OpenSSL support

2017-08-06 22:54:41 +03:00 · 2017-08-06 22:54:41 +03:00 · 0a0a436d73
commit 0a0a436d73
parent eea1edcb89
5 changed files with 183 additions and 36 deletions
--- a/dh2048.pem
+++ b/dh2048.pem
@ -0,0 +1,8 @@
 -----BEGIN DH PARAMETERS-----
 MIIBCAKCAQEArjoon6Luh44PeVx1xPx6cuTzRVXgYoF17KrR6Tqww7b4P+ogrZp1
 wSLci+1RnlrkwWn1rFu0eHAbbSzvHlrmwkS2NRZcU+Zm7uNkPeE/6pzBd5HZnoRM
 yjiOL8DWTyaumdp4srLYLUplO2HVsdOyYh5Z3+GhsiTTVZfYjqyQD7qOaIpgv0Ri
 XMgVgVX8lQAd0IE7DfJyC6R/8CLoVaUIThEMQFJn4GH/ylnjW+kpOajyFeC0tU5F
 yFn40sI8qu/y1rKw8ZRYRnhSsLUmndfgAmfKNn80kFZTaOxHcaqbkRrocAV9QnHy
 6l+ytTbHOoFbCGyBQ/unRxxu9jD1qq/B6wIBAg==
 -----END DH PARAMETERS-----
--- a/main.cpp
+++ b/main.cpp
@ -5,6 +5,8 @@
 #include <array>
 #include <iomanip>
 #include <boost/bind.hpp>
 #define SSL_R_SHORT_READ 219
 #include "ssl/ssl_locl.h"
 #include <boost/asio/ssl.hpp>
@ -75,16 +77,16 @@ std::string ConnectRequestRecord::getRequestData()
-//typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;
+typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;
 class ProxySession :
 	public std::enable_shared_from_this<ProxySession>
 {
 public:
-	ProxySession(boost::asio::ip::tcp::socket socket, boost::asio::io_service& inIoService)
+	ProxySession(std::shared_ptr<ssl_socket> socket, boost::asio::io_service& inIoService)
 		: ioService(inIoService)
-		, socket(std::move(socket))
+		, mSocket(socket)
 		, outsideConnectSocket(ioService)
 	{
 		std::cout << "ProxySession Create" << std::endl;
@ -97,12 +99,56 @@ public:
 	void start()
 	{
-		readClientVersion();
+		asyncHandshake();
 		//readClientVersion();
 	}
 private:
 	ssl_socket& socket()
 	{
 		return *mSocket;
 	}
 	ssl_socket::lowest_layer_type& lowerSocket()
 	{
 		return mSocket->lowest_layer();
 	}
 	void asyncHandshake()
 	{
 		auto self(shared_from_this());
 		socket().async_handshake(boost::asio::ssl::stream_base::server,
 			[this, self](boost::system::error_code ec) {
 			if (!ec)
 			{
 				readClientVersion();
 			}
 			else
 			{
 				lowerSocket().close();
 			}
 		});
 	}
 	/*
 	void handleHandshake(const boost::system::error_code& error)
 	{
 		if (!error)
 		{
 			readClientVersion();
 		}
 		else
 		{
 			lowerSocket().close();
 		}
 	}*/
 	std::array<unsigned char, 3> clientVersion;
@ -110,7 +156,7 @@ private:
 	{
 		auto self(shared_from_this());
-		boost::asio::async_read(socket,
+		boost::asio::async_read(socket(),
 			boost::asio::buffer(clientVersion.data(), clientVersion.size()),
 			[this, self](boost::system::error_code ec, std::size_t /*length*/)
 		{
@ -122,12 +168,12 @@ private:
 				}
 				else
 				{
-					socket.close();
+					lowerSocket().close();
 				}
