From d49dbb7ca4bec0d9a4bc04269f180d5f9599d30a Mon Sep 17 00:00:00 2001 From: Eitaro Fukamachi Date: Sun, 11 Aug 2024 12:57:00 +0000 Subject: [PATCH] Refactor. --- src/ev/tcp.lisp | 10 ---------- src/ssl.lisp | 32 ++++++++++++++++++++++++++++++++ src/woo.lisp | 48 +++++++++++++++++++++++------------------------- woo.asd | 3 ++- 4 files changed, 57 insertions(+), 36 deletions(-) create mode 100644 src/ssl.lisp diff --git a/src/ev/tcp.lisp b/src/ev/tcp.lisp index 5d378df..1b0f34e 100644 --- a/src/ev/tcp.lisp +++ b/src/ev/tcp.lisp @@ -189,16 +189,6 @@ (cffi:foreign-slot-value *dummy-sockaddr* '(:struct wsock:sockaddr-in) 'wsock::port))) (t (values nil nil))))) -(defun make-ssl-handle (client-fd) - (cl+ssl::ensure-initialized) - (cl+ssl::with-new-ssl (handle) - (cl+ssl::install-nonblock-flag client-fd) - (cl+ssl::ssl-set-fd handle client-fd) - (cl+ssl::ssl-set-accept-state handle) - (when cl+ssl:*default-cipher-list* - (cl+ssl::ssl-set-cipher-list handle cl+ssl:*default-cipher-list*)) - handle)) - (define-c-callback tcp-accept-cb :void ((evloop :pointer) (listener :pointer) (events :int)) (declare (ignore evloop events)) (let* ((fd (io-fd listener)) diff --git a/src/ssl.lisp b/src/ssl.lisp new file mode 100644 index 0000000..4034dd0 --- /dev/null +++ b/src/ssl.lisp @@ -0,0 +1,32 @@ +(defpackage woo.ssl + (:use :cl) + (:import-from :cl+ssl + :with-new-ssl + :install-nonblock-flag + :ssl-set-fd + :ssl-set-accept-state + :*default-cipher-list* + :ssl-set-cipher-list + :with-pem-password + :install-key-and-cert) + (:import-from :woo.ev.socket + :socket-fd + :socket-ssl-handle) + (:export :init-ssl-handle)) +(in-package :woo.ssl) + +(defun init-ssl-handle (socket ssl-cert-file ssl-key-file ssl-key-password) + (let ((client-fd (socket-fd socket))) + (with-new-ssl (handle) + (install-nonblock-flag client-fd) + (ssl-set-fd handle client-fd) + (ssl-set-accept-state handle) + (when *default-cipher-list* + (ssl-set-cipher-list handle *default-cipher-list*)) + (setf (socket-ssl-handle socket) handle) + (with-pem-password ((or ssl-key-password "")) + (install-key-and-cert + handle + ssl-key-file + ssl-cert-file)) + socket))) diff --git a/src/woo.lisp b/src/woo.lisp index c0e08d0..5c61888 100644 --- a/src/woo.lisp +++ b/src/woo.lisp @@ -79,16 +79,14 @@ (let ((*app* app) (*debug* debug) - (*listener* nil)) + (*listener* nil) + (ssl (or ssl-key-file ssl-cert-file))) (labels ((start-socket (socket) - (when (and ssl-key-file ssl-cert-file) - (let ((ssl-handle (woo.ev.tcp::make-ssl-handle (woo.ev.socket::socket-fd socket)))) - (setf (woo.ev.socket:socket-ssl-handle socket) ssl-handle) - (cl+ssl::with-pem-password ((or ssl-key-password "")) - (cl+ssl::install-key-and-cert - ssl-handle - ssl-key-file - ssl-cert-file)))) + (when ssl + (woo.ssl:init-ssl-handle socket + ssl-cert-file + ssl-key-file + ssl-key-password)) (setup-parser socket) (woo.ev.tcp:start-listening-socket socket)) (start-multithread-server () @@ -130,22 +128,22 @@ :backlog backlog :fd fd :sockopt wsock:+SO-REUSEADDR+))) - (wev:close-tcp-server *listener*))))) - (main () - (if worker-num - (start-multithread-server) - (start-singlethread-server)))) - (when ssl-key-file - (setf ssl-key-file - (uiop:native-namestring - (or (probe-file ssl-key-file) - (error "SSL private key file '~A' does not exist." ssl-key-file))))) - (when ssl-cert-file - (setf ssl-cert-file - (uiop:native-namestring - (or (probe-file ssl-cert-file) - (error "SSL certificate '~A' does not exist." ssl-cert-file))))) - (main)))) + (wev:close-tcp-server *listener*)))))) + (when ssl + (cl+ssl::ensure-initialized) + (when ssl-key-file + (setf ssl-key-file + (uiop:native-namestring + (or (probe-file ssl-key-file) + (error "SSL private key file '~A' does not exist." ssl-key-file))))) + (when ssl-cert-file + (setf ssl-cert-file + (uiop:native-namestring + (or (probe-file ssl-cert-file) + (error "SSL certificate '~A' does not exist." ssl-cert-file)))))) + (if worker-num + (start-multithread-server) + (start-singlethread-server))))) (defun read-cb (socket data &key (start 0) (end (length data))) (let ((parser (wev:socket-data socket))) diff --git a/woo.asd b/woo.asd index ce50f70..2d1eb72 100644 --- a/woo.asd +++ b/woo.asd @@ -24,7 +24,7 @@ "cl+ssl") :components ((:module "src" :components - ((:file "woo" :depends-on ("ev" "response" "worker" "signal" "specials" "util")) + ((:file "woo" :depends-on ("ev" "response" "worker" "ssl" "signal" "specials" "util")) (:file "response" :depends-on ("ev")) (:file "ev" :depends-on ("ev-packages")) (:file "worker" :depends-on ("ev" "queue" "specials")) @@ -38,6 +38,7 @@ (:file "tcp" :depends-on ("event-loop" "socket" "util" "condition")) (:file "condition") (:file "util"))) + (:file "ssl" :depends-on ("ev-packages")) (:module "llsocket" :depends-on ("syscall") :serial t