ServerSocketConfig.h

Go to the documentation of this file.

/*
 * Copyright 2017-present Facebook, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
#pragma once


#include <wangle/ssl/SSLCacheOptions.h>
#include <wangle/ssl/SSLContextConfig.h>
#include <wangle/ssl/TLSTicketKeySeeds.h>
#include <wangle/ssl/SSLUtil.h>
#include <wangle/acceptor/FizzConfig.h>
#include <wangle/acceptor/SocketOptions.h>

#include <boost/optional.hpp>
#include <chrono>
#include <fcntl.h>
#include <folly/Random.h>
#include <folly/SocketAddress.h>
#include <folly/String.h>
#include <folly/io/async/AsyncSocket.h>
#include <folly/io/async/SSLContext.h>
#include <list>
#include <string>
#include <sys/stat.h>
#include <sys/types.h>

namespace wangle {

struct ServerSocketConfig {
  ServerSocketConfig() {
    // generate a single random current seed
    uint8_t seed[32];
    folly::Random::secureRandom(seed, sizeof(seed));
    initialTicketSeeds.currentSeeds.push_back(
      SSLUtil::hexlify(std::string((char *)seed, sizeof(seed))));
  }

  bool isSSL() const { return !(sslContextConfigs.empty()); }

  void setSocketOptions(
    const folly::AsyncSocket::OptionMap& opts) {
    socketOptions_ = filterIPSocketOptions(opts, bindAddress.getFamily());
  }
  folly::AsyncSocket::OptionMap&
  getSocketOptions() {
    return socketOptions_;
  }
  const folly::AsyncSocket::OptionMap&
  getSocketOptions() const {
    return socketOptions_;
  }

  bool hasExternalPrivateKey() const {
    for (const auto& cfg : sslContextConfigs) {
      if (!cfg.isLocalPrivateKey) {
        return true;
      }
    }
    return false;
  }

  std::string name;

  uint32_t acceptBacklog{1024};

  uint32_t maxNumPendingConnectionsPerWorker{1024};

  std::chrono::milliseconds connectionIdleTimeout{600000};

  std::chrono::milliseconds sslHandshakeTimeout{60000};

  folly::SocketAddress bindAddress;

  SSLCacheOptions sslCacheOptions{std::chrono::seconds(0), 20480, 200};

  bool allowInsecureConnectionsOnSecureServer{false};

  TLSTicketKeySeeds initialTicketSeeds;

  std::vector<SSLContextConfig> sslContextConfigs;

  bool strictSSL{true};

  uint32_t maxConcurrentSSLHandshakes{30720};

  bool enableTCPFastOpen{false};

  uint32_t fastOpenQueueSize{100};

  FizzConfig fizzConfig;

 private:
  folly::AsyncSocket::OptionMap socketOptions_;
};

} // namespace wangle