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 	}
@ -140,7 +186,7 @@ private:
 		std::array<char, 2> version = { 0x05, 0x02 };
-		boost::asio::async_write(socket,
+		boost::asio::async_write(socket(),
 			boost::asio::buffer(version.data(), version.size()),
 			[this, self](boost::system::error_code ec, std::size_t length)
 		{
@ -150,7 +196,7 @@ private:
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 	}
@ -176,7 +222,7 @@ private:
 		auto self(shared_from_this());
-		boost::asio::async_read(socket,
+		boost::asio::async_read(socket(),
 			boost::asio::buffer(&((*clientLoginPasswordPtr)[0]), clientLoginPasswordPtr->size()),
 			[this, self, expectedData, clientLoginPasswordPtr](boost::system::error_code ec, std::size_t /*length*/)
 		{
@ -188,12 +234,12 @@ private:
 				}
 				else
 				{
-					socket.close();
+					lowerSocket().close();
 				}
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
@ -207,7 +253,7 @@ private:
-		boost::asio::async_write(socket,
+		boost::asio::async_write(socket(),
 			boost::asio::buffer(authStatus.data(), authStatus.size()),
 			[this, self](boost::system::error_code ec, std::size_t length)
 		{
@ -218,7 +264,7 @@ private:
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 	}
@ -231,7 +277,7 @@ private:
 		auto self(shared_from_this());
-		boost::asio::async_read(socket,
+		boost::asio::async_read(socket(),
 			boost::asio::buffer(firstPartPtr->data(), firstPartPtr->size()),
 			[this, self, firstPartPtr](boost::system::error_code ec, std::size_t /*length*/)
 		{
@ -247,12 +293,12 @@ private:
 				}
 				else
 				{
-					socket.close();
+					lowerSocket().close();
 				}
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
@ -271,7 +317,7 @@ private:
 		auto self(shared_from_this());
-		boost::asio::async_read(socket,
+		boost::asio::async_read(socket(),
 			boost::asio::buffer(secondPartPtr->data(), secondPartPtr->size()),
 			[this, self, firstPartPtr, secondPartPtr, len](boost::system::error_code ec, std::size_t /*length*/)
 		{
@ -292,7 +338,7 @@ private:
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
@ -312,7 +358,7 @@ private:
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 				outsideConnectSocket.close();
 			}
 		});
@ -335,7 +381,7 @@ private:
 		connectResponse += static_cast<unsigned char>(connectRequestRecord.port % 256);
-		boost::asio::async_write(socket,
+		boost::asio::async_write(socket(),
 			boost::asio::buffer(connectResponse.data(), connectResponse.size()),
 			[this, self](boost::system::error_code ec, std::size_t length)
 		{
@ -347,7 +393,7 @@ private:
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 				outsideConnectSocket.close();
