3pp-mirror/snapcast
1
0
Fork 0
mirror of https://github.com/badaix/snapcast.git synced 2025-05-21 13:06:15 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add 'ssl_enabled' config parameter

Browse source
This commit is contained in:
badaix 2024-05-11 13:23:14 +02:00
parent c2528623cd
commit 97739a460e
5 changed files with 33 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

14
server/control_server.cpp
View file

@ -40,15 +40,10 @@ static constexpr auto LOG_TAG = "ControlServer";
ControlServer::ControlServer(boost::asio::io_context& io_context, const ServerSettings& settings, ControlMessageReceiver* controlMessageReceiver) ControlServer::ControlServer(boost::asio::io_context& io_context, const ServerSettings& settings, ControlMessageReceiver* controlMessageReceiver)
: io_context_(io_context), ssl_context_(boost::asio::ssl::context::sslv23), tcp_settings_(settings.tcp), http_settings_(settings.http), : io_context_(io_context), ssl_context_(boost::asio::ssl::context::sslv23), tcp_settings_(settings.tcp), http_settings_(settings.http),
controlMessageReceiver_(controlMessageReceiver), ssl_enabled_(true) controlMessageReceiver_(controlMessageReceiver)
{ {
const ServerSettings::Ssl& ssl = settings.ssl; const ServerSettings::Ssl& ssl = settings.ssl;
if (ssl.certificate.empty() || ssl.private_key.empty()) if (http_settings_.ssl_enabled)
{
LOG(INFO, LOG_TAG) << "SSL disabled, to enable SSL, please configure a certificate and private key file in PEM format\n";
ssl_enabled_ = false;
}
if (ssl_enabled_)
{ {
ssl_context_.set_options(boost::asio::ssl::context::default_workarounds | boost::asio::ssl::context::no_sslv2 | ssl_context_.set_options(boost::asio::ssl::context::default_workarounds | boost::asio::ssl::context::no_sslv2 |
boost::asio::ssl::context::single_dh_use); boost::asio::ssl::context::single_dh_use);
@ -192,6 +187,8 @@ void ControlServer::start()
} }
} }
} }
if (http_settings_.enabled || http_settings_.ssl_enabled)
{
if (http_settings_.enabled) if (http_settings_.enabled)
{ {
for (const auto& address : http_settings_.bind_to_address) for (const auto& address : http_settings_.bind_to_address)
@ -207,8 +204,9 @@ void ControlServer::start()
LOG(ERROR, LOG_TAG) << "error creating HTTP acceptor: " << e.what() << ", code: " << e.code() << "\n"; LOG(ERROR, LOG_TAG) << "error creating HTTP acceptor: " << e.what() << ", code: " << e.code() << "\n";
} }
} }
}
if (ssl_enabled_) if (http_settings_.ssl_enabled)
{ {
for (const auto& address : http_settings_.ssl_bind_to_address) for (const auto& address : http_settings_.ssl_bind_to_address)
{ {

1
server/control_server.hpp
View file

@ -72,5 +72,4 @@ private:
ServerSettings::Tcp tcp_settings_; ServerSettings::Tcp tcp_settings_;
ServerSettings::Http http_settings_; ServerSettings::Http http_settings_;
ControlMessageReceiver* controlMessageReceiver_; ControlMessageReceiver* controlMessageReceiver_;
bool ssl_enabled_;
}; };

19
server/etc/snapserver.conf
View file

@ -52,9 +52,15 @@
[ssl] [ssl]
# https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/ # https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/
# https://gist.github.com/fntlnz/cf14feb5a46b2eda428e000157447309 # https://gist.github.com/fntlnz/cf14feb5a46b2eda428e000157447309
certificate = certs/snapserver.crt
private_key = certs/snapserver.key # Certificate file in PEM format
key_password = # certificate =
# Private key file in PEM format
# private_key =
# Password for decryption of the private_key (only needed for encrypted private_key file)
# key_password =
# #
############################################################################### ###############################################################################
@ -76,10 +82,13 @@ key_password =
# which port the server should listen to # which port the server should listen to
#port = 1780 #port = 1780
#ssl address for the server to listen on # enable HTTPS Json RPC (HTTPS POST and ssl websockets)
# ssl_enabled = false
# same as 'bind_to_address' but for SSL
# ssl_bind_to_address = 0.0.0.0 # ssl_bind_to_address = 0.0.0.0
# which ssl port the server should listen to # same as 'port' but for SSL
# ssl_port = 1788 # ssl_port = 1788
# serve a website from the doc_root location # serve a website from the doc_root location

1
server/server_settings.hpp
View file

@ -48,6 +48,7 @@ struct ServerSettings
struct Http struct Http
{ {
bool enabled{true}; bool enabled{true};
bool ssl_enabled{false};
size_t port{1780}; size_t port{1780};
size_t ssl_port{1788}; size_t ssl_port{1788};
std::vector<std::string> bind_to_address{{"0.0.0.0"}}; std::vector<std::string> bind_to_address{{"0.0.0.0"}};

2
server/snapserver.cpp
View file

@ -90,6 +90,8 @@ int main(int argc, char* argv[])
conf.add<Value<size_t>>("", "http.port", "which port the server should listen on", settings.http.port, &settings.http.port); conf.add<Value<size_t>>("", "http.port", "which port the server should listen on", settings.http.port, &settings.http.port);
auto http_bind_to_address = conf.add<Value<string>>("", "http.bind_to_address", "address for the server to listen on", auto http_bind_to_address = conf.add<Value<string>>("", "http.bind_to_address", "address for the server to listen on",
settings.http.bind_to_address.front(), &settings.http.bind_to_address[0]); settings.http.bind_to_address.front(), &settings.http.bind_to_address[0]);
conf.add<Value<bool>>("", "http.ssl_enabled", "enable HTTPS Json RPC (HTTPS POST and ssl websockets)", settings.http.ssl_enabled,
&settings.http.ssl_enabled);
conf.add<Value<size_t>>("", "http.ssl_port", "which ssl port the server should listen on", settings.http.ssl_port, &settings.http.ssl_port); conf.add<Value<size_t>>("", "http.ssl_port", "which ssl port the server should listen on", settings.http.ssl_port, &settings.http.ssl_port);
auto http_ssl_bind_to_address = conf.add<Value<string>>("", "http.ssl_bind_to_address", "ssl address for the server to listen on", auto http_ssl_bind_to_address = conf.add<Value<string>>("", "http.ssl_bind_to_address", "ssl address for the server to listen on",
settings.http.ssl_bind_to_address.front(), &settings.http.ssl_bind_to_address[0]); settings.http.ssl_bind_to_address.front(), &settings.http.ssl_bind_to_address[0]);