Blame - src/webserver_main.cpp - openbmc/bmcweb

blob: b89c2a6a212c9b57d46de656f378b64d7f79fe3b [file] [log] [blame]

Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	1	#include "crow/ci_map.h"
Ed Tanous	f927347	2017-02-28 16:05:13 -0800	[diff] [blame]	2	#include "crow/http_parser_merged.h"
				3	#include "crow/query_string.h"
Ed Tanous	f927347	2017-02-28 16:05:13 -0800	[diff] [blame]	4	#include "crow/app.h"
				5	#include "crow/common.h"
				6	#include "crow/dumb_timer_queue.h"
				7	#include "crow/http_connection.h"
				8	#include "crow/http_request.h"
				9	#include "crow/http_response.h"
				10	#include "crow/http_server.h"
				11	#include "crow/json.h"
				12	#include "crow/logging.h"
				13	#include "crow/middleware.h"
				14	#include "crow/middleware_context.h"
				15	#include "crow/mustache.h"
				16	#include "crow/parser.h"
				17	#include "crow/routing.h"
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	18	#include "crow/settings.h"
				19	#include "crow/socket_adaptors.h"
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	20	#include "crow/utility.h"
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	21	#include "crow/websocket.h"
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	22
Ed Tanous	5f34a9c	2017-02-28 12:35:13 -0800	[diff] [blame]	23	#include "color_cout_g3_sink.hpp"
Ed Tanous	f927347	2017-02-28 16:05:13 -0800	[diff] [blame]	24	#include "token_authorization_middleware.hpp"
Ed Tanous	9992332	2017-03-03 14:21:24 -0800	[diff] [blame]	25	#include "webassets.hpp"
Ed Tanous	f927347	2017-02-28 16:05:13 -0800	[diff] [blame]	26
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	27	#include <iostream>
				28	#include <string>
Ed Tanous	f927347	2017-02-28 16:05:13 -0800	[diff] [blame]	29	#include "ssl_key_handler.hpp"
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	30
Ed Tanous	904063f	2017-03-02 16:48:24 -0800	[diff] [blame]	31	#include <webassets.hpp>
				32
Ed Tanous	9b65f1f	2017-03-07 15:17:13 -0800	[diff] [blame^]	33	crow::ssl_context_t get_ssl_context(std::string ssl_pem_file){
				34	crow::ssl_context_t m_ssl_context{boost::asio::ssl::context::sslv23};
				35	m_ssl_context.set_options(boost::asio::ssl::context::default_workarounds \| boost::asio::ssl::context::no_sslv2 \| boost::asio::ssl::context::no_sslv3 \|
				36	boost::asio::ssl::context::single_dh_use \| boost::asio::ssl::context::no_tlsv1 \| boost::asio::ssl::context::no_tlsv1_1);
				37
				38	// m_ssl_context.set_verify_mode(boost::asio::ssl::verify_peer);
				39	m_ssl_context.use_certificate_file(ssl_pem_file, boost::asio::ssl::context::pem);
				40	m_ssl_context.use_private_key_file(ssl_pem_file, boost::asio::ssl::context::pem);
				41
				42	// Set up EC curves to auto (boost asio doesn't have a method for this)
				43	// There is a pull request to add this. Once this is included in an asio drop, use the right way
				44	// http://stackoverflow.com/questions/18929049/boost-asio-with-ecdsa-certificate-issue
				45	if (SSL_CTX_set_ecdh_auto(m_ssl_context.native_handle(), 1) != 1) {
				46	CROW_LOG_ERROR << "Error setting tmp ecdh list\n";
				47	}
				48
				49	// From mozilla "compatibility"
				50	std::string ciphers =
				51	//"ECDHE-ECDSA-CHACHA20-POLY1305:"
				52	//"ECDHE-RSA-CHACHA20-POLY1305:"
				53	//"ECDHE-ECDSA-AES128-GCM-SHA256:"
				54	//"ECDHE-RSA-AES128-GCM-SHA256:"
				55	//"ECDHE-ECDSA-AES256-GCM-SHA384:"
				56	//"ECDHE-RSA-AES256-GCM-SHA384:"
				57	//"DHE-RSA-AES128-GCM-SHA256:"
				58	//"DHE-RSA-AES256-GCM-SHA384:"