 			}
 		});
@ -362,7 +408,7 @@ private:
 	{
 		auto self(shared_from_this());
-		boost::asio::async_read(socket,
+		boost::asio::async_read(socket(),
 			boost::asio::buffer(&forwardChar, 1),
 			[this, self](boost::system::error_code ec, std::size_t /*length*/)
 		{
@ -380,14 +426,14 @@ private:
 					else
 					{
 						outsideConnectSocket.close();
-						socket.close();
+						lowerSocket().close();
 					}
 				});
 			}
 			else
 			{
 				outsideConnectSocket.close();
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 	}
@ -402,7 +448,7 @@ private:
 		{
 			if (!ec)
 			{
-				boost::asio::async_write(socket,
+				boost::asio::async_write(socket(),
 					boost::asio::buffer(&backwardChar, 1),
 					[this, self](boost::system::error_code ec, std::size_t length)
 				{
@ -414,21 +460,21 @@ private:
 					else
 					{
 						outsideConnectSocket.close();
-						socket.close();
+						lowerSocket().close();
 					}
 				});
 			}
 			else
 			{
 				outsideConnectSocket.close();
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 	}
 	boost::asio::io_service& ioService;
-	boost::asio::ip::tcp::socket socket;
+	std::shared_ptr<ssl_socket> mSocket;
 	boost::asio::ip::tcp::socket outsideConnectSocket;
@ -443,10 +489,11 @@ class ProxyServer
 {
 public:
 	ProxyServer(boost::asio::io_service& inIoService,
-		const boost::asio::ip::tcp::endpoint& endpoint)
+		const boost::asio::ip::tcp::endpoint& endpoint,
 		boost::asio::ssl::context& sslContext)
 		: ioService(inIoService)
-		, acceptor(inIoService, endpoint),
+		, acceptor(inIoService, endpoint)
-		socket(inIoService)
+		, socket(std::make_shared<ssl_socket>(inIoService, sslContext))
 	{
 		doAccept();
 	}
@ -454,12 +501,12 @@ public:
 private:
 	void doAccept()
 	{
-		acceptor.async_accept(socket,
+		acceptor.async_accept(socket->lowest_layer(),
 			[this](boost::system::error_code ec)
 		{
 			if (!ec)
 			{
-				std::make_shared<ProxySession>(std::move(socket), ioService)->start();
+				std::make_shared<ProxySession>(socket, ioService)->start();
 			}
 			counter++;
@ -471,7 +518,7 @@ private:
 	boost::asio::io_service& ioService;
 	boost::asio::ip::tcp::acceptor acceptor;
-	boost::asio::ip::tcp::socket socket;
+	std::shared_ptr<ssl_socket> socket;
 	//std::map<size_t, ProxySession> proxySessionMap;
@ -489,7 +536,26 @@ int main()
 		boost::asio::ip::tcp::endpoint endpoint(boost::asio::ip::tcp::v4(), 8043);
-		ProxyServer proxyServer(ioService, endpoint);
+
 		boost::asio::ssl::context sslContext(boost::asio::ssl::context::sslv23);
 		sslContext.set_options(
 			boost::asio::ssl::context::default_workarounds
 			| boost::asio::ssl::context::no_sslv2
