaked() << ", send handshake len:" << _sendBuffer.getBufferLength() << endl); doRequest(); } @@ -207,7 +207,7 @@ void Transceiver::doAuthReq() { ObjectProxy* obj = _adapterProxy->getObjProxy(); - TLOGTARS("[TARS][onConnect:" << obj->name() << " auth type is " << _adapterProxy->endpoint().authType() << endl); + TLOGTARS("[TARS][Transceiver::doAuthReq obj:" << obj->name() << ", auth type:" << etos(_adapterProxy->endpoint().authType()) << endl); if (_adapterProxy->endpoint().authType() == AUTH_TYPENONE) { @@ -217,9 +217,9 @@ void Transceiver::doAuthReq() else { BasicAuthInfo basic; - basic.sObjName = obj->name(); - basic.sAccessKey = obj->getAccessKey(); - basic.sSecretKey = obj->getSecretKey(); + basic.sObjName = obj->name(); + basic.sAccessKey = obj->getCommunicatorEpoll()->getCommunicator()->getServantProperty(obj->name(), "accesskey"); + basic.sSecretKey = obj->getCommunicatorEpoll()->getCommunicator()->getServantProperty(obj->name(), "secretkey"); this->sendAuthData(basic); } @@ -232,9 +232,9 @@ void Transceiver::finishInvoke(shared_ptr &rsp) std::string ret(rsp->sBuffer.begin(), rsp->sBuffer.end()); tars::AUTH_STATE tmp = AUTH_SUCC; tars::stoe(ret, tmp); - int newstate = tmp; + tars::AUTH_STATE newstate = tmp; - TLOGTARS("[TARS]AdapterProxy::finishInvoke from state " << _authState << " to " << newstate << endl); + TLOGTARS("[TARS]Transceiver::finishInvoke state: " << etos(_authState) << " -> " << etos(newstate) << endl); setAuthState(newstate); if (newstate == AUTH_SUCC) @@ -244,7 +244,7 @@ void Transceiver::finishInvoke(shared_ptr &rsp) } else { - TLOGERROR("newstate is " << newstate << ", error close!\n"); + TLOGERROR("[TARS]Transceiver::finishInvoke newstate: " << etos(newstate) << ", error close!\n"); close(); } @@ -264,19 +264,36 @@ bool Transceiver::sendAuthData(const BasicAuthInfo& info) const int kAuthType = 0x40; RequestPacket request; - request.sFuncName = "tarsInnerAuthServer"; - request.sServantName = "authServant"; - request.iVersion = TARSVERSION; - request.iRequestId = 0; - request.cPacketType = TARSNORMAL; - request.iMessageType = kAuthType; + request.sFuncName = "tarsInnerAuthServer"; + request.sServantName = "authServant"; + request.iVersion = TARSVERSION; + request.iRequestId = 1; + request.cPacketType = TARSNORMAL; + request.iMessageType = kAuthType; request.sBuffer.assign(out.begin(), out.end()); - _sendBuffer.addBuffer(objPrx->getProxyProtocol().requestFunc(request, this)); +#if TARS_SSL + if(this->isSSL()) { + vector buff = objPrx->getProxyProtocol().requestFunc(request, this); - // _sendBuffer.addBuffer(toSend); + int ret = _openssl->write(buff.data(), (uint32_t) buff.size(), _sendBuffer); + if(ret != 0) + { + TLOGERROR("[TARS][Transceiver::sendAuthData ssl write failed, obj:" << _adapterProxy->getObjProxy()->name() << ", error:" << _openssl->getErrMsg() << endl); + return false; + } + } + else { + _sendBuffer.addBuffer(objPrx->getProxyProtocol().requestFunc(request, this)); + } + +#else + _sendBuffer.addBuffer(objPrx->getProxyProtocol().requestFunc(request, this)); + +#endif + + TLOGTARS("[TARS][sendAuthData:" << objPrx->name() << " len: " << _sendBuffer.getBufferLength() << endl); -// if (sendRequest(_sendBuffer, true) == eRetError) int ret = doRequest(); if (ret != 0) { @@ -371,7 +388,7 @@ int Transceiver::doRequest() return 0; } -int Transceiver::sendRequest(const shared_ptr &buff, bool forceSend) +int Transceiver::sendRequest(const shared_ptr &buff) { //空数据 直接返回成功 if(buff->empty()) { @@ -383,14 +400,13 @@ int Transceiver::sendRequest(const shared_ptr &buff, b return eRetError; } - if (!forceSend && _authState != AUTH_SUCC && !isSSL()) + if (_authState != AUTH_SUCC) { -//#if TARS_SSL -// if (isSSL() && !_openssl) -// return eRetError; -//#endif - ObjectProxy* obj = _adapterProxy->getObjProxy(); - TLOGTARS("[TARS][Transceiver::sendRequest failed, need auth for " << obj->name() << endl); +#if TARS_SSL + if (isSSL() && !_openssl) + return eRetError; +#endif + TLOGTARS("[TARS][Transceiver::sendRequest failed, obj:" << _adapterProxy->getObjProxy()->name() << ", need auth." << endl); return eRetError; // 需要鉴权但还没通过,不能发送非认证消息 } @@ -405,10 +421,16 @@ int Transceiver::sendRequest(const shared_ptr &buff, b if (isSSL()) { if(!