				59	//"ECDHE-ECDSA-AES128-SHA256:"
				60	//"ECDHE-RSA-AES128-SHA256:"
				61	//"ECDHE-ECDSA-AES128-SHA:"
				62	//"ECDHE-RSA-AES256-SHA384:"
				63	//"ECDHE-RSA-AES128-SHA:"
				64	//"ECDHE-ECDSA-AES256-SHA384:"
				65	//"ECDHE-ECDSA-AES256-SHA:"
				66	//"ECDHE-RSA-AES256-SHA:"
				67	//"DHE-RSA-AES128-SHA256:"
				68	//"DHE-RSA-AES128-SHA:"
				69	//"DHE-RSA-AES256-SHA256:"
				70	//"DHE-RSA-AES256-SHA:"
				71	//"ECDHE-ECDSA-DES-CBC3-SHA:"
				72	//"ECDHE-RSA-DES-CBC3-SHA:"
				73	//"EDH-RSA-DES-CBC3-SHA:"
				74	"AES128-GCM-SHA256:"
				75	"AES256-GCM-SHA384:"
				76	"AES128-SHA256:"
				77	"AES256-SHA256:"
				78	"AES128-SHA:"
				79	"AES256-SHA:"
				80	"DES-CBC3-SHA:"
				81	"!DSS";
				82
				83	// From mozilla "modern"
				84	std::string modern_ciphers =
				85	"ECDHE-ECDSA-AES256-GCM-SHA384:"
				86	"ECDHE-RSA-AES256-GCM-SHA384:"
				87	"ECDHE-ECDSA-CHACHA20-POLY1305:"
				88	"ECDHE-RSA-CHACHA20-POLY1305:"
				89	"ECDHE-ECDSA-AES128-GCM-SHA256:"
				90	"ECDHE-RSA-AES128-GCM-SHA256:"
				91	"ECDHE-ECDSA-AES256-SHA384:"
				92	"ECDHE-RSA-AES256-SHA384:"
				93	"ECDHE-ECDSA-AES128-SHA256:"
				94	"ECDHE-RSA-AES128-SHA256";
				95
				96	if (SSL_CTX_set_cipher_list(m_ssl_context.native_handle(), ciphers.c_str()) != 1) {
				97	CROW_LOG_ERROR << "Error setting cipher list\n";
				98	}
				99	return m_ssl_context;
				100	}
				101
				102
Ed Tanous	9992332	2017-03-03 14:21:24 -0800	[diff] [blame]	103	int main(int argc, char** argv) {
Ed Tanous	9b65f1f	2017-03-07 15:17:13 -0800	[diff] [blame^]	104	auto worker(g3::LogWorker::createLogWorker());
				105
				106	//TODO rotating logger isn't working super well
				107	//auto logger = worker->addSink(std::make_unique<LogRotate>("webserverlog", "/tmp/"),
				108	// &LogRotate::save);
				109
Ed Tanous	9992332	2017-03-03 14:21:24 -0800	[diff] [blame]	110	auto handle = worker->addDefaultLogger(argv[0], "/tmp/");
				111	g3::initializeLogging(worker.get());
Ed Tanous	9992332	2017-03-03 14:21:24 -0800	[diff] [blame]	112	auto sink_handle = worker->addSink(std::make_unique<crow::ColorCoutSink>(), &crow::ColorCoutSink::ReceiveLogMessage);
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	113
Ed Tanous	9992332	2017-03-03 14:21:24 -0800	[diff] [blame]	114	std::string ssl_pem_file("server.pem");
				115	ensuressl::ensure_openssl_key_present_and_valid(ssl_pem_file);
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	116
Ed Tanous	9b65f1f	2017-03-07 15:17:13 -0800	[diff] [blame^]	117	//crow::App<crow::TokenAuthorizationMiddleware> app;
Ed Tanous	9992332	2017-03-03 14:21:24 -0800	[diff] [blame]	118	crow::App<crow::TokenAuthorizationMiddleware> app;
Ed Tanous	9992332	2017-03-03 14:21:24 -0800	[diff] [blame]	119	crow::webassets::request_routes(app);
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	120
Ed Tanous	9b65f1f	2017-03-07 15:17:13 -0800	[diff] [blame^]	121	crow::logger::setLogLevel(crow::LogLevel::INFO);
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	122
Ed Tanous	9b65f1f	2017-03-07 15:17:13 -0800	[diff] [blame^]	123	auto rules = app.get_rules();
				124	for (auto& rule : rules) {
				125	LOG(DEBUG) << "Static route: " << rule;
				126	}
				127
				128	CROW_ROUTE(app, "/routes")
				129	([&app]() {
				130	crow::json::wvalue routes;
				131
				132	routes["routes"] = app.get_rules();
				133	return routes;
				134	});
				135
				136	app.port(18080).ssl(std::move(get_ssl_context(ssl_pem_file))).run();
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	137	}