 			| boost::asio::ssl::context::single_dh_use);
 		std::function<std::string(std::size_t, boost::asio::ssl::context_base::password_purpose)> f = [](std::size_t, boost::asio::ssl::context_base::password_purpose) -> std::string { return ""; };
 		sslContext.set_password_callback(f);
 		sslContext.use_certificate_chain_file("server.crt");
 		sslContext.use_private_key_file("server.key", boost::asio::ssl::context::pem);
 		sslContext.use_tmp_dh_file("dh2048.pem");
 		ProxyServer proxyServer(ioService, endpoint, sslContext);
 		ioService.run();
--- a/rootca.crt
+++ b/rootca.crt
@ -0,0 +1,24 @@
 -----BEGIN CERTIFICATE-----
 MIIECTCCAvGgAwIBAgIJAKlzlxSAr1BkMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
 VQQGEwJMVjETMBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UEBwwEUmlnYTEbMBkG
 A1UECgwSRmlzaCBSdW4gR2FtZXMgU0lBMRcwFQYDVQQDDA5mcmctcHJveHktcm9v
 dDEwMC4GCSqGSIb3DQEJARYhdmxhZGlzbGF2Lmtob3JldkBmaXNocnVuZ2FtZXMu
 Y29tMCAXDTE3MDgwNjE4MjgxMFoYDzIwNzIwNTA5MTgyODEwWjCBmTELMAkGA1UE
 BhMCTFYxEzARBgNVBAgMClNvbWUtU3RhdGUxDTALBgNVBAcMBFJpZ2ExGzAZBgNV
 BAoMEkZpc2ggUnVuIEdhbWVzIFNJQTEXMBUGA1UEAwwOZnJnLXByb3h5LXJvb3Qx
 MDAuBgkqhkiG9w0BCQEWIXZsYWRpc2xhdi5raG9yZXZAZmlzaHJ1bmdhbWVzLmNv
 bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM5NIDsckYAgP1zhXwzg
 DHOnFbpQCF0gJVOQK66tgda7o5vbLFqzqW5R6rRieNdlUEtztXrRMjO+1LYBQ+vD
 bT058uwlTgD7xpRtr73kMoPBosZpxRxBKJpp60wOHLyZJqSn16WlgTm8/TTTaF2R
 yFYhHxGM+xkDzgXo0LU0yjHOgsJSlnBHGC6mmbrdzCGY9c7hFcYPawCty+FNIqVW
 eFEWHSOXqAhADxp5KbdrcUK8EmVljRLEGItctiRdq9PWxhHpodEgKiwOUk0bXds/
 ErTw1ozopqSYZD5RgL1DcL3T/bKbGDdqp+blIZN1nsL6hYW4b2gHPTSNrUkBkt5v
 oz0CAwEAAaNQME4wHQYDVR0OBBYEFHhY1354tUtbEk1mMtRcRbgK4LPsMB8GA1Ud
 IwQYMBaAFHhY1354tUtbEk1mMtRcRbgK4LPsMAwGA1UdEwQFMAMBAf8wDQYJKoZI
 hvcNAQELBQADggEBAMEiLatj4IURN1U1779TLRbKf4gIVlopey0xbzSRSosNtAOu
 s+zApVzaDEDdULM7YhkXo+kThp41xCU7xMZZan0XyvTcos1KTjHISf3swJb9L8XT
 S6t/D2bUt+FnjKCyRC3xtheNhoxOwCAQXNvXu5HJ1O87eDxYorQQ5ujAjbToxbTs
 i8xR9HwLe3h36NY22qsX6LRohZufXa3S8YUATW2frDp1q7vArBXuY7o/+UIQxn49
 dTzAqYhEpBJZw7MZB/3BqHPzmZ3jqEsj3HK6rgxwlYEnY6kB6eAhiAtaPVARx538
 6Yz8LsofRoZSVnytmYquxiWB7YJuhEYiIwrpcXo=
 -----END CERTIFICATE-----
--- a/server.crt
+++ b/server.crt
@ -0,0 +1,22 @@
 -----BEGIN CERTIFICATE-----
 MIIDqDCCApACCQCHryODPTrImDANBgkqhkiG9w0BAQsFADCBmTELMAkGA1UEBhMC
 TFYxEzARBgNVBAgMClNvbWUtU3RhdGUxDTALBgNVBAcMBFJpZ2ExGzAZBgNVBAoM
 EkZpc2ggUnVuIEdhbWVzIFNJQTEXMBUGA1UEAwwOZnJnLXByb3h5LXJvb3QxMDAu
 BgkqhkiG9w0BCQEWIXZsYWRpc2xhdi5raG9yZXZAZmlzaHJ1bmdhbWVzLmNvbTAg
 Fw0xNzA4MDYxODI5NDVaGA8yMDcyMDUwOTE4Mjk0NVowgY8xCzAJBgNVBAYTAkxW
 MRMwEQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQHDARSaWdhMRswGQYDVQQKDBJG
