Add preliminary work for HTTP health endpoint (#68)

* Add preliminary work for HTTP health endpoint * Http: Fix infinite loop bug in Tx509KeypairGenerator::generateKey() * update commandline * Add TLS Support class for use with http server * Add preliminary HTTP Server; TLS still broken; fix in later commit * Fix TLS handshake, due to server being unable to serve key/certfile in 'Http.h/Http.cpp'; Cause was httlib not being threadsafe due to being a blocking http library * Run clang format * Add option to configure http server port via ServerConfig * TConfig: add HTTPServerPort to config parsing step * Fix SSL Cert / Key path not auto generating when not existing * Add health endpoint; Fix SSL Cert serial no. not refreshing when regenerating * Switch arround status codes in /health route * Run clang format Co-authored-by: Lion Kortlepel <development@kortlepel.com>
2026-02-16 10:41:01 +00:00 · 2021-12-05 18:24:55 +01:00
parent b33d50361c
commit 9d283738aa
11 changed files with 273 additions and 18 deletions
--- a/include/Http.h
+++ b/include/Http.h
@@ -1,8 +1,20 @@
 #pragma once

+#include <Common.h>
+#include <IThreaded.h>
+#include <filesystem>
+#include <httplib.h>
+#include <openssl/pem.h>
+#include <openssl/x509.h>
 #include <string>
 #include <unordered_map>

+namespace fs = std::filesystem;
+
+namespace Crypto {
+constexpr size_t RSA_DEFAULT_KEYLENGTH { 2048 };
+}
+
 namespace Http {
 std::string GET(const std::string& host, int port, const std::string& target, unsigned int* status = nullptr);
 std::string POST(const std::string& host, int port, const std::string& target, const std::string& body, const std::string& ContentType, unsigned int* status = nullptr);
@@ -10,4 +22,36 @@ namespace Status {
    std::string ToString(int code);
 }
 const std::string ErrorString = "-1";
+
+namespace Server {
+    void SetupEnvironment();
+    // todo: Add non TLS Server Instance, this one is TLS only
+    class THttpServerInstance : IThreaded {
+    public:
+        THttpServerInstance();
+        static fs::path KeyFilePath;
+        static fs::path CertFilePath;
+
+    protected:
+        void operator()();
+
+    private:
+        /**
+         * the shared pointer is necessary because httplib is a blocking library and due lacking thread-safety
+         * will "forget" about its environment, when configured across multiple threads.
+         * So we need to able to start the server (make it "listen()") in a single Thread.
+         */
+        std::shared_ptr<httplib::SSLServer> mHttpLibServerInstancePtr;
+    };
+    // todo: all of these functions are likely unsafe,
+    // todo: replace with something that's managed by a domain specific crypto library
+    class Tx509KeypairGenerator {
+    public:
+        static long GenerateRandomId();
+        static bool EnsureTLSConfigExists();
+        static X509* GenerateCertificate(EVP_PKEY& pkey);
+        static EVP_PKEY* GenerateKey();
+        static void GenerateAndWriteToDisk(const fs::path& KeyFilePath, const fs::path& CertFilePath);
+    };
+}
 }