_openssl->isHandshaked()) { + TLOGTARS("[TARS][Transceiver::sendRequest failed, obj:" << _adapterProxy->getObjProxy()->name() << ", ssl need handshake." << endl); return eRetError; } - _openssl->write(buff->buffer(), (uint32_t) buff->length(), _sendBuffer); + int ret = _openssl->write(buff->buffer(), (uint32_t) buff->length(), _sendBuffer); + if(ret != 0) + { + TLOGERROR("[TARS][Transceiver::sendRequest ssl write failed, obj:" << _adapterProxy->getObjProxy()->name() << ", error:" << _openssl->getErrMsg() << endl); + return eRetError; + } size_t length = _sendBuffer.getBufferLength(); @@ -512,24 +534,27 @@ int TcpTransceiver::doResponse() #if TARS_SSL if (isSSL()) { - const bool preNotHandshake = !_openssl->isHandshaked(); + const bool preHandshake = _openssl->isHandshaked(); int ret = _openssl->read(buff, iRet, _sendBuffer); if (ret != 0) { - TLOGERROR("[TARS][SSL_connect handshake failed: " << _adapterProxy->getObjProxy()->name() << ", info:" << _openssl->getErrMsg() << endl); + TLOGERROR("[TARS][Transceiver::doResponse SSL_read handshake failed: " << _adapterProxy->getObjProxy()->name() << ", info:" << _openssl->getErrMsg() << endl); close(); return -1; } - else + else if(!_sendBuffer.empty()) { - doRequest(); + TLOGTARS("[TARS][Transceiver::doResponse SSL_read prehandshake:" << preHandshake << ", handshake:" << _openssl->isHandshaked() << ", send handshake:" << _sendBuffer.getBufferLength() << endl); + + doRequest(); } if (!_openssl->isHandshaked()) return 0; - if (preNotHandshake) + if (!preHandshake) { doAuthReq(); + } rbuf = _openssl->recvBuffer(); } @@ -545,7 +570,8 @@ int TcpTransceiver::doResponse() try { TC_NetWorkBuffer::PACKET_TYPE ret; - do + + while(!rbuf->empty()) { shared_ptr rsp = std::make_shared(); @@ -562,9 +588,7 @@ int TcpTransceiver::doResponse() else { break; } - } - while (ret == TC_NetWorkBuffer::PACKET_FULL && !rbuf->empty()); //接收的数据小于buffer大小, 内核会再次通知你 if(iRet < BUFFER_SIZE) @@ -820,7 +844,7 @@ int TcpTransceiver::recv(void* buf, uint32_t len, uint32_t flag) if (iRet == 0 || (iRet < 0 && !TC_Socket::isPending())) { TLOGTARS("[TARS][tcp recv, " << _adapterProxy->getObjProxy()->name() - << ",fd:" << _fd << ", " << _ep.desc() <<",ret " << iRet + << ",fd:" << _fd << ", " << _ep.desc() <<", ret:" << iRet << ", fail! errno:" << TC_Exception::getSystemCode() << "," << TC_Exception::parseError(TC_Exception::getSystemCode()) << ",close]" << endl); close(); @@ -835,7 +859,7 @@ int TcpTransceiver::recv(void* buf, uint32_t len, uint32_t flag) } #endif TLOGTARS("[TARS][tcp recv," << _adapterProxy->getObjProxy()->name() - << ",fd:" << _fd << "," << _ep.desc() << ",ret:" << iRet << "]" << endl); + << ",fd:" << _fd << "," << _ep.desc() << ", len:" << iRet << "]" << endl); return iRet; } diff --git a/servant/servant/Application.h b/servant/servant/Application.h index 0e71c74..1c48e1f 100644 --- a/servant/servant/Application.h +++ b/servant/servant/Application.h @@ -34,6 +34,10 @@ #include "servant/TarsConfig.h" #include "servant/TarsNotify.h" +#if TARS_SSL +#include "util/tc_openssl.h" +#endif + namespace tars { ////////////////////////////////////////////////////////////////////// @@ -350,13 +354,6 @@ protected: protected: - /** - * 为Adapter绑定对应的handle类型 - * 缺省实现是ServantHandle类型 - * @param adapter - */ - // virtual void setHandle(TC_EpollServer::BindAdapterPtr& adapter); - /** * 添加Servant * @param T @@ -374,13 +371,6 @@ protected: */ void addServantProtocol(const string& servant, const TC_NetWorkBuffer::protocol_functor& protocol); - /** - * 非tars协议server,设置Servant的协议解析器,带有连接信息 - * @param protocol - * @param servant - */ - // void addServantConnProtocol(const string& servant, const TC_NetWorkBuffer::protocol_functor& protocol); - /** *设置Servant的连接断开回调 */ @@ -421,10 +411,6 @@ protected: */ void outAdapter(ostream &os, const string &v, TC_EpollServer::BindAdapterPtr lsPtr); - /** - * 解析配置文件 - */ - // void parseConfig(int argc, char *argv[]); /** * 解析配置文件 */ @@ -436,10 +422,16 @@ protected: TC_EpollServer::BindAdapter::EOrder parseOrder(const string &s); /** - * 绑定server配置的Adapter和对象 + * bind server adapter */ void bindAdapter(vector& adapters); + /** + * set adapter + * @param adapter + */ + void setAdapter(TC_EpollServer::BindAdapterPtr& adapter, const string &name); + /** * @param servant * @param sPrefix @@ -461,27 +453,29 @@ protected: */ string setDivision(void); - /* - * 等待服务退出 - */ - // void waitForQuit(); - protected: /** - * 配置文件 + * config */ static TC_Config _conf; /** - * 服务 + * epoll server */ static TC_EpollServerPtr _epollServer; /** - * 通信器 + * communicator */ static CommunicatorPtr _communicator; +#if TARS_SSL + /** + * ssl ctx + */ + shared_ptr _ctx; +#endif + PropertyReport * _pReportQueue; PropertyReport * _pReportConRate; PropertyReport * _pReportTimeoutNum; diff --git a/servant/servant/Communicator.h b/servant/servant/Communicator.h index d59c2f7..9206e72 100644 --- a/servant/servant/Communicator.h +++ b/servant/servant/Communicator.h @@ -173,6 +173,27 @@ public: */ void setProperty(TC_Config& conf, const string& domain = CONFIG_ROOT_PATH); + /** + * get servant property + * @param sObj + * @return + */ + map getServantProperty(const string &sObj); + + /** + * set servant property + * @param sObj + * @return + */ + void setServantProperty(const string &sObj, const string& name, const string& value); + + /** + * get servant property + * @param sObj + * @return + */ + string getServantProperty(const string &sObj, const string& name); + /** * 上报统计 * @return StatReport* @@ -260,8 +281,17 @@ protected: * @return */ void doStat(); +#if TARS_SSL - /** + /** + * get openssl of trans + * @param sObjName + * @return vector + */ + shared_ptr newClientSSL(const string & objName); +#endif + + /** * 框架内部需要直接访问通信器的类 */ friend class AdapterProxy; @@ -278,6 +308,8 @@ protected: friend class CommunicatorEpoll; + friend class Transceiver; + protected: /** * 是否初始化 @@ -295,6 +327,11 @@ protected: map _properties; /** + * obj info + */ + map> _objInfo; + + /** * ServantProxy代码的工厂类 */ ServantProxyFactory* _servantProxyFactory; @@ -324,6 +361,19 @@ protected: */ int64_t _minTimeout; +#if TARS_SSL + + /** + * ssl ctx + */ + shared_ptr _ctx; + + /** + * ssl + */ + unordered_map> _objCtx; +#endif + /* * 异步线程数组 */ diff --git a/servant/servant/EndpointInfo.h b/servant/servant/EndpointInfo.h index 11a8787..ba785d0 100755 --- a/servant/servant/EndpointInfo.h +++ b/servant/servant/EndpointInfo.h @@ -19,11 +19,14 @@ #include "servant/Global.h" #include "util/tc_socket.h" +#include "Auth.h" using namespace std; namespace tars { + +//enum AUTH_STATE; ////////////////////////////////////////////////////////////////////////////// /** * 地址信息IP:Port @@ -158,7 +161,7 @@ public: /* * 获取认证类型 */ - int authType() const { return _authType; } + AUTH_TYPE authType() const { return _authType; } /** * @brief is ipv6 socket or not @@ -270,7 +273,7 @@ private: /** * 认证类型 */ - int _authType; + tars::AUTH_TYPE _authType; /** * _host is IPv6 or not diff --git a/servant/servant/ObjectProxy.h b/servant/servant/ObjectProxy.h index 2dffcfb..7a939f7 100644 --- a/servant/servant/ObjectProxy.h +++ b/servant/servant/ObjectProxy.h @@ -215,23 +215,6 @@ public: _servantProxy = pServantProxy; } - /** - * 设置AK - */ - void setAccessKey(const string& k) { _accessKey = k; } - /** - * 设置SK - */ - void setSecretKey(const string& k) { _secretKey = k; } - /** - * 获取AK - */ - const string& getAccessKey() const { return _accessKey; } - /** - * 获取SK - */ - const string& getSecretKey() const { return _secretKey; } - protected: /** @@ -305,13 +288,6 @@ private: * ServantProxy */ ServantProxy * _servantProxy; - - /** - * AK/SK - */ - std::string _accessKey; - std::string _secretKey; - }; /////////////////////////////////////////////////////////////////////////////////// } diff --git a/servant/servant/ServantProxy.h b/servant/servant/ServantProxy.h index b9789d3..2826248 100644 --- a/servant/servant/ServantProxy.h +++ b/servant/servant/ServantProxy.h @@ -22,12 +22,14 @@ #include "servant/Message.h" #include "servant/AppProtocol.h" #include "servant/TarsCurrent.h" -#include "servant/EndpointInfo.h" +//#include "servant/EndpointInfo.h" #include "servant/CommunicatorEpoll.h" namespace tars { +class EndpointInfo; + ///////////////////////////////////////////////////////////////////////// /* * seq 管理的类 diff --git a/servant/servant/Transceiver.h b/servant/servant/Transceiver.h index 1597abf..c6fe7bc 100755 --- a/servant/servant/Transceiver.h +++ b/servant/servant/Transceiver.h @@ -119,7 +119,7 @@ public: * 如果fd缓冲区已满,返回错误 * 如果数据发送一半,缓冲区满了,返回成功 */ - int sendRequest(const shared_ptr &pData, bool forceSend = false); + int sendRequest(const shared_ptr &pData); /* * 处理请求,判断Send BufferCache是否有完整的包 @@ -215,7 +215,7 @@ public: /** * 设置鉴权状态 */ - void setAuthState(int newstate) { _authState = newstate; } + void setAuthState(tars::AUTH_STATE newstate) { _authState = newstate; } /* * 获取鉴权状态 @@ -273,8 +273,8 @@ protected: /* * 鉴权状态 - */ - int _authState; + */ + AUTH_STATE _authState; protected: #if TARS_SSL diff --git a/util/include/util/tc_epoll_server.h b/util/include/util/tc_epoll_server.h index 0425a52..5c5b80c 100644 --- a/util/include/util/tc_epoll_server.h +++ b/util/include/util/tc_epoll_server.h @@ -32,15 +32,15 @@ #include "util/tc_network_buffer.h" #include "util/tc_cas_queue.h" +#if TARS_SSL +#include "util/tc_openssl.h" +#endif + using namespace std; namespace tars { -#if TARS_SSL - class TC_OpenSSL; -#endif - ///////////////////////////////////////////////// /** * @file tc_epoll_server.h @@ -860,6 +860,10 @@ public: std::string getSk(const std::string& ak) const { return (_accessKey == ak) ? _secretKey : ""; } +#if TARS_SSL + void setSSLCtx(const shared_ptr &ctx) { _ctx = ctx; } +#endif + private: /** * 获取等待的队列锁 @@ -1002,7 +1006,14 @@ public: */ std::string _accessKey; std::string _secretKey; - + +#if TARS_SSL + + /** + * ssl ctx + */ + shared_ptr _ctx; +#endif //连接关闭的回调函数 close_functor _closeFunc; @@ -1528,6 +1539,12 @@ public: */ void info(const string &s); + /** + * TARS日志 + * @param s + */ + void tars(const string &s); + /** * 记录错误日志 * @param s @@ -1905,6 +1922,12 @@ public: */ void error(const string &s); + /** + * tars日志 + * @param s + */ + void tars(const string &s); + /** * 获取网络线程的数目 */ diff --git a/util/include/util/tc_gzip.h b/util/include/util/tc_gzip.h index fdcaaad..a2079e7 100755 --- a/util/include/util/tc_gzip.h +++ b/util/include/util/tc_gzip.h @@ -18,11 +18,9 @@ #define __TC_GZIP_H #include "util/tc_platform.h" -#if TARGET_PLATFORM_LINUX || TARGET_PLATFORM_IOS #include #include -#include #include #include @@ -44,30 +42,25 @@ namespace tars class TC_GZip { protected: - struct Output2Vector { - Output2Vector(vector& buffer) : _buffer(buffer) + struct Output + { + virtual ~Output(){} + virtual void operator ()(char *begin, size_t length) = 0; + }; + + template + struct OutputImp : public Output { + OutputImp(T & buffer) : _buffer(buffer) { _buffer.clear(); } - void operator ()(char *begin, size_t length) + + virtual void operator ()(char *begin, size_t length) { _buffer.insert(_buffer.end(), begin, begin + length); } - vector& _buffer; - }; - - struct Output2String { - Output2String(string& buffer) : _buffer(buffer) - { - _buffer.clear(); - } - void operator ()(char *begin, size_t length) - { - _buffer.append(begin, length); - } - - string& _buffer; + T& _buffer; }; public: @@ -91,9 +84,9 @@ public: */ static bool uncompress(const char *src, size_t length, vector& buffer) { - Output2Vector output(buffer); + std::unique_ptr output(new OutputImp>(buffer)); - return uncompress(src, length, output); + return uncompress(src, length, output.get()); } /** @@ -106,9 +99,9 @@ public: */ static bool uncompress(const char *src, size_t length, string& buffer) { - Output2String output(buffer); + std::unique_ptr output(new OutputImp(buffer)); - return uncompress(src, length, output); + return uncompress(src, length, output.get()); } /** @@ -125,65 +118,9 @@ public: * } * @return bool 成功失败 */ - template - static bool uncompress(const char *src, size_t length, Output& o) - { -// buffer.clear(); - - z_stream strm; - - /* allocate inflate state */ - strm.zalloc = Z_NULL; - strm.zfree = Z_NULL; - strm.opaque = Z_NULL; - strm.avail_in = 0; - strm.next_in = Z_NULL; - - int ret = inflateInit2(&strm, 47); - - if (ret != Z_OK) - { - return false; - } - - strm.avail_in = length; - strm.next_in = (unsigned char *)src; - - static size_t CHUNK = 1024 * 256; - unsigned char *out = new unsigned char[CHUNK]; - - /* run inflate() on input until output buffer not full */ - do - { - strm.avail_out = CHUNK; - strm.next_out = out; - - ret = inflate(&strm, Z_NO_FLUSH); - - assert(ret != Z_STREAM_ERROR); /* state not clobbered */ - switch (ret) - { - case Z_NEED_DICT: - ret = Z_DATA_ERROR; /* and fall through */ - case Z_DATA_ERROR: - case Z_MEM_ERROR: - inflateEnd(&strm); - delete[] out; - return false; - } - o((char *)out, CHUNK - strm.avail_out); - // buffer.insert(buffer.end(), (char *)out, (char *)out + CHUNK - strm.avail_out); - } - while (strm.avail_out == 0); - - /* clean up and return */ - inflateEnd(&strm); - delete[] out; - - return (ret == Z_STREAM_END); - } + static bool uncompress(const char *src, size_t length, Output* o); }; } -#endif +//#endif #endif diff --git a/util/include/util/tc_openssl.h b/util/include/util/tc_openssl.h index 65f896f..367829a 100644 --- a/util/include/util/tc_openssl.h +++ b/util/include/util/tc_openssl.h @@ -29,6 +29,9 @@ typedef struct ssl_st SSL; struct bio_st; typedef struct bio_st BIO; +struct ssl_ctx_st; +typedef struct ssl_ctx_st SSL_CTX; + namespace tars { @@ -57,15 +60,47 @@ public: */ ~TC_OpenSSL(); + /** + * ctx wrapper + */ + struct CTX + { + CTX(SSL_CTX *x) : ctx(x) {} + SSL_CTX *ctx; + }; + + /** + * new ssl ctx + * @param cafile + * @param certfile + * @param keyfile + * @param verifyClient + * @return + */ + static shared_ptr newCtx(const std::string& cafile, const std::string& certfile, const std::string& keyfile, bool verifyClient); + + /** + * new ssl + * @param ctx + * @return + */ + static shared_ptr newSSL(const std::shared_ptr &ctx); + static void getMemData(BIO* bio, TC_NetWorkBuffer& buf); static int doSSLRead(SSL* ssl, TC_NetWorkBuffer& out); -private: + +protected: /** * @brief deny */ TC_OpenSSL(const TC_OpenSSL& ); void operator=(const TC_OpenSSL& ); + /** + * init openssl + */ + static void initialize(); + static bool _initialize; public: /** @@ -119,7 +154,19 @@ public: */ int read(const void* data, size_t size, TC_NetWorkBuffer &out); - friend class TC_SSLManager; + /** + * set read buffer size + * @param size + */ + void setReadBufferSize(size_t size); + + /** + * set write buffer size + * @param size + */ + void setWriteBufferSize(size_t size); + + friend class TC_SSLManager; private: /** diff --git a/util/include/util/tc_sslmgr.h b/util/include/util/tc_sslmgr.h deleted file mode 100644 index 2a40457..0000000 --- a/util/include/util/tc_sslmgr.h +++ /dev/null @@ -1,94 +0,0 @@ -/** - * Tencent is pleased to support the open source community by making Tars available. - * - * Copyright (C) 2016THL A29 Limited, a Tencent company. All rights reserved. - * - * Licensed under the BSD 3-Clause License (the "License"); you may not use this file except - * in compliance with the License. You may obtain a copy of the License at - * - * https://opensource.org/licenses/BSD-3-Clause - * - * Unless required by applicable law or agreed to in writing, software distributed - * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR - * CONDITIONS OF ANY KIND, either express or implied. See the License for the - * specific language governing permissions and limitations under the License. - */ - -#ifndef __TC_SSLMANAGER_H -#define __TC_SSLMANAGER_H - -#if TARS_SSL - -#include -#include -#include "util/tc_network_buffer.h" -#include "util/tc_singleton.h" - -struct ssl_st; -typedef struct ssl_st SSL; - -struct ssl_ctx_st; -typedef struct ssl_ctx_st SSL_CTX; - -namespace tars -{ - -///////////////////////////////////////////////// -/** - *@file tc_sslmgr.h - *@brief manager ssl, not thread safe!! - */ -///////////////////////////////////////////////// - -class TC_OpenSSL; - -class TC_SSLManager : public TC_Singleton -{ -public: - /** - * @brief constructor. - */ - TC_SSLManager(); - - /** - * @brief deconstructor. - */ - ~TC_SSLManager(); - - /** - * @brief new ssl - */ - shared_ptr newSSL(const std::string& ctxName); - - /** - * @brief add ctx - * @param name: ctx name - * @param cafile: peer cafile - * @param certfile: cert cafile - * @param keyfile: key file - * @param verifyClient: if verfy client - */ - bool addCtx(const std::string& name, - const std::string& cafile, - const std::string& certfile, - const std::string& keyfile, - bool verifyClient); - -protected: - SSL_CTX* getCtx(const std::string& name) const; - SSL* newSSL(SSL_CTX *ctx); - SSL_CTX *newCtx(const std::string& cafile, const std::string& certfile, const std::string& keyfile, bool verifyClient); - -private: - - typedef std::map CTX_MAP; - - CTX_MAP _ctxSet; -}; - -} // end namespace tars - -#endif // end #if TARS_SSL - -#endif - diff --git a/util/src/CMakeLists.txt b/util/src/CMakeLists.txt index 45063a6..1be25ca 100644 --- a/util/src/CMakeLists.txt +++ b/util/src/CMakeLists.txt @@ -6,8 +6,6 @@ ENDIF() aux_source_directory(. DIR_SRCS) -message("CMAKE_SYSTEM_NAME:${CMAKE_SYSTEM_NAME}, CMAKE_SYSTEM_PROCESSOR:${CMAKE_SYSTEM_PROCESSOR}, CMAKE_CXX_COMPILER_ID:${CMAKE_CXX_COMPILER_ID}") - macro(cpu CPU_STR) set(CPU_STR "combined") @@ -167,7 +165,19 @@ endmacro () get_asm(JUMP_SRC MAKE_SRC) -message("ABI_STR:${ABI_STR}, BF_STR:${BF_STR}, CPU_STR:${CPU_STR}, JUMP_SRC:${JUMP_SRC}, MAKE_SRC:${MAKE_SRC}, CMAKE_C_SIZEOF_DATA_PTR:${CMAKE_C_SIZEOF_DATA_PTR}") + +message("----------------------------------------------------") +message("CMAKE_SYSTEM_NAME: ${CMAKE_SYSTEM_NAME}") +message("CMAKE_SYSTEM_PROCESSOR: ${CMAKE_SYSTEM_PROCESSOR}") +message("CMAKE_CXX_COMPILER_ID: ${CMAKE_CXX_COMPILER_ID}") +message("ABI_STR: ${ABI_STR}") +message("BF_STR: ${BF_STR}") +message("CPU_STR: ${CPU_STR}") +message("JUMP_SRC: ${JUMP_SRC}") +message("MAKE_SRC: ${MAKE_SRC}") +message("CMAKE_C_SIZEOF_DATA_PTR: ${CMAKE_C_SIZEOF_DATA_PTR}") +message("----------------------------------------------------") + list(APPEND DIR_SRCS ${JUMP_SRC}) list(APPEND DIR_SRCS ${MAKE_SRC}) diff --git a/util/src/tc_epoll_server.cpp b/util/src/tc_epoll_server.cpp index adba24f..a193ace 100644 --- a/util/src/tc_epoll_server.cpp +++ b/util/src/tc_epoll_server.cpp @@ -19,7 +19,7 @@ #include "util/tc_common.h" #include "util/tc_network_buffer.h" #include "util/tc_timeprovider.h" -#include "util/tc_sslmgr.h" +//#include "util/tc_sslmgr.h" #include #include @@ -807,7 +807,7 @@ void TC_EpollServer::Connection::insertRecvQueue(const shared_ptrbuffer().swap(ro); - if (_pBindAdapter->_authWrapper && _pBindAdapter->_authWrapper(this, recv)) + if (_pBindAdapter->_authWrapper && _pBindAdapter->_authWrapper(this, recv)) continue; //收到完整的包才算 @@ -915,7 +915,7 @@ int TC_EpollServer::Connection::recvTcp() int ret = _openssl->read(buffer, iBytesReceived, _sendBuffer); if (ret != 0) { - _pBindAdapter->getEpollServer()->error("[TARS][SSL_read failed: " + _openssl->getErrMsg()); + _pBindAdapter->getEpollServer()->error("[SSL_read failed: " + _openssl->getErrMsg()); return -1; } else @@ -937,7 +937,7 @@ int TC_EpollServer::Connection::recvTcp() rbuf->addBuffer(buffer, iBytesReceived); #endif - //字符串太长时, 强制解析协议 + //字符串太长时, 强制解析协议 if (rbuf->getBufferLength() > 8192) { parseProtocol(*rbuf); } @@ -1072,15 +1072,20 @@ int TC_EpollServer::Connection::sendTcp(const shared_ptr &sc) { if(!sc->buffer()->empty()) { +#if TARS_SSL if (getBindAdapter()->getEndpoint().isSSL()) { assert(_openssl->isHandshaked()); int ret = _openssl->write(sc->buffer()->buffer(), sc->buffer()->length(), _sendBuffer); - if (ret != 0) + if (ret != 0) { + _pBindAdapter->getEpollServer()->error("[TC_EpollServer::Connection] sendTcp [" + _ip + ":" + TC_Common::tostr(_port) + "] error:" + _openssl->getErrMsg()); + return -1; // should not happen + } } else +#endif { _sendBuffer.addBuffer(sc->buffer()); } @@ -1399,6 +1404,11 @@ void TC_EpollServer::NetThread::info(const string &s) _epollServer->info(s); } +void TC_EpollServer::NetThread::tars(const string &s) +{ + _epollServer->tars(s); +} + void TC_EpollServer::NetThread::error(const string &s) { _epollServer->error(s); @@ -1478,7 +1488,7 @@ void TC_EpollServer::NetThread::addTcpConnection(TC_EpollServer::Connection *cPt cPtr->getBindAdapter()->getEpollServer()->info("[TARS][addTcpConnection ssl connection"); // 分配ssl对象, ctxName 放在obj proxy里 - cPtr->_openssl = TC_SSLManager::getInstance()->newSSL("server"); + cPtr->_openssl = TC_OpenSSL::newSSL(cPtr->getBindAdapter()->_ctx); if (!cPtr->_openssl) { cPtr->getBindAdapter()->getEpollServer()->error("[TARS][SSL_accept not find server cert"); @@ -1487,6 +1497,8 @@ void TC_EpollServer::NetThread::addTcpConnection(TC_EpollServer::Connection *cPt } cPtr->_openssl->init(true); + cPtr->_openssl->setReadBufferSize(1024 * 8); + cPtr->_openssl->setWriteBufferSize(1024 * 8); int ret = cPtr->_openssl->doHandshake(cPtr->_sendBuffer); if (ret != 0) @@ -1626,12 +1638,6 @@ void TC_EpollServer::NetThread::processPipe() if (!cPtr->_openssl->isHandshaked()) { return; } -// -// ret = cPtr->_openssl->write(sc->buffer()->buffer(), sc->buffer()->length(), cPtr->_sendBuffer); -// if (ret != 0) -// break; // should not happen -// -// cPtr->sendBuffer(); } ret = cPtr->send(sc); #else @@ -2259,6 +2265,14 @@ void TC_EpollServer::info(const string &s) } } +void TC_EpollServer::tars(const string &s) +{ + if(_pLocalLogger) + { + _pLocalLogger->tars() << "[TARS]" << s << endl; + } +} + void TC_EpollServer::error(const string &s) { if(_pLocalLogger) diff --git a/util/src/tc_gzip.cpp b/util/src/tc_gzip.cpp index 509b32f..969e213 100644 --- a/util/src/tc_gzip.cpp +++ b/util/src/tc_gzip.cpp @@ -83,64 +83,59 @@ bool TC_GZip::compress(const char *src, size_t length, vector& buffer) return true; } -//bool TC_GZip::uncompress(const char *src, size_t length, vector& buffer) +bool TC_GZip::uncompress(const char *src, size_t length, TC_GZip::Output* o) +{ + z_stream