Renamed many classes and feature to use "secure" term instead of "ssl". (note, the .ecf are still using the "ssl" terminologie).
Provided easy way to set secure settings for Standalone. For wsf launcher boolean option accept "true" or "yes" for True boolean, anything else is False.
This commit is contained in:
@@ -76,7 +76,7 @@ feature {NONE} -- Initialization
|
||||
|
||||
verbose := opts.option_boolean_value ("verbose", verbose)
|
||||
-- See `{HTTPD_REQUEST_HANDLER_I}.*_verbose_level`
|
||||
|
||||
|
||||
if opts.has_integer_option ("verbose_level") then
|
||||
verbose_level := opts.option_integer_value ("verbose_level", verbose_level)
|
||||
elseif attached {READABLE_STRING_GENERAL} opts.option ("verbose_level") as s_verbose_level then
|
||||
@@ -115,11 +115,17 @@ feature {NONE} -- Initialization
|
||||
keep_alive_timeout := opts.option_integer_value ("keep_alive_timeout", keep_alive_timeout)
|
||||
max_keep_alive_requests := opts.option_integer_value ("max_keep_alive_requests", max_keep_alive_requests)
|
||||
|
||||
if
|
||||
opts.option_boolean_value ("ssl_enabled", ssl_enabled) and then
|
||||
if
|
||||
opts.option_boolean_value ("is_secure", is_secure) and then
|
||||
attached opts.option_string_32_value ("secure_protocol", "tls_1_2") as l_secure_prot
|
||||
then
|
||||
secure_settings := [l_secure_prot, opts.option_string_32_value ("secure_certificate", Void), opts.option_string_32_value ("secure_certificate_key", Void)]
|
||||
elseif
|
||||
-- OBSOLETE: backward compatible with old settings name [oct/2016].
|
||||
opts.option_boolean_value ("ssl_enabled", is_secure) and then
|
||||
attached opts.option_string_32_value ("ssl_protocol", "tls_1_2") as ssl_prot
|
||||
then
|
||||
ssl_settings := [ssl_prot, opts.option_string_32_value ("ssl_ca_crt", Void), opts.option_string_32_value ("ssl_ca_key", Void)]
|
||||
secure_settings := [ssl_prot, opts.option_string_32_value ("ssl_ca_crt", Void), opts.option_string_32_value ("ssl_ca_key", Void)]
|
||||
end
|
||||
end
|
||||
|
||||
@@ -135,7 +141,7 @@ feature {NONE} -- Initialization
|
||||
-- Set `single_threaded' to True.
|
||||
do
|
||||
max_concurrent_connections := 1
|
||||
end
|
||||
end
|
||||
|
||||
feature -- Execution
|
||||
|
||||
@@ -143,7 +149,7 @@ feature -- Execution
|
||||
do
|
||||
cfg.set_is_verbose (verbose)
|
||||
cfg.set_verbose_level (verbose_level)
|
||||
cfg.set_ssl_settings (ssl_settings)
|
||||
cfg.set_secure_settings (secure_settings)
|
||||
cfg.set_http_server_name (server_name)
|
||||
cfg.http_server_port := port_number
|
||||
cfg.set_max_concurrent_connections (max_concurrent_connections)
|
||||
@@ -165,7 +171,7 @@ feature -- Execution
|
||||
debug ("ew_standalone")
|
||||
if verbose then
|
||||
io.error.put_string ("Launching standalone web server on port " + port_number.out)
|
||||
if ssl_enabled then
|
||||
if is_secure then
|
||||
io.error.put_string ("%N https://")
|
||||
else
|
||||
io.error.put_string ("%N http://")
|
||||
@@ -213,26 +219,36 @@ feature {NONE} -- Implementation
|
||||
-- Help defining the verbosity.
|
||||
-- The higher, the more output.
|
||||
|
||||
ssl_settings: detachable TUPLE [protocol: READABLE_STRING_GENERAL; ca_crt, ca_key: detachable READABLE_STRING_GENERAL]
|
||||
|
||||
ssl_enabled: BOOLEAN
|
||||
-- Is secure server? i.e using SSL?
