Use mbedtls on all platforms & bundle root CAs
Certificate bundle downloaded from https://curl.se/docs/caextract.html. It is licensed under the MPL 2.0.
This commit is contained in:
+3347
File diff suppressed because it is too large
Load Diff
+11
-29
@@ -86,16 +86,8 @@ set(IXW_HPP "${IXW_DIR}/IXBench.h"
|
||||
"${IXW_DIR}/IXWebSocketTransport.h"
|
||||
"${IXW_DIR}/IXWebSocketVersion.h")
|
||||
|
||||
if(APPLE)
|
||||
list(APPEND IXW_SRC "${IXW_DIR}/IXSocketAppleSSL.cpp")
|
||||
list(APPEND IXW_HPP "${IXW_DIR}/IXSocketAppleSSL.h")
|
||||
elseif(WIN32)
|
||||
list(APPEND IXW_SRC "${IXW_DIR}/IXSocketMbedTLS.cpp")
|
||||
list(APPEND IXW_HPP "${IXW_DIR}/IXSocketMbedTLS.h")
|
||||
else()
|
||||
list(APPEND IXW_SRC "${IXW_DIR}/IXSocketOpenSSL.cpp")
|
||||
list(APPEND IXW_HPP "${IXW_DIR}/IXSocketOpenSSL.h")
|
||||
endif()
|
||||
list(APPEND IXW_SRC "${IXW_DIR}/IXSocketMbedTLS.cpp")
|
||||
list(APPEND IXW_HPP "${IXW_DIR}/IXSocketMbedTLS.h")
|
||||
|
||||
source_group("" FILES ${IXW_SRC} ${IXW_HPP})
|
||||
|
||||
@@ -109,25 +101,15 @@ set_property(TARGET "ixwebsocket" PROPERTY CXX_EXTENSIONS OFF)
|
||||
disable_project_warnings("ixwebsocket")
|
||||
|
||||
target_compile_definitions("ixwebsocket" PRIVATE IXWEBSOCKET_USE_TLS)
|
||||
|
||||
if(APPLE)
|
||||
target_compile_definitions("ixwebsocket" PRIVATE IXWEBSOCKET_USE_SECURE_TRANSPORT)
|
||||
target_link_libraries(ixwebsocket "-framework foundation" "-framework security")
|
||||
elseif(WIN32)
|
||||
target_compile_definitions("ixwebsocket" PRIVATE IXWEBSOCKET_USE_MBED_TLS)
|
||||
target_compile_definitions("ixwebsocket" PRIVATE IXWEBSOCKET_USE_MBED_TLS_MIN_VERSION_3)
|
||||
add_subdirectory("mbedtls" EXCLUDE_FROM_ALL)
|
||||
set_property(TARGET "mbedtls" PROPERTY FOLDER "External Libraries")
|
||||
set_property(TARGET "mbedcrypto" PROPERTY FOLDER "External Libraries")
|
||||
set_property(TARGET "mbedx509" PROPERTY FOLDER "External Libraries")
|
||||
target_link_libraries("ixwebsocket" mbedtls mbedcrypto mbedx509)
|
||||
else()
|
||||
target_compile_definitions("ixwebsocket" PRIVATE IXWEBSOCKET_USE_OPEN_SSL)
|
||||
find_package(OpenSSL REQUIRED)
|
||||
add_definitions(${OPENSSL_DEFINITIONS})
|
||||
target_include_directories(ixwebsocket PUBLIC ${OPENSSL_INCLUDE_DIR})
|
||||
target_link_libraries(ixwebsocket ${OPENSSL_LIBRARIES})
|
||||
endif()
|
||||
target_compile_definitions("ixwebsocket" PRIVATE IXWEBSOCKET_USE_MBED_TLS)
|
||||
target_compile_definitions("ixwebsocket" PRIVATE IXWEBSOCKET_USE_MBED_TLS_MIN_VERSION_3)
|
||||
set(ENABLE_TESTING OFF CACHE INTERNAL "Don't build tests")
|
||||
set(GEN_FILES OFF CACHE INTERNAL "Don't generate files (requires perl and python)")
|
||||
add_subdirectory("mbedtls" EXCLUDE_FROM_ALL)
|
||||
set_property(TARGET "mbedtls" PROPERTY FOLDER "External Libraries")
|
||||
set_property(TARGET "mbedcrypto" PROPERTY FOLDER "External Libraries")
|
||||
set_property(TARGET "mbedx509" PROPERTY FOLDER "External Libraries")
|
||||
target_link_libraries("ixwebsocket" mbedtls mbedcrypto mbedx509)
|
||||
|
||||
target_compile_definitions("ixwebsocket" PRIVATE IXWEBSOCKET_USE_ZLIB)
|
||||
|
||||
|
||||
+21
-2
@@ -6,12 +6,14 @@
|
||||
#include "RageFileManager.h"
|
||||
#include "RageLog.h"
|
||||
#include "RageUtil.h"
|
||||
#include "SpecialFiles.h"
|
||||
#include "StdString.h"
|
||||
#include "ver.h"
|
||||
|
||||
#include <ixwebsocket/IXHttpClient.h>
|
||||
#include <ixwebsocket/IXNetSystem.h>
|
||||
#include <ixwebsocket/IXUrlParser.h>
|
||||
#include <ixwebsocket/IXWebSocket.h>
|
||||
|
||||