strm; -// -//bool TC_GZip::uncompress(const char *src, size_t length, vector &buffer) -//{ -// buffer.clear(); -// -// z_stream strm; -// -// /* allocate inflate state */ -// strm.zalloc = Z_NULL; -// strm.zfree = Z_NULL; -// strm.opaque = Z_NULL; -// strm.avail_in = 0; -// strm.next_in = Z_NULL; -// -// int ret = inflateInit2(&strm, 47); -// -// if (ret != Z_OK) -// { -// return false; -// } -// -// strm.avail_in = length; -// strm.next_in = (unsigned char*)src; -// -// static size_t CHUNK = 1024*256; -// unsigned char *out = new unsigned char[CHUNK]; -// -// /* run inflate() on input until output buffer not full */ -// do -// { -// strm.avail_out = CHUNK; -// strm.next_out = out; -// -// ret = inflate(&strm, Z_NO_FLUSH); -// -// assert(ret != Z_STREAM_ERROR); /* state not clobbered */ -// switch (ret) -// { -// case Z_NEED_DICT: -// ret = Z_DATA_ERROR; /* and fall through */ -// case Z_DATA_ERROR: -// case Z_MEM_ERROR: -// inflateEnd(&strm); -// delete[] out; -// return false; -// } -// buffer.insert(buffer.end(), (char*)out, (char*)out + CHUNK - strm.avail_out); -// -// } while (strm.avail_out == 0); -// -// /* clean up and return */ -// inflateEnd(&strm); -// delete[] out; -// -// return(ret == Z_STREAM_END); -//} + /* allocate inflate state */ + strm.zalloc = Z_NULL; + strm.zfree = Z_NULL; + strm.opaque = Z_NULL; + strm.avail_in = 0; + strm.next_in = Z_NULL; + + int ret = inflateInit2(&strm, 47); + + if (ret != Z_OK) + { + return false; + } + + strm.avail_in = length; + strm.next_in = (unsigned char *)src; + + static size_t CHUNK = 1024 * 256; + unsigned char *out = new unsigned char[CHUNK]; + + /* run inflate() on input until output buffer not full */ + do + { + strm.avail_out = CHUNK; + strm.next_out = out; + + ret = inflate(&strm, Z_NO_FLUSH); + + assert(ret != Z_STREAM_ERROR); /* state not clobbered */ + switch (ret) + { + case Z_NEED_DICT: + ret = Z_DATA_ERROR; /* and fall through */ + case Z_DATA_ERROR: + case Z_MEM_ERROR: + inflateEnd(&strm); + delete[] out; + return false; + } + (*o)((char *)out, CHUNK - strm.avail_out); + } + while (strm.avail_out == 0); + + /* clean up and return */ + inflateEnd(&strm); + delete[] out; + + return (ret == Z_STREAM_END); +} } diff --git a/util/src/tc_openssl.cpp b/util/src/tc_openssl.cpp index 51e3b12..0818589 100644 --- a/util/src/tc_openssl.cpp +++ b/util/src/tc_openssl.cpp @@ -25,7 +25,7 @@ namespace tars { - +bool TC_OpenSSL::_initialize = false; ////////////////////////////////////////////////////////////////////////////////////////// TC_OpenSSL::TC_OpenSSL(SSL* ssl) @@ -88,12 +88,21 @@ std::string TC_OpenSSL::getErrMsg() const return buffer; } +void TC_OpenSSL::setReadBufferSize(size_t size) +{ + BIO_set_read_buffer_size(SSL_get_rbio(_ssl), size); +} + +void TC_OpenSSL::setWriteBufferSize(size_t size) +{ + BIO_set_write_buffer_size(SSL_get_rbio(_ssl), size); +} + bool TC_OpenSSL::isHandshaked() const { return _bHandshaked; } - int TC_OpenSSL::doHandshake(TC_NetWorkBuffer &out, const void* data, size_t size) { assert (!_bHandshaked); @@ -234,6 +243,77 @@ int TC_OpenSSL::doSSLRead(SSL* ssl, TC_NetWorkBuffer& out) return 0; } +void TC_OpenSSL::initialize() +{ + if(!_initialize) + { + _initialize = true; + (void) SSL_library_init(); + OpenSSL_add_all_algorithms(); + + ERR_load_ERR_strings(); + SSL_load_error_strings(); + } +} + +shared_ptr TC_OpenSSL::newCtx(const std::string& cafile, const std::string& certfile, const std::string& keyfile, bool verifyClient) +{ + initialize(); + + SSL_CTX* ctx = SSL_CTX_new(SSLv23_method()); + if (!ctx) + return NULL; + +#define RETURN_IF_FAIL(call) \ + if ((call) <= 0) { \ + ERR_print_errors_fp(stderr); \ + return NULL;\ + } + + if (verifyClient) + SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); + else + SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL); + + SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); + SSL_CTX_clear_options(ctx, SSL_OP_LEGACY_SERVER_CONNECT); + SSL_CTX_clear_options(ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION); + + RETURN_IF_FAIL (SSL_CTX_set_session_id_context(ctx, (const unsigned char*)ctx, sizeof ctx)); + if (!cafile.empty()) + RETURN_IF_FAIL (SSL_CTX_load_verify_locations(ctx, cafile.data(), NULL)); + + // 客户端可以不提供证书的 + if (!certfile.empty()) + RETURN_IF_FAIL (SSL_CTX_use_certificate_file(ctx, certfile.data(), SSL_FILETYPE_PEM)); + + if (!keyfile.empty()) + { + RETURN_IF_FAIL (SSL_CTX_use_PrivateKey_file(ctx, keyfile.data(), SSL_FILETYPE_PEM)); + RETURN_IF_FAIL (SSL_CTX_check_private_key(ctx)); + } + +#undef RETURN_IF_FAIL + + return std::make_shared(ctx); +} + +shared_ptr TC_OpenSSL::newSSL(const std::shared_ptr &ctx) +{ + initialize(); + + SSL* ssl = SSL_new(ctx->ctx); + + SSL_set_mode(ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); // allow retry ssl-write with different args + SSL_set_bio(ssl, BIO_new(BIO_s_mem()), BIO_new(BIO_s_mem())); + + BIO_set_mem_eof_return(SSL_get_rbio(ssl), -1); + BIO_set_mem_eof_return(SSL_get_wbio(ssl), -1); + + return std::make_shared(ssl); +} + + } // end namespace tars #endif diff --git a/util/src/tc_sslmgr.cpp b/util/src/tc_sslmgr.cpp deleted file mode 100644 index dcbb788..0000000 --- a/util/src/tc_sslmgr.cpp +++ /dev/null @@ -1,133 +0,0 @@ -/** - * Tencent is pleased to support the open source community by making Tars available. - * - * Copyright (C) 2016THL A29 Limited, a Tencent company. All rights reserved. - * - * Licensed under the BSD 3-Clause License (the "License"); you may not use this file except - * in compliance with the License. You may obtain a copy of the License at - * - * https://opensource.org/licenses/BSD-3-Clause - * - * Unless required by applicable law or agreed to in writing, software distributed - * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR - * CONDITIONS OF ANY KIND, either express or implied. See the License for the - * specific language governing permissions and limitations under the License. - */ - -#if TARS_SSL - -#include "util/tc_sslmgr.h" -#include "util/tc_openssl.h" -#include -#include - -namespace tars -{ - -TC_SSLManager::TC_SSLManager() -{ - - (void)SSL_library_init(); - OpenSSL_add_all_algorithms(); - - ERR_load_ERR_strings(); - SSL_load_error_strings(); -} - -TC_SSLManager::~TC_SSLManager() -{ - for (CTX_MAP::iterator it(_ctxSet.begin()); it != _ctxSet.end(); ++ it) - { - SSL_CTX_free(it->second); - } - - ERR_free_strings(); - EVP_cleanup(); -} - -SSL* TC_SSLManager::newSSL(SSL_CTX *ctx) -{ - SSL* ssl = SSL_new(ctx); - - SSL_set_mode(ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); // allow retry ssl-write with different args - SSL_set_bio(ssl, BIO_new(BIO_s_mem()), BIO_new(BIO_s_mem())); - - BIO_set_mem_eof_return(SSL_get_rbio(ssl), -1); - BIO_set_mem_eof_return(SSL_get_wbio(ssl), -1); - - return ssl; -} - -SSL_CTX *TC_SSLManager::newCtx(const std::string& cafile, const std::string& certfile, const std::string& keyfile, bool verifyClient) -{ - SSL_CTX* ctx = SSL_CTX_new(SSLv23_method()); - if (!ctx) - return NULL; - -#define RETURN_IF_FAIL(call) \ - if ((call) <= 0) { \ - ERR_print_errors_fp(stderr); \ - return NULL;\ - } - - if (verifyClient) - SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); - else - SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL); - - SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); - SSL_CTX_clear_options(ctx, SSL_OP_LEGACY_SERVER_CONNECT); - SSL_CTX_clear_options(ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION); - - RETURN_IF_FAIL (SSL_CTX_set_session_id_context(ctx, (const unsigned char*)ctx, sizeof ctx)); - if (!cafile.empty()) - RETURN_IF_FAIL (SSL_CTX_load_verify_locations(ctx, cafile.data(), NULL)); - - // 客户端可以不提供证书的 - if (!certfile.empty()) - RETURN_IF_FAIL (SSL_CTX_use_certificate_file(ctx, certfile.data(), SSL_FILETYPE_PEM)); - - if (!keyfile.empty()) - { - RETURN_IF_FAIL (SSL_CTX_use_PrivateKey_file(ctx, keyfile.data(), SSL_FILETYPE_PEM)); - RETURN_IF_FAIL (SSL_CTX_check_private_key(ctx)); - } - -#undef RETURN_IF_FAIL - - return ctx; -} - -bool TC_SSLManager::addCtx(const std::string& name, const std::string& cafile, const std::string& certfile, const std::string& keyfile, bool verifyClient) -{ - if (_ctxSet.count(name)) - return false; - - SSL_CTX* ctx = newCtx(cafile, certfile, keyfile, verifyClient); - - if (!ctx) - return false; - - return _ctxSet.insert(std::make_pair(name, ctx)).second; -} - -SSL_CTX* TC_SSLManager::getCtx(const std::string& name) const -{ - CTX_MAP::const_iterator it = _ctxSet.find(name); - return it == _ctxSet.end() ? NULL: it->second; -} - -shared_ptr TC_SSLManager::newSSL(const std::string& ctxName) -{ - SSL_CTX* ctx = getCtx(ctxName); - if (!ctx) - return shared_ptr(); - - SSL *p = newSSL(ctx); - - return std::make_shared(p); -} - -} // end namespace tars - -#endif // end #if TARS_SSL