|
||||
do
|
||||
Result := attached ssl_settings as ssl and then attached ssl.protocol as prot and then not prot.is_whitespace
|
||||
end
|
||||
|
||||
max_concurrent_connections: INTEGER
|
||||
max_tcp_clients: INTEGER
|
||||
socket_timeout: INTEGER
|
||||
socket_recv_timeout: INTEGER
|
||||
keep_alive_timeout: INTEGER
|
||||
max_keep_alive_requests: INTEGER
|
||||
|
||||
single_threaded: BOOLEAN
|
||||
do
|
||||
Result := max_concurrent_connections = 0
|
||||
end
|
||||
|
||||
max_tcp_clients: INTEGER
|
||||
socket_timeout: INTEGER
|
||||
socket_recv_timeout: INTEGER
|
||||
|
||||
keep_alive_timeout: INTEGER
|
||||
max_keep_alive_requests: INTEGER
|
||||
|
||||
is_secure_connection_supported: BOOLEAN
|
||||
-- Is SSL supported in current compiled system?
|
||||
do
|
||||
Result := {WGI_STANDALONE_CONSTANTS}.is_secure_connection_supported
|
||||
end
|
||||
|
||||
is_secure: BOOLEAN
|
||||
-- Is secure server? i.e using SSL?
|
||||
do
|
||||
Result := attached secure_settings as l_secure_settings and then
|
||||
attached l_secure_settings.protocol as prot and then not prot.is_whitespace
|
||||
end
|
||||
|
||||
secure_settings: detachable TUPLE [protocol: READABLE_STRING_GENERAL; ca_crt, ca_key: detachable READABLE_STRING_GENERAL]
|
||||
|
||||
|
||||
feature -- Status report
|
||||
|
||||
connector: WGI_STANDALONE_CONNECTOR [G]
|
||||
@@ -244,7 +260,7 @@ feature -- Status report
|
||||
end
|
||||
|
||||
;note
|
||||
copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
|
||||
copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
|
||||
license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
|
||||
source: "[
|
||||
Eiffel Software
|
||||
|
||||
@@ -11,6 +11,14 @@ class
|
||||
inherit
|
||||
WSF_SERVICE_LAUNCHER_OPTIONS
|
||||
|
||||
feature -- Status report
|
||||
|
||||
is_secure_connection_supported: BOOLEAN
|
||||
-- Is SSL/TLS supported by current compiled system?
|
||||
do
|
||||
Result := {WGI_STANDALONE_CONSTANTS}.is_secure_connection_supported
|
||||
end
|
||||
|
||||
feature -- Access: output
|
||||
|
||||
is_verbose: BOOLEAN
|
||||
@@ -24,40 +32,40 @@ feature -- Access: output
|
||||
do
|
||||
if attached {READABLE_STRING_GENERAL} option ("verbose_level") as l_verbose_level and then l_verbose_level.is_valid_as_string_8 then
|
||||
Result := l_verbose_level.to_string_8
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
feature -- Access: connection
|
||||
|
||||
port: INTEGER
|
||||
port: INTEGER assign set_port
|
||||
-- Listening port number.
|
||||
do
|
||||
Result := option_integer_value ("port", 0)
|
||||
end
|
||||
|
||||
server_name: detachable READABLE_STRING_8
|
||||
server_name: detachable READABLE_STRING_8 assign set_server_name
|
||||
-- Listening only for connection on `server_name' if defined.
|
||||
do
|
||||
if attached {READABLE_STRING_GENERAL} option ("server_name") as l_server_name and then l_server_name.is_valid_as_string_8 then
|
||||
Result := l_server_name.to_string_8
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
base_url: detachable READABLE_STRING_8
|
||||
base_url: detachable READABLE_STRING_8 assign set_base_url
|
||||
do
|
||||
if attached {READABLE_STRING_GENERAL} option ("base") as l_base and then l_base.is_valid_as_string_8 then
|
||||
Result := l_base.to_string_8
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
max_concurrent_connections: INTEGER
|
||||
max_concurrent_connections: INTEGER assign set_max_concurrent_connections
|
||||
-- Maximum of concurrent connections.
|
||||
-- Define the size of the concurrent pool.
|
||||
do
|
||||
Result := option_integer_value ("max_concurrent_connections", 0)
|
||||
end
|
||||
|
||||
max_tcp_clients: INTEGER
|
||||
max_tcp_clients: INTEGER assign set_max_tcp_clients
|
||||
-- Listen on socket for at most `queue' connections.
|
||||
do
|
||||
Result := option_integer_value ("max_tcp_clients", 0)
|
||||
@@ -65,7 +73,7 @@ feature -- Access: connection
|
||||
|
||||
feature -- Access: network
|
||||
|
||||
socket_timeout: INTEGER
|
||||
socket_timeout: INTEGER assign set_socket_timeout
|
||||
-- Amount of seconds that the server waits for receipts and transmissions during communications.
