From 21c590ad67bb00cf29c23b85666301359fb0e6e0 Mon Sep 17 00:00:00 2001
From: zhaomingwork <61895407+zhaomingwork@users.noreply.github.com>
Date: 星期四, 25 五月 2023 15:24:10 +0800
Subject: [PATCH] add ssl support for cpp websocket (#553)

---
 funasr/runtime/websocket/websocketsrv.h |   76 ++++++++++++++++++++++++++++---------
 1 files changed, 57 insertions(+), 19 deletions(-)

diff --git a/funasr/runtime/websocket/websocketsrv.h b/funasr/runtime/websocket/websocketsrv.h
index 82d717e..3cb8816 100644
--- a/funasr/runtime/websocket/websocketsrv.h
+++ b/funasr/runtime/websocket/websocketsrv.h
@@ -25,7 +25,7 @@
 #include <fstream>
 #include <functional>
 #include <websocketpp/common/thread.hpp>
-#include <websocketpp/config/asio_no_tls.hpp>
+#include <websocketpp/config/asio.hpp>
 #include <websocketpp/server.hpp>
 
 #include "asio.hpp"
@@ -34,12 +34,16 @@
 #include "nlohmann/json.hpp"
 #include "tclap/CmdLine.h"
 typedef websocketpp::server<websocketpp::config::asio> server;
+typedef websocketpp::server<websocketpp::config::asio_tls> wss_server;
 typedef server::message_ptr message_ptr;
 using websocketpp::lib::bind;
 using websocketpp::lib::placeholders::_1;
 using websocketpp::lib::placeholders::_2;
+
 typedef websocketpp::lib::lock_guard<websocketpp::lib::mutex> scoped_lock;
 typedef websocketpp::lib::unique_lock<websocketpp::lib::mutex> unique_lock;
+typedef websocketpp::lib::shared_ptr<websocketpp::lib::asio::ssl::context>
+    context_ptr;
 
 typedef struct {
   std::string msg;
@@ -51,25 +55,55 @@
   std::shared_ptr<std::vector<char>> samples;
 } FUNASR_MESSAGE;
 
+// See https://wiki.mozilla.org/Security/Server_Side_TLS for more details about
+// the TLS modes. The code below demonstrates how to implement both the modern
+enum tls_mode { MOZILLA_INTERMEDIATE = 1, MOZILLA_MODERN = 2 };
 class WebSocketServer {
  public:
-  WebSocketServer(asio::io_context& io_decoder, server* server_)
-      : io_decoder_(io_decoder), server_(server_) {
-    // set message handle
-    server_->set_message_handler(
-        [this](websocketpp::connection_hdl hdl, message_ptr msg) {
-          on_message(hdl, msg);
-        });
-    // set open handle
-    server_->set_open_handler(
-        [this](websocketpp::connection_hdl hdl) { on_open(hdl); });
-    // set close handle
-    server_->set_close_handler(
-        [this](websocketpp::connection_hdl hdl) { on_close(hdl); });
-    // begin accept
-    server_->start_accept();
-    // not print log
-    server_->clear_access_channels(websocketpp::log::alevel::all);
+  WebSocketServer(asio::io_context& io_decoder, bool is_ssl, server* server,
+                  wss_server* wss_server, std::string& s_certfile,
+                  std::string& s_keyfile)
+      : io_decoder_(io_decoder),
+        is_ssl(is_ssl),
+        server_(server),
+        wss_server_(wss_server) {
+    if (is_ssl) {
+      std::cout << "certfile path is " << s_certfile << std::endl;
+      wss_server->set_tls_init_handler(
+          bind<context_ptr>(&WebSocketServer::on_tls_init, this,
+                            MOZILLA_INTERMEDIATE, ::_1, s_certfile, s_keyfile));
+      wss_server_->set_message_handler(
+          [this](websocketpp::connection_hdl hdl, message_ptr msg) {
+            on_message(hdl, msg);
+          });
+      // set open handle
+      wss_server_->set_open_handler(
+          [this](websocketpp::connection_hdl hdl) { on_open(hdl); });
+      // set close handle
+      wss_server_->set_close_handler(
+          [this](websocketpp::connection_hdl hdl) { on_close(hdl); });
+      // begin accept
+      wss_server_->start_accept();
+      // not print log
+      wss_server_->clear_access_channels(websocketpp::log::alevel::all);
+
+    } else {
+      // set message handle
+      server_->set_message_handler(
+          [this](websocketpp::connection_hdl hdl, message_ptr msg) {
+            on_message(hdl, msg);
+          });
+      // set open handle
+      server_->set_open_handler(
+          [this](websocketpp::connection_hdl hdl) { on_open(hdl); });
+      // set close handle
+      server_->set_close_handler(
+          [this](websocketpp::connection_hdl hdl) { on_close(hdl); });
+      // begin accept
+      server_->start_accept();
+      // not print log
+      server_->clear_access_channels(websocketpp::log::alevel::all);
+    }
   }
   void do_decoder(const std::vector<char>& buffer,
                   websocketpp::connection_hdl& hdl, const nlohmann::json& msg);
@@ -78,6 +112,8 @@
   void on_message(websocketpp::connection_hdl hdl, message_ptr msg);
   void on_open(websocketpp::connection_hdl hdl);
   void on_close(websocketpp::connection_hdl hdl);
+  context_ptr on_tls_init(tls_mode mode, websocketpp::connection_hdl hdl,
+                          std::string& s_certfile, std::string& s_keyfile);
 
  private:
   void check_and_clean_connection();
@@ -85,7 +121,9 @@
   // std::ofstream fout;
   FUNASR_HANDLE asr_hanlde;  // asr engine handle
   bool isonline = false;  // online or offline engine, now only support offline
-  server* server_;        // websocket server
+  bool is_ssl = true;
+  server* server_;          // websocket server
+  wss_server* wss_server_;  // websocket server
 
   // use map to keep the received samples data from one connection in offline
   // engine. if for online engline, a data struct is needed(TODO)

--
Gitblit v1.9.1