--- /dev/null
+/*
+ * Copyright (c) 2015, Peter Thorson. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * * Neither the name of the WebSocket++ Project nor the
+ * names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL PETER THORSON BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+ /**
+ * NOTES
+ *
+ * This example uses a number of standard classes through the websocketpp::lib
+ * namespace. This is to allow easy switching between Boost, the C++11 STL, and
+ * the standalone Asio library. Your program need not use these namespaces if
+ * you do not need this sort of flexibility.
+ */
+
+#include <websocketpp/config/asio.hpp>
+
+#include <websocketpp/server.hpp>
+
+#include <iostream>
+
+typedef websocketpp::server<websocketpp::config::asio_tls> server;
+
+using websocketpp::lib::placeholders::_1;
+using websocketpp::lib::placeholders::_2;
+using websocketpp::lib::bind;
+
+// pull out the type of messages sent by our config
+typedef websocketpp::config::asio::message_type::ptr message_ptr;
+typedef websocketpp::lib::shared_ptr<websocketpp::lib::asio::ssl::context> context_ptr;
+
+void on_message(server* s, websocketpp::connection_hdl hdl, message_ptr msg) {
+ std::cout << "on_message called with hdl: " << hdl.lock().get()
+ << " and message: " << msg->get_payload()
+ << std::endl;
+
+ try {
+ s->send(hdl, msg->get_payload(), msg->get_opcode());
+ } catch (const websocketpp::lib::error_code& e) {
+ std::cout << "Echo failed because: " << e
+ << "(" << e.message() << ")" << std::endl;
+ }
+}
+
+void on_http(server* s, websocketpp::connection_hdl hdl) {
+ server::connection_ptr con = s->get_con_from_hdl(hdl);
+
+ con->set_body("Hello World!");
+ con->set_status(websocketpp::http::status_code::ok);
+}
+
+std::string get_password() {
+ return "test";
+}
+
+// See https://wiki.mozilla.org/Security/Server_Side_TLS for more details about
+// the TLS modes. The code below demonstrates how to implement both the modern
+enum tls_mode {
+ MOZILLA_INTERMEDIATE = 1,
+ MOZILLA_MODERN = 2
+};
+
+context_ptr on_tls_init(tls_mode mode, websocketpp::connection_hdl hdl) {
+ namespace asio = websocketpp::lib::asio;
+
+ std::cout << "on_tls_init called with hdl: " << hdl.lock().get() << std::endl;
+ std::cout << "using TLS mode: " << (mode == MOZILLA_MODERN ? "Mozilla Modern" : "Mozilla Intermediate") << std::endl;
+
+ context_ptr ctx = websocketpp::lib::make_shared<asio::ssl::context>(asio::ssl::context::sslv23);
+
+ try {
+ if (mode == MOZILLA_MODERN) {
+ // Modern disables TLSv1
+ ctx->set_options(asio::ssl::context::default_workarounds |
+ asio::ssl::context::no_sslv2 |
+ asio::ssl::context::no_sslv3 |
+ asio::ssl::context::no_tlsv1 |
+ asio::ssl::context::single_dh_use);
+ } else {
+ ctx->set_options(asio::ssl::context::default_workarounds |
+ asio::ssl::context::no_sslv2 |
+ asio::ssl::context::no_sslv3 |
+ asio::ssl::context::single_dh_use);
+ }
+ ctx->set_password_callback(bind(&get_password));
+ ctx->use_certificate_chain_file("server.pem");
+ ctx->use_private_key_file("server.pem", asio::ssl::context::pem);
+
+ // Example method of generating this file:
+ // `openssl dhparam -out dh.pem 2048`
+ // Mozilla Intermediate suggests 1024 as the minimum size to use
+ // Mozilla Modern suggests 2048 as the minimum size to use.
+ ctx->use_tmp_dh_file("dh.pem");
+
+ std::string ciphers;
+
+ if (mode == MOZILLA_MODERN) {
+ ciphers = "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK";
+ } else {
+ ciphers = "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";
+ }
+
+ if (SSL_CTX_set_cipher_list(ctx->native_handle() , ciphers.c_str()) != 1) {
+ std::cout << "Error setting cipher list" << std::endl;
+ }
+ } catch (std::exception& e) {
+ std::cout << "Exception: " << e.what() << std::endl;
+ }
+ return ctx;
+}
+
+int main() {
+ // Create a server endpoint
+ server echo_server;
+
+ // Initialize ASIO
+ echo_server.init_asio();
+
+ // Register our message handler
+ echo_server.set_message_handler(bind(&on_message,&echo_server,::_1,::_2));
+ echo_server.set_http_handler(bind(&on_http,&echo_server,::_1));
+ echo_server.set_tls_init_handler(bind(&on_tls_init,MOZILLA_INTERMEDIATE,::_1));
+
+ // Listen on port 9002
+ echo_server.listen(9002);
+
+ // Start the server accept loop
+ echo_server.start_accept();
+
+ // Start the ASIO io_service run loop
+ echo_server.run();
+
+}