2 // Copyright (c) 2016-2019 Vinnie Falco (vinnie dot falco at gmail dot com)
4 // Distributed under the Boost Software License, Version 1.0. (See accompanying
5 // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
7 // Official repository: https://github.com/boostorg/beast
10 //------------------------------------------------------------------------------
12 // Example: HTTP flex server (plain and SSL), asynchronous
14 //------------------------------------------------------------------------------
16 #include "example/common/server_certificate.hpp"
18 #include <boost/beast/core.hpp>
19 #include <boost/beast/http.hpp>
20 #include <boost/beast/ssl.hpp>
21 #include <boost/beast/version.hpp>
22 #include <boost/asio/dispatch.hpp>
23 #include <boost/asio/strand.hpp>
24 #include <boost/config.hpp>
33 namespace beast
= boost::beast
; // from <boost/beast.hpp>
34 namespace http
= beast::http
; // from <boost/beast/http.hpp>
35 namespace net
= boost::asio
; // from <boost/asio.hpp>
36 namespace ssl
= boost::asio::ssl
; // from <boost/asio/ssl.hpp>
37 using tcp
= boost::asio::ip::tcp
; // from <boost/asio/ip/tcp.hpp>
39 // Return a reasonable mime type based on the extension of a file.
41 mime_type(beast::string_view path
)
44 auto const ext
= [&path
]
46 auto const pos
= path
.rfind(".");
47 if(pos
== beast::string_view::npos
)
48 return beast::string_view
{};
49 return path
.substr(pos
);
51 if(iequals(ext
, ".htm")) return "text/html";
52 if(iequals(ext
, ".html")) return "text/html";
53 if(iequals(ext
, ".php")) return "text/html";
54 if(iequals(ext
, ".css")) return "text/css";
55 if(iequals(ext
, ".txt")) return "text/plain";
56 if(iequals(ext
, ".js")) return "application/javascript";
57 if(iequals(ext
, ".json")) return "application/json";
58 if(iequals(ext
, ".xml")) return "application/xml";
59 if(iequals(ext
, ".swf")) return "application/x-shockwave-flash";
60 if(iequals(ext
, ".flv")) return "video/x-flv";
61 if(iequals(ext
, ".png")) return "image/png";
62 if(iequals(ext
, ".jpe")) return "image/jpeg";
63 if(iequals(ext
, ".jpeg")) return "image/jpeg";
64 if(iequals(ext
, ".jpg")) return "image/jpeg";
65 if(iequals(ext
, ".gif")) return "image/gif";
66 if(iequals(ext
, ".bmp")) return "image/bmp";
67 if(iequals(ext
, ".ico")) return "image/vnd.microsoft.icon";
68 if(iequals(ext
, ".tiff")) return "image/tiff";
69 if(iequals(ext
, ".tif")) return "image/tiff";
70 if(iequals(ext
, ".svg")) return "image/svg+xml";
71 if(iequals(ext
, ".svgz")) return "image/svg+xml";
72 return "application/text";
75 // Append an HTTP rel-path to a local filesystem path.
76 // The returned path is normalized for the platform.
79 beast::string_view base
,
80 beast::string_view path
)
83 return std::string(path
);
84 std::string
result(base
);
86 char constexpr path_separator
= '\\';
87 if(result
.back() == path_separator
)
88 result
.resize(result
.size() - 1);
89 result
.append(path
.data(), path
.size());
94 char constexpr path_separator
= '/';
95 if(result
.back() == path_separator
)
96 result
.resize(result
.size() - 1);
97 result
.append(path
.data(), path
.size());
102 // This function produces an HTTP response for the given
103 // request. The type of the response object depends on the
104 // contents of the request, so the interface requires the
105 // caller to pass a generic lambda for receiving the response.