|
||||
-- note: with timeout of 0, socket can wait for ever.
|
||||
-- By default: {HTTPD_CONFIGURATION_I}.default_socket_timeout seconds, which is appropriate for most situations.
|
||||
@@ -73,7 +81,7 @@ feature -- Access: network
|
||||
Result := option_integer_value ("socket_timeout", 0)
|
||||
end
|
||||
|
||||
socket_recv_timeout: INTEGER
|
||||
socket_recv_timeout: INTEGER assign set_socket_recv_timeout
|
||||
-- Amount of seconds that the server waits for receiving data during communications.
|
||||
-- note: with timeout of 0, socket can wait for ever.
|
||||
-- By default: {HTTPD_CONFIGURATION_I}.default_socket_recv_timeout seconds.
|
||||
@@ -83,7 +91,7 @@ feature -- Access: network
|
||||
|
||||
feature -- Access: persistent connection
|
||||
|
||||
keep_alive_timeout: INTEGER
|
||||
keep_alive_timeout: INTEGER assign set_keep_alive_timeout
|
||||
-- Persistent connection timeout.
|
||||
-- Number of seconds the server waits after a request has been served before it closes the connection.
|
||||
-- Timeout unit in Seconds.
|
||||
@@ -92,7 +100,7 @@ feature -- Access: persistent connection
|
||||
Result := option_integer_value ("keep_alive_timeout", 0)
|
||||
end
|
||||
|
||||
max_keep_alive_requests: INTEGER
|
||||
max_keep_alive_requests: INTEGER assign set_max_keep_alive_requests
|
||||
-- Maximum number of requests allowed per persistent connection.
|
||||
-- Recommended a high setting.
|
||||
-- To disable KeepAlive, set `max_keep_alive_requests' to 0.
|
||||
@@ -103,34 +111,34 @@ feature -- Access: persistent connection
|
||||
|
||||
feature -- Access: SSL
|
||||
|
||||
ssl_enabled: BOOLEAN
|
||||
is_secure: BOOLEAN assign set_is_secure
|
||||
-- Is SSL/TLS session?
|
||||
do
|
||||
Result := option_boolean_value ("ssl_enabled", False)
|
||||
Result := option_boolean_value ("is_secure", False)
|
||||
end
|
||||
|
||||
ssl_protocol: detachable READABLE_STRING_GENERAL
|
||||
secure_protocol: detachable READABLE_STRING_GENERAL assign set_secure_protocol
|
||||
-- SSL protocol name, by default TLS 1.2
|
||||
do
|
||||
if attached {READABLE_STRING_GENERAL} option ("ssl_protocol") as l_prot and then l_prot.is_valid_as_string_8 then
|
||||
if attached {READABLE_STRING_GENERAL} option ("secure_protocol") as l_prot and then l_prot.is_valid_as_string_8 then
|
||||
Result := l_prot.to_string_8
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
ssl_ca_crt: detachable READABLE_STRING_GENERAL
|
||||
secure_certificate: detachable READABLE_STRING_GENERAL assign set_secure_certificate
|
||||
-- Signed certificate.
|
||||
do
|
||||
if attached {READABLE_STRING_GENERAL} option ("ssl_ca_crt") as l_ssl_ca_crt then
|
||||
if attached {READABLE_STRING_GENERAL} option ("secure_certificate") as l_ssl_ca_crt then
|
||||
Result := l_ssl_ca_crt
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
ssl_ca_key: detachable READABLE_STRING_GENERAL
|
||||
secure_certificate_key: detachable READABLE_STRING_GENERAL assign set_secure_certificate_key
|
||||
-- Private key for the certificate.
|
||||
do
|
||||
if attached {READABLE_STRING_GENERAL} option ("ssl_ca_key") as l_ssl_ca_key then
|
||||
if attached {READABLE_STRING_GENERAL} option ("secure_certificate_key") as l_ssl_ca_key then
|
||||
Result := l_ssl_ca_key
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
feature -- Element change
|
||||
@@ -156,6 +164,11 @@ feature -- Element change
|
||||
set_string_option ("server_name", v)
|
||||
end
|
||||
|
||||
set_base_url (v: detachable READABLE_STRING_8)
|
||||
do
|
||||
set_string_option ("base_url", v)
|
||||
end
|
||||
|
||||
set_max_tcp_clients (v: like max_tcp_clients)
|
||||
-- Set `max_tcp_clients' with `v'.
