Slombard/web 171 implement https

.github/workflows/webserv.yml

@@ -32,6 +32,8 @@ jobs:
       - name: Check out repository code
         uses: actions/checkout@v4
       - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
+      - name: Install necessary dependencies
+        run: sudo apt-get update && sudo apt-get install -y pkg-config libssl-dev lsof curl build-essential
       - name: List files in the repository
         run: |
           ls ${{ github.workspace }}
@@ -42,8 +44,6 @@ jobs:
           python3 -m pip install aiohttp asyncio aiofiles
       - name: Start webserv in background
         run: ./webserv &
-      - name: Install needed dependencies
-        run: sudo apt-get update && sudo apt-get install -y lsof curl
       - name: Run Config file tests
         if: always()
         working-directory: tests/config

.gitignore

@@ -34,6 +34,7 @@
 # Specific files and directories to include
 !Makefile
 !Dockerfile
+!Dockerfile.*
 !.github/
 !.clang-format
 !.vscode/

.vscode/c_cpp_properties.json

@@ -0,0 +1,57 @@
+{
+  "configurations": [
+    {
+      "name": "Mac-ARM",
+      "includePath": [
+        "${workspaceFolder}/**",
+        "/usr/local/opt/openssl/include",
+        "/opt/homebrew/opt/openssl/include",
+        "/opt/homebrew/include"
+      ],
+      "macFrameworkPath": ["/Library/Developer/CommandLineTools/SDKs/MacOSX14.sdk/System/Library/Frameworks"],
+      "defines": [],
+      "compilerPath": "/Users/stefano/.brew/opt/llvm/bin/clang",
+      "cStandard": "c17",
+      "cppStandard": "c++17",
+      "intelliSenseMode": "macos-clang-arm64"
+    },
+    {
+      "name": "Mac-x86",
+      "includePath": [
+        "${workspaceFolder}/**",
+        "/usr/local/opt/openssl/include",
+        "/opt/homebrew/opt/openssl/include",
+        "/opt/homebrew/include"
+      ],
+      "macFrameworkPath": ["/Library/Developer/CommandLineTools/SDKs/MacOSX14.sdk/System/Library/Frameworks"],
+      "defines": [],
+      "compilerPath": "/usr/bin/clang",
+      "cStandard": "c17",
+      "cppStandard": "c++17",
+      "intelliSenseMode": "macos-clang-x64"
+    },
+    {
+      "name": "Linux",
+      "cppStandard": "c++98",
+      "includePath": ["${workspaceFolder}/**", "/usr/include/openssl"],
+      "defines": [],
+      "compilerPath": "/usr/bin/gcc",
+      "cStandard": "c99",
+      "intelliSenseMode": "linux-gcc-x64"
+    }
+  ],
+  "version": 4,
+  "workbench.colorCustomizations": {
+    "activityBar.background": "#063516",
+    "titleBar.activeBackground": "#094B1F",
+    "titleBar.activeForeground": "#F3FEF6"
+  },
+  "files.associations": {
+    "*.cpp": "cpp",
+    "*.h": "cpp",
+    "*.md": "markdown",
+    "*.sh": "shellscript"
+  },
+  "C_Cpp.clang_format_style": "file",
+  "C_Cpp.clang_format_fallbackStyle": "Google"
+}

Makefile

@@ -1,7 +1,9 @@
 # Compiler and Flags
 CXX = c++
-CXXFLAGS = -Wall -Wextra -Werror -std=c++98 -I. -Iinclude -Isrc -Isrc/events -g
+CXXFLAGS = -Wall -Wextra -Werror -std=c++98 -I. -Iinclude -Isrc -Isrc/events -Isrc/ssl -g
 DEPFLAGS = -MMD -MP
+# -lpthread for pthreads, -ldl for dlopen needed by openssl
+LDFLAGS = -lpthread -ldl
 
 UNAME_S := $(shell uname -s)
 # Additional Flags for macOS
@@ -10,6 +12,43 @@ ifeq ($(UNAME_S), Darwin)
     LDFLAGS += -fsanitize=address
 endif
 