#include <algorithm>
|
||||
#include <climits>
|
||||
@@ -72,6 +74,23 @@ NetworkManager::NetworkManager() : httpClient(true), downloadClient(true)
|
||||
LUA->Release(L);
|
||||
}
|
||||
|
||||
RageFile f;
|
||||
if(f.Open(SpecialFiles::CA_BUNDLE_PATH))
|
||||
{
|
||||
RString data;
|
||||
f.Read(data);
|
||||
f.Close();
|
||||
|
||||
this->tlsOptions.caFile = data;
|
||||
}
|
||||
else
|
||||
{
|
||||
LOG->Warn("Reading '%s' failed: %s", SpecialFiles::CA_BUNDLE_PATH.c_str(), f.GetError().c_str());
|
||||
}
|
||||
|
||||
this->httpClient.setTLSOptions(this->tlsOptions);
|
||||
this->downloadClient.setTLSOptions(this->tlsOptions);
|
||||
|
||||
this->ClearDownloads();
|
||||
}
|
||||
|
||||
@@ -214,6 +233,8 @@ WebSocketHandlePtr NetworkManager::WebSocket(const WebSocketArgs& args)
|
||||
handle->onClose = args.onClose;
|
||||
|
||||
handle->webSocket.setUrl(args.url);
|
||||
handle->webSocket.setTLSOptions(this->tlsOptions);
|
||||
handle->webSocket.setOnMessageCallback(args.onMessage);
|
||||
|
||||
ix::WebSocketHttpHeaders headers;
|
||||
headers["User-Agent"] = this->GetUserAgent();
|
||||
@@ -238,8 +259,6 @@ WebSocketHandlePtr NetworkManager::WebSocket(const WebSocketArgs& args)
|
||||
handle->webSocket.disableAutomaticReconnection();
|
||||
}
|
||||
|
||||
handle->webSocket.setOnMessageCallback(args.onMessage);
|
||||
|
||||
handle->webSocket.start();
|
||||
|
||||
return handle;
|
||||
|
||||
@@ -13,6 +13,7 @@
|
||||
|
||||
#include <ixwebsocket/IXHttp.h>
|
||||
#include <ixwebsocket/IXHttpClient.h>
|
||||
#include <ixwebsocket/IXSocketTLSOptions.h>
|
||||
#include <ixwebsocket/IXWebSocket.h>
|
||||
|
||||
#include "EnumHelper.h"
|
||||
@@ -141,6 +142,7 @@ private:
|
||||
|
||||
ix::HttpClient httpClient;
|
||||
ix::HttpClient downloadClient;
|
||||
ix::SocketTLSOptions tlsOptions;
|
||||
|
||||
static Preference<bool> httpEnabled;
|
||||
static Preference<RString> httpAllowHosts;
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
const RString SpecialFiles::PACKAGES_DIR = "Packages/";
|
||||
const RString SpecialFiles::KEYMAPS_PATH = "Save/Keymaps.ini";
|
||||
const RString SpecialFiles::EDIT_MODE_KEYMAPS_PATH = "Save/EditMode_Keymaps.ini";
|
||||
const RString SpecialFiles::PREFERENCES_INI_PATH = "Save/Preferences.ini";
|
||||
const RString SpecialFiles::PREFERENCES_INI_PATH = "Save/Preferences.ini";
|
||||
const RString SpecialFiles::THEMES_DIR = "Themes/";
|
||||
const RString SpecialFiles::LANGUAGES_SUBDIR = "Languages/";
|
||||
// TODO: A theme should be able to specify a base language.
|
||||
@@ -15,6 +15,7 @@ const RString SpecialFiles::BASE_THEME_NAME = "_fallback";
|
||||
const RString SpecialFiles::DEFAULTS_INI_PATH = "Data/Defaults.ini";
|
||||
const RString SpecialFiles::STATIC_INI_PATH = "Data/Static.ini";
|
||||
const RString SpecialFiles::TYPE_TXT_FILE = "Data/Type.txt";
|
||||
const RString SpecialFiles::CA_BUNDLE_PATH = "Data/ca-bundle.crt";
|
||||
const RString SpecialFiles::SONGS_DIR = "Songs/";
|
||||
const RString SpecialFiles::COURSES_DIR = "Courses/";
|
||||
const RString SpecialFiles::NOTESKINS_DIR = "NoteSkins/";
|
||||
|
||||
@@ -23,6 +23,7 @@ namespace SpecialFiles
|
||||
extern const RString DEFAULTS_INI_PATH;
|
||||
extern const RString STATIC_INI_PATH;
|
||||
extern const RString TYPE_TXT_FILE;
|
||||
extern const RString CA_BUNDLE_PATH;
|
||||
/** @brief The default Songs directory. */
|
||||
extern const RString SONGS_DIR;
|
||||
/** @brief The default courses directory. */
|
||||
|
||||
Reference in New Issue
Block a user