|
||||
do
|
||||
@@ -192,60 +205,69 @@ feature -- Element change
|
||||
set_numeric_option ("max_keep_alive_requests", nb)
|
||||
end
|
||||
|
||||
set_ssl_enabled (b: BOOLEAN)
|
||||
set_is_secure (b: BOOLEAN)
|
||||
-- Set secured connection enabled to `b'.
|
||||
-- i.e if connection is using SSL/TLS.
|
||||
do
|
||||
set_boolean_option ("ssl_enabled", b)
|
||||
set_boolean_option ("is_secure", b)
|
||||
end
|
||||
|
||||
set_ssl_protocol_to_ssl_2_or_3
|
||||
set_secure_protocol_to_ssl_2_or_3
|
||||
-- Set `ssl_protocol' with `Ssl_23'.
|
||||
do
|
||||
set_ssl_protocol ("ssl_2_3")
|
||||
set_secure_protocol ("ssl_2_3")
|
||||
end
|
||||
|
||||
set_ssl_protocol_to_tls_1_0
|
||||
set_secure_protocol_to_tls_1_0
|
||||
-- Set `ssl_protocol' with `Tls_1_0'.
|
||||
do
|
||||
set_ssl_protocol ("tls_1_0")
|
||||
set_secure_protocol ("tls_1_0")
|
||||
end
|
||||
|
||||
set_ssl_protocol_to_tls_1_1
|
||||
set_secure_protocol_to_tls_1_1
|
||||
-- Set `ssl_protocol' with `Tls_1_1'.
|
||||
do
|
||||
set_ssl_protocol ("tls_1_1")
|
||||
set_secure_protocol ("tls_1_1")
|
||||
end
|
||||
|
||||
set_ssl_protocol_to_tls_1_2
|
||||
set_secure_protocol_to_tls_1_2
|
||||
-- Set `ssl_protocol' with `Tls_1_2'.
|
||||
do
|
||||
set_ssl_protocol ("tls_1_2")
|
||||
set_secure_protocol ("tls_1_2")
|
||||
end
|
||||
|
||||
set_ssl_protocol_to_dtls_1_0
|
||||
set_secure_protocol_to_dtls_1_0
|
||||
-- Set `ssl_protocol' with `Dtls_1_0'.
|
||||
do
|
||||
set_ssl_protocol ("dtls_1_0")
|
||||
set_secure_protocol ("dtls_1_0")
|
||||
end
|
||||
|
||||
set_ssl_protocol (a_prot: detachable READABLE_STRING_GENERAL)
|
||||
-- Set `ssl_protocol' with `a_version'
|
||||
set_secure_protocol (a_prot: detachable READABLE_STRING_GENERAL)
|
||||
-- Set `secure_protocol' with `a_version'
|
||||
do
|
||||
set_string_option ("ssl_protocol", a_prot)
|
||||
set_string_option ("secure_protocol", a_prot)
|
||||
end
|
||||
|
||||
set_ssl_ca_crt (a_value: detachable READABLE_STRING_GENERAL)
|
||||
-- Set `ssl_ca_crt' from `a_value'.
|
||||
set_secure_certificate (a_value: detachable READABLE_STRING_GENERAL)
|
||||
-- Set `secure_certificate' from `a_value'.
|
||||
do
|
||||
set_string_option ("ssl_ca_crt", a_value)
|
||||
set_string_option ("secure_certificate", a_value)
|
||||
end
|
||||
|
||||
set_ssl_ca_key (a_value: detachable READABLE_STRING_GENERAL)
|
||||
-- Set `ssl_ca_key' with `a_value'.
|
||||
set_secure_certificate_key (a_value: detachable READABLE_STRING_GENERAL)
|
||||
-- Set `secure_certificate_key' with `a_value'.
|
||||
do
|
||||
set_string_option ("ssl_ca_key", a_value)
|
||||
set_string_option ("secure_certificate_key", a_value)
|
||||
end
|
||||
|
||||
note
|
||||
copyright: "2011-2016, Javier Velilla, Jocelyn Fiat and others"
|
||||
copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
|
||||
license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
|
||||
source: "[
|
||||
Eiffel Software
|
||||
5949 Hollister Ave., Goleta, CA 93117 USA
|
||||
Telephone 805-685-1006, Fax 805-685-6869
|
||||
Website http://www.eiffel.com
|
||||
Customer support http://support.eiffel.com
|
||||
]"
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user