+# Check if pkg-config is available and OpenSSL is installed
+PKGCONFIG := $(shell which pkg-config)
+USE_LOCAL_OPENSSL := 0
+
+ifneq ($(PKGCONFIG),)
+    PKGCONFIG_OPENSSL := $(shell pkg-config --exists openssl && echo 1 || echo 0)
+    ifeq ($(PKGCONFIG_OPENSSL), 1)
+		OPENSSL_CFLAGS := $(shell pkg-config --cflags openssl)
+        OPENSSL_LIBS := $(shell pkg-config --libs openssl)
+		ifneq ($(OPENSSL_CFLAGS),)
+            CXXFLAGS += $(OPENSSL_CFLAGS)
+		else
+			OPENSSL_DIR := $(shell openssl version -d | cut -d'"' -f2)
+			OPENSSL_INCLUDE := $(OPENSSL_DIR)/include
+			ifneq ($(wildcard $(OPENSSL_INCLUDE)),)
+				CXXFLAGS += -I$(OPENSSL_INCLUDE)
+			endif
+		endif
+		LDFLAGS += $(OPENSSL_LIBS)
+	else
+		USE_LOCAL_OPENSSL := 1
+	endif
+else
+    USE_LOCAL_OPENSSL := 1
+endif
+
+# If using local OpenSSL, update the flags
+ifeq ($(USE_LOCAL_OPENSSL), 1)
+    CXXFLAGS += -I$(LOCAL_INCLUDE)
+    LDFLAGS += -L$(LOCAL_LIB) -lssl -lcrypto
+endif
+
+# Paths for local OpenSSL installation
+LOCAL_OPENSSL_DIR := $(CURDIR)/local/openssl
+LOCAL_INCLUDE := $(LOCAL_OPENSSL_DIR)/include
+LOCAL_LIB := $(LOCAL_OPENSSL_DIR)/lib
+
 # Source and Object Files
 SRCS = src/main.cpp \
 	src/Parser.cpp \
@@ -31,15 +70,40 @@ SRCS = src/main.cpp \
 	src/ServerSocket.cpp \
 	src/Listen.cpp \
 	src/events/EventManager.cpp \
-	src/events/ServerEventListener.cpp  
+	src/events/ServerEventListener.cpp \
+	src/ssl/SSLManager.cpp \
+	src/ssl/SSLContext.cpp 
 OBJDIR = obj
 OBJS = $(SRCS:%.cpp=$(OBJDIR)/%.o)
+DEPS = $(OBJS:.o=.d)
 
 # Main Target
 TARGET = webserv
 
 # Build Rules
-all: $(TARGET)
+all: check_openssl $(TARGET)
+
+# Rule to check and install OpenSSL if needed
+check_openssl:
+ifeq ($(USE_LOCAL_OPENSSL), 1)
+	@echo "OpenSSL not found. Installing locally..."
+	@$(MAKE) install_openssl
+else
+	@echo "Using system OpenSSL."
+endif
+
+# Rule to download, build, and install OpenSSL locally
+install_openssl:
+	@mkdir -p openssl
+	@cd openssl && \
+	wget https://www.openssl.org/source/openssl-1.1.1.tar.gz && \
+	tar -xzf openssl-1.1.1.tar.gz && \
+	cd openssl-1.1.1 && \
+	./config --prefix=$(LOCAL_OPENSSL_DIR) --openssldir=$(LOCAL_OPENSSL_DIR) no-shared && \
+	make && \
+	make install && \
+	cd ../.. && \
+	rm -rf openssl
 
 # Ensure the necessary directories exist before compiling anything
 $(OBJDIR)/%.o: %.cpp
@@ -48,16 +112,19 @@ $(OBJDIR)/%.o: %.cpp
 
 # Linking the main target
 $(TARGET): $(OBJS)
-	$(CXX) $(CXXFLAGS) -o $(TARGET) $(OBJS)
+	$(CXX) $(OBJS) $(LDFLAGS) -o $(TARGET)
 
 # Cleaning up the build
 clean:
 	rm -rf $(OBJDIR)
 	rm -f $(TARGET)
+	rm -f $(DEPS)
 
 fclean: clean
 	rm -f $(TARGET)
 
 re: fclean all
 
-.PHONY: all clean fclean re
+-include $(DEPS)
+
+.PHONY: all clean fclean re check_openssl install_openssl

docs/SSL/ssl.md

@@ -0,0 +1,120 @@
+### SSL Object (or SSL Structure)
+
+The `SSL` object in OpenSSL represents a single SSL/TLS connection. It encapsulates all the data and state needed to manage an SSL/TLS session between a client and a server.
+
+### Key Functions of the SSL Object
+
+1. **Manage SSL/TLS Sessions**:
+
+   - Handles the SSL/TLS handshake, which establishes the encryption parameters and authenticates the connection.
+   - Manages the session state, including encryption keys, certificates, and negotiated parameters.
+
+2. **Data Encryption and Decryption**:
+
+   - Encrypts data sent over the connection, ensuring privacy and data integrity.
+   - Decrypts incoming data, making it readable for the application.
+
+3. **Communication**:
+   - Provides functions for reading and writing encrypted data (`SSL_read`, `SSL_write`).
+   - Handles underlying network communication securely.
+
+### Common Operations with the SSL Object
+
+- **Creation**: An `SSL` object is created using `SSL_new(SSL_CTX *ctx)`, where `ctx` is the SSL context that defines configuration and parameters for the connection.
+
+  ```c
+  SSL *ssl = SSL_new(SSL_CTX *ctx);
+  ```
+
+  Creates a new `SSL` object from the given context.
+
+- **Association with Socket**: The `SSL` object is associated with a network socket using `SSL_set_fd(SSL *ssl, int fd)`, linking the SSL session to a specific socket file descriptor.
+
+  ```c
+  SSL_set_fd(SSL *ssl, int fd);
+  ```
+
+  Associates the `SSL` object with a network socket.
+
+- **Handshake**: The SSL/TLS handshake is initiated using `SSL_accept` (for servers) or `SSL_connect` (for clients). This step negotiates the SSL/TLS parameters and establishes a secure connection.
+
+  ```c
+  int result = SSL_accept(SSL *ssl); // For servers
+  int result = SSL_connect(SSL *ssl); // For clients
+  ```
+
+  Performs the SSL/TLS handshake.
+
+- **Data Transfer**: Secure data transfer is performed using `SSL_read` to receive data and `