 aXNoIFJ1biBHYW1lcyBTSUExDTALBgNVBAMMBHVzZXIxMDAuBgkqhkiG9w0BCQEW
 IXZsYWRpc2xhdi5raG9yZXZAZmlzaHJ1bmdhbWVzLmNvbTCCASIwDQYJKoZIhvcN
 AQEBBQADggEPADCCAQoCggEBAKk5iMe4m8SW9vV/VDePQznIiZ870b5CXrklOzcV
 iI3kFDAsfnk9AR6UALfojCjDFO97DfaKDXOJBH+hkyJVuDQt25unnsG9Sbtr/Uwn
 msdOTv8hr2IPyRnBIJc1MW7zoYaNOZ/etJcAyAYVMsr8/8CoTZi4vhARvgdgXmZd
 bI+wMt13ZObihobuyLrjvRvoc1se/gwN8AkluQBz7h7FFYTda7sBdCw/qAz2/hUT
 zskPLiPwbXWm7iC1eAoQgXy/DZLzXUVVJ94CmkUflsVbjKq3Z9wudYIptMqG9tsO
 mKOhbwi579NbiB1afeSf4cHtDcnH3JM4AgEgcru5Js27pocCAwEAATANBgkqhkiG
 9w0BAQsFAAOCAQEAiRySYyBhpksv1vOvc7eMKcpGh+1wS85PpcwH8uOaBGsqgjxz
 mQZK+tnw/WmL9mlgOY6GqfEpz1VW6gytD3kvlmXrIDUgUGxthVZ7pZhc7lsACkU1
 TN+kZUP1wVeHhYdoAFdCnFQjsm4DEGB8ArXAAteN1onnPC7wUTiDeVDLyhTAYzj9
 9o/4nrP941QgACBt9h+mXAKwUCD8Zr9GhcktlZA+XvF+z6ckV8L6XyepdEvriVT/
 84jEOOdPYmI5/FJRxCriDxmVJubwswDiIezgZ0vo2pdPVftEoTR6/iebu+lUWXFV
 5mqnHTucNTHVWmimiv/de0FHbO/qnwYnQPgaMA==
 -----END CERTIFICATE-----
--- a/server.key
+++ b/server.key
@ -0,0 +1,27 @@
 -----BEGIN RSA PRIVATE KEY-----
 MIIEowIBAAKCAQEAqTmIx7ibxJb29X9UN49DOciJnzvRvkJeuSU7NxWIjeQUMCx+
 eT0BHpQAt+iMKMMU73sN9ooNc4kEf6GTIlW4NC3bm6eewb1Ju2v9TCeax05O/yGv
 Yg/JGcEglzUxbvOhho05n960lwDIBhUyyvz/wKhNmLi+EBG+B2BeZl1sj7Ay3Xdk
 5uKGhu7IuuO9G+hzWx7+DA3wCSW5AHPuHsUVhN1ruwF0LD+oDPb+FRPOyQ8uI/Bt
 dabuILV4ChCBfL8NkvNdRVUn3gKaRR+WxVuMqrdn3C51gim0yob22w6Yo6FvCLnv
 01uIHVp95J/hwe0NycfckzgCASByu7kmzbumhwIDAQABAoIBAEdIOvuWIdc/mCt1
 RS5aJIE0nfP7KLCyGGB49GaRpYHPb0mTlHrRXaVZxquxQ0jwU+NEvG77XAsszj5M
 +0NdREiGgJkilFcbuvE93ea0UBhgPhpuQAhYiedVWLsY5wfLjGC3IGzdTMjGxXr6
 dvjWdYzb2EPangT61EcbKuiHtfEYIhQ26Mdb3tVWPMW/g2KMYCTOFSraNZoSHXLn
 f7gpzP1dY/aoL2FYz7GBV/7W2corA5iYIFe4HVHpppEjnPja6+WZwsTR2rndSvj7
 N9zwdXcpLJr1GJCrta8RiJTlD0kHAKXOMPYTG/pcxwUfLr8ceP5HTh/7624sPsYo
 rnyt7fECgYEA0+RMZ9tYT3i0peaLC12MTyr8X+xzDnHK501Ep+0VnpS0quHwWJ0u
 3ab9EFhM1u8NEFwF6YnXyORq1AMHIU/O+O3rHt6VlF4z625tF6Wu61zQNerCVM/M
 bOqX9yl+ukNW4qx1maSEqhajKhhp69qJ3Cr+2eD+igENuDRqn/2eHtsCgYEAzHOC
 4/xrF4iWlx4MYflENa9miTGxnYDz9rDuhZu9Zqlv55dtv39WEkhKvcFjMx4McvNy
 nu0yKBdpZ75QORfjaAHX0J47+RnDZhiSxh53P7vSy7/jDbUDle44x+H0IWJwoK4b
 ECqvKIh/tibYukFFoSJyBdZQ4U67kaXbsrNKOMUCgYEAoFUhk3ygCBJ37wjRsZnp
 r4YBTbwnG4jzVa5cAw0czNANHTi1mvflHIdc+d821XQxWG2pc5uAElz0kNRxsr0n
 CalNviAC4y+c7cqy9a/C+glS61lmDrLmJowkzTsyz1JhDkgc/FNGp0VV1WZ/z52f
 r19BVDAxqs89SGMxQzqvSP0CgYB2r7PTX+xXXA53qZTsp0Smma0/hZ6jXYHCutGs
 tE1ONJxm6Cxo16YCtP7Wi1ZoDVCSxqrKgc31IiopdHyjuC9maHN9gu4z3HXnZeqG
 opb9Y66qYzmO8n8jYYiK2KvdWYUicg/54Z2PPTZOatyzu0KNmS5yHwkS0p7mnU8d
 vSEgNQKBgC0eq1urDxRl0FbcoLPNaxwVRRyUhcZZc7RRDz8TH0Z2/iVdnsmhBhum
 Z27ZfBfp7HZA4k44sld15ZIw5H2lsFlEz/oHiJgAobGx556WbQwJypvY/Ii3jtap
 sE6umZIoJF90oo33ARRC743Ed46fD1BrIFaJ+BBG3raheA3SONmG
 -----END RSA PRIVATE KEY-----