Server.cpp File Reference

#include <folly/init/Init.h>
#include <folly/io/async/AsyncSSLSocket.h>
#include <folly/portability/GFlags.h>
#include <folly/ssl/Init.h>
#include <wangle/acceptor/Acceptor.h>
#include <wangle/bootstrap/ServerBootstrap.h>
#include <wangle/channel/AsyncSocketHandler.h>
#include <wangle/codec/LineBasedFrameDecoder.h>
#include <wangle/codec/StringCodec.h>
#include <wangle/ssl/TLSCredProcessor.h>

Go to the source code of this file.

Typedefs
typedef Pipeline< IOBufQueue &, std::string >	EchoPipeline

Functions
	DEFINE_string (cert_path,"","Path to cert pem")
	DEFINE_string (key_path,"","Path to cert key")
	DEFINE_string (ca_path,"","Path to trusted CA file")
	DEFINE_int32 (port, 8080,"Listen port")
	DEFINE_string (tickets_path,"","Path for ticket seeds")
	DEFINE_uint32 (num_workers, 2,"Number of worker threads")
int	main (int argc, char **argv)

Typedef Documentation

typedef Pipeline<IOBufQueue&, std::string> EchoPipeline

Definition at line 46 of file Server.cpp.

Function Documentation

DEFINE_int32	(	port	,
		8080	,
		"Listen port"
	)

DEFINE_string	(	cert_path	,
		""	,
		"Path to cert pem"
	)

DEFINE_string	(	key_path	,
		""	,
		"Path to cert key"
	)

DEFINE_string	(	ca_path	,
		""	,
		"Path to trusted CA file"
	)

DEFINE_string	(	tickets_path	,
		""	,
		"Path for ticket seeds"
	)

DEFINE_uint32	(	num_workers	,
		2	,
		"Number of worker threads"
	)

int main	(	int	argc,
		char **	argv
	)

Definition at line 117 of file Server.cpp.

References wangle::ServerBootstrap< Pipeline >::acceptorConfig(), wangle::SSLContextConfig::addCertificate(), wangle::ServerSocketConfig::allowInsecureConnectionsOnSecureServer, wangle::ServerBootstrap< Pipeline >::bind(), wangle::ServerBootstrap< Pipeline >::childPipeline(), wangle::SSLContextConfig::clientCAFile, wangle::ServerBootstrap< Pipeline >::group(), folly::ssl::init(), bm::init(), wangle::ServerSocketConfig::initialTicketSeeds, wangle::SSLContextConfig::isDefault, folly::gen::move, wangle::TLSCredProcessor::processTLSTickets(), wangle::TLSCredProcessor::setCertPathsToWatch(), wangle::TLSCredProcessor::setTicketPathToWatch(), wangle::ServerSocketConfig::sslContextConfigs, and wangle::ServerBootstrap< Pipeline >::waitForStop().

                                {
  folly::Init init(&argc, &argv);
  folly::ssl::init();

  ServerSocketConfig cfg;
  folly::Optional<TLSTicketKeySeeds> seeds;

  ServerBootstrap<EchoPipeline> sb;
  TLSCredProcessor processor;

  if (!FLAGS_tickets_path.empty()) {
    seeds = TLSCredProcessor::processTLSTickets(FLAGS_tickets_path);
    if (seeds) {
      cfg.initialTicketSeeds = *seeds;
      // watch for changes
      processor.setTicketPathToWatch(FLAGS_tickets_path);
    }
  }

  if (!FLAGS_cert_path.empty() && !FLAGS_key_path.empty()) {
    VLOG(0) << "Configuring SSL";
    SSLContextConfig sslCfg;
    sslCfg.addCertificate(FLAGS_cert_path, FLAGS_key_path, "");
    sslCfg.clientCAFile = FLAGS_ca_path;
    sslCfg.isDefault = true;
    cfg.sslContextConfigs.push_back(sslCfg);
    // IMPORTANT: when allowing both plaintext and ssl on the same port,
    // the acceptor requires 9 bytes of data to determine what kind of
    // connection is coming in.  If the client does not send 9 bytes the
    // connection will idle out before the EchoCallback receives data.
    cfg.allowInsecureConnectionsOnSecureServer = true;

    // reload ssl contexts when certs change
    std::set<std::string> pathsToWatch { FLAGS_cert_path, FLAGS_key_path };
    if (!FLAGS_ca_path.empty()) {
      pathsToWatch.insert(FLAGS_ca_path);
    }
    processor.setCertPathsToWatch(std::move(pathsToWatch));
  }

  initCredProcessorCallbacks(sb, processor);

  // workers
  auto workers =
      std::make_shared<folly::IOThreadPoolExecutor>(FLAGS_num_workers);

  // create a server
  sb.acceptorConfig(cfg);
  sb.childPipeline(std::make_shared<EchoPipelineFactory>());
  sb.group(workers);

  sb.bind(FLAGS_port);
  sb.waitForStop();
  return 0;
}