107 class Body
, class Allocator
,
111 beast::string_view doc_root
,
112 http::request
<Body
, http::basic_fields
<Allocator
>>&& req
,
115 // Returns a bad request response
116 auto const bad_request
=
117 [&req
](beast::string_view why
)
119 http::response
<http::string_body
> res
{http::status::bad_request
, req
.version()};
120 res
.set(http::field::server
, BOOST_BEAST_VERSION_STRING
);
121 res
.set(http::field::content_type
, "text/html");
122 res
.keep_alive(req
.keep_alive());
123 res
.body() = std::string(why
);
124 res
.prepare_payload();
128 // Returns a not found response
129 auto const not_found
=
130 [&req
](beast::string_view target
)
132 http::response
<http::string_body
> res
{http::status::not_found
, req
.version()};
133 res
.set(http::field::server
, BOOST_BEAST_VERSION_STRING
);
134 res
.set(http::field::content_type
, "text/html");
135 res
.keep_alive(req
.keep_alive());
136 res
.body() = "The resource '" + std::string(target
) + "' was not found.";
137 res
.prepare_payload();
141 // Returns a server error response
142 auto const server_error
=
143 [&req
](beast::string_view what
)
145 http::response
<http::string_body
> res
{http::status::internal_server_error
, req
.version()};
146 res
.set(http::field::server
, BOOST_BEAST_VERSION_STRING
);
147 res
.set(http::field::content_type
, "text/html");
148 res
.keep_alive(req
.keep_alive());
149 res
.body() = "An error occurred: '" + std::string(what
) + "'";
150 res
.prepare_payload();
154 // Make sure we can handle the method
155 if( req
.method() != http::verb::get
&&
156 req
.method() != http::verb::head
)
157 return send(bad_request("Unknown HTTP-method"));
159 // Request path must be absolute and not contain "..".
160 if( req
.target().empty() ||
161 req
.target()[0] != '/' ||
162 req
.target().find("..") != beast::string_view::npos
)
163 return send(bad_request("Illegal request-target"));
165 // Build the path to the requested file
166 std::string path
= path_cat(doc_root
, req
.target());
167 if(req
.target().back() == '/')
168 path
.append("index.html");
170 // Attempt to open the file
171 beast::error_code ec
;
172 http::file_body::value_type body
;
173 body
.open(path
.c_str(), beast::file_mode::scan
, ec
);
175 // Handle the case where the file doesn't exist
176 if(ec
== beast::errc::no_such_file_or_directory
)
177 return send(not_found(req
.target()));
179 // Handle an unknown error
181 return send(server_error(ec
.message()));
183 // Cache the size since we need it after the move
184 auto const size
= body
.size();
186 // Respond to HEAD request
187 if(req
.method() == http::verb::head
)
189 http::response
<http::empty_body
> res
{http::status::ok
, req
.version()};
190 res
.set(http::field::server
, BOOST_BEAST_VERSION_STRING
);
191 res
.set(http::field::content_type
, mime_type(path
));
192 res
.content_length(size
);
193 res
.keep_alive(req
.keep_alive());
194 return send(std::move(res
));
197 // Respond to GET request
198 http::response
<http::file_body
> res
{
199 std::piecewise_construct
,
200 std::make_tuple(std::move(body
)),
201 std::make_tuple(http::status::ok
, req
.version())};
202 res
.set(http::field::server
, BOOST_BEAST_VERSION_STRING
);
203 res
.set(http::field::content_type
, mime_type(path
));
204 res
.content_length(size
);
205 res
.keep_alive(req
.keep_alive());
206 return send(std::move(res
));
209 //------------------------------------------------------------------------------
213 fail(beast::error_code ec
, char const* what
)
215 // ssl::error::stream_truncated, also known as an SSL "short read",
216 // indicates the peer closed the connection without performing the
217 // required closing handshake (for example, Google does this to
218 // improve performance). Generally this can be a security issue,
219 // but if your communication protocol is self-terminated (as
220 // it is with both HTTP and WebSocket) then you may simply
221 // ignore the lack of close_notify.
223 // https://github.com/boostorg/beast/issues/38
225 // https://security.stackexchange.com/questions/91435/how-to-handle-a-malicious-ssl-tls-shutdown
227 // When a short read would cut off the end of an HTTP message,
228 // Beast returns the error beast::http::error::partial_message.
229 // Therefore, if we see a short read here, it has occurred
230 // after the message has been completed, so it is safe to ignore it.
232 if(ec
== net::ssl::error::stream_truncated
)
235 std::cerr
<< what
<< ": " << ec
.message() << "\n";
238 // Handles an HTTP server connection.
239 // This uses the Curiously Recurring Template Pattern so that
240 // the same code works with both SSL streams and regular sockets.
241 template<class Derived
>
244 // Access the derived class, this is part of
245 // the Curiously Recurring Template Pattern idiom.
249 return static_cast<Derived
&>(*this);
252 // This is the C++11 equivalent of a generic lambda.
253 // The function object is used to send an HTTP message.
259 send_lambda(session
& self
)
264 template<bool isRequest
, class Body
, class Fields
>
266 operator()(http::message
<isRequest
, Body
, Fields
>&& msg
) const
268 // The lifetime of the message has to extend
269 // for the duration of the async operation so
270 // we use a shared_ptr to manage it.
271 auto sp
= std::make_shared
<
272 http::message
<isRequest
, Body
, Fields
>>(std::move(msg
));
274 // Store a type-erased version of the shared
275 // pointer in the class to keep it alive.
278 // Write the response
280 self_
.derived().stream(),
282 beast::bind_front_handler(
284 self_
.derived().shared_from_this(),
289 std::shared_ptr
<std::string
const> doc_root_
;
290 http::request
<http::string_body
> req_
;
291 std::shared_ptr
<void> res_
;
295 beast::flat_buffer buffer_
;
298 // Take ownership of the buffer
300 beast::flat_buffer buffer
,
301 std::shared_ptr
<std::string
const> const& doc_root
)
302 : doc_root_(doc_root
)
304 , buffer_(std::move(buffer
))
312 beast::get_lowest_layer(
313 derived().stream()).expires_after(std::chrono::seconds(30));
320 beast::bind_front_handler(
322 derived().shared_from_this()));
327 beast::error_code ec
,
328 std::size_t bytes_transferred
)
330 boost::ignore_unused(bytes_transferred
);
332 // This means they closed the connection
333 if(ec
== http::error::end_of_stream
)
334 return derived().do_eof();
337 return fail(ec
, "read");
340 handle_request(*doc_root_
, std::move(req_
), lambda_
);
346 beast::error_code ec
,
347 std::size_t bytes_transferred
)
349 boost::ignore_unused(bytes_transferred
);
352 return fail(ec
, "write");
356 // This means we should close the connection, usually because
357 // the response indicated the "Connection: close" semantic.
358 return derived().do_eof();
361 // We're done with the response so delete it
364 // Read another request
369 // Handles a plain HTTP connection
371 : public session
<plain_session
>
372 , public std::enable_shared_from_this
<plain_session
>
374 beast::tcp_stream stream_
;
377 // Create the session
379 tcp::socket
&& socket
,
380 beast::flat_buffer buffer
,
381 std::shared_ptr
<std::string
const> const& doc_root
)
382 : session
<plain_session
>(
385 , stream_(std::move(socket
))
389 // Called by the base class
396 // Start the asynchronous operation
400 // We need to be executing within a strand to perform async operations
401 // on the I/O objects in this session. Although not strictly necessary
402 // for single-threaded contexts, this example code is written to be
403 // thread-safe by default.
404 net::dispatch(stream_
.get_executor(),
405 beast::bind_front_handler(
407 shared_from_this()));
413 // Send a TCP shutdown
414 beast::error_code ec
;
415 stream_
.socket().shutdown(tcp::socket::shutdown_send
, ec
);
417 // At this point the connection is closed gracefully
421 // Handles an SSL HTTP connection
423 : public session
<ssl_session
>
424 , public std::enable_shared_from_this
<ssl_session
>
426 beast::ssl_stream
<beast::tcp_stream
> stream_
;
429 // Create the session
431 tcp::socket
&& socket
,
433 beast::flat_buffer buffer
,
434 std::shared_ptr
<std::string
const> const& doc_root
)
435 : session
<ssl_session
>(
438 , stream_(std::move(socket
), ctx
)
442 // Called by the base class
443 beast::ssl_stream
<beast::tcp_stream
>&
449 // Start the asynchronous operation
453 auto self
= shared_from_this();
454 // We need to be executing within a strand to perform async operations
455 // on the I/O objects in this session.
456 net::dispatch(stream_
.get_executor(), [self
]() {
458 beast::get_lowest_layer(self
->stream_
).expires_after(
459 std::chrono::seconds(30));
461 // Perform the SSL handshake
462 // Note, this is the buffered version of the handshake.
463 self
->stream_
.async_handshake(
464 ssl::stream_base::server
,
465 self
->buffer_
.data(),
466 beast::bind_front_handler(
467 &ssl_session::on_handshake
,
474 beast::error_code ec
,
475 std::size_t bytes_used
)
478 return fail(ec
, "handshake");
480 // Consume the portion of the buffer used by the handshake
481 buffer_
.consume(bytes_used
);
490 beast::get_lowest_layer(stream_
).expires_after(std::chrono::seconds(30));
492 // Perform the SSL shutdown
493 stream_
.async_shutdown(
494 beast::bind_front_handler(
495 &ssl_session::on_shutdown
,
496 shared_from_this()));
500 on_shutdown(beast::error_code ec
)
503 return fail(ec
, "shutdown");
505 // At this point the connection is closed gracefully
509 //------------------------------------------------------------------------------
511 // Detects SSL handshakes
512 class detect_session
: public std::enable_shared_from_this
<detect_session
>
514 beast::tcp_stream stream_
;
516 std::shared_ptr
<std::string
const> doc_root_
;
517 beast::flat_buffer buffer_
;
521 tcp::socket
&& socket
,
523 std::shared_ptr
<std::string
const> const& doc_root
)
524 : stream_(std::move(socket
))
526 , doc_root_(doc_root
)
530 // Launch the detector
535 beast::get_lowest_layer(stream_
).expires_after(std::chrono::seconds(30));
537 // Detect a TLS handshake
541 beast::bind_front_handler(
542 &detect_session::on_detect
,
543 shared_from_this()));
547 on_detect(beast::error_code ec
, bool result
)
550 return fail(ec
, "detect");
554 // Launch SSL session
555 std::make_shared
<ssl_session
>(
556 stream_
.release_socket(),
563 // Launch plain session
564 std::make_shared
<plain_session
>(
565 stream_
.release_socket(),
571 // Accepts incoming connections and launches the sessions
572 class listener
: public std::enable_shared_from_this
<listener
>
574 net::io_context
& ioc_
;
576 tcp::acceptor acceptor_
;
577 std::shared_ptr
<std::string
const> doc_root_
;
581 net::io_context
& ioc
,
583 tcp::endpoint endpoint
,
584 std::shared_ptr
<std::string
const> const& doc_root
)
587 , acceptor_(net::make_strand(ioc
))
588 , doc_root_(doc_root
)
590 beast::error_code ec
;
593 acceptor_
.open(endpoint
.protocol(), ec
);
600 // Allow address reuse
601 acceptor_
.set_option(net::socket_base::reuse_address(true), ec
);
604 fail(ec
, "set_option");
608 // Bind to the server address
609 acceptor_
.bind(endpoint
, ec
);
616 // Start listening for connections
618 net::socket_base::max_listen_connections
, ec
);
626 // Start accepting incoming connections
637 // The new connection gets its own strand
638 acceptor_
.async_accept(
639 net::make_strand(ioc_
),
640 beast::bind_front_handler(
641 &listener::on_accept
,
642 shared_from_this()));
646 on_accept(beast::error_code ec
, tcp::socket socket
)
654 // Create the detector session and run it
655 std::make_shared
<detect_session
>(
661 // Accept another connection
666 //------------------------------------------------------------------------------
668 int main(int argc
, char* argv
[])
670 // Check command line arguments.
674 "Usage: http-server-flex <address> <port> <doc_root> <threads>\n" <<
676 " http-server-flex 0.0.0.0 8080 .\n";
679 auto const address
= net::ip::make_address(argv
[1]);
680 auto const port
= static_cast<unsigned short>(std::atoi(argv
[2]));
681 auto const doc_root
= std::make_shared
<std::string
>(argv
[3]);
682 auto const threads
= std::max
<int>(1, std::atoi(argv
[4]));
684 // The io_context is required for all I/O
685 net::io_context ioc
{threads
};
687 // The SSL context is required, and holds certificates
688 ssl::context ctx
{ssl::context::tlsv12
};
690 // This holds the self-signed certificate used by the server
691 load_server_certificate(ctx
);
693 // Create and launch a listening port
694 std::make_shared
<listener
>(
697 tcp::endpoint
{address
, port
},
700 // Run the I/O service on the requested number of threads
701 std::vector
<std::thread
> v
;
702 v
.reserve(threads
- 1);
703 for(auto i
= threads
- 1; i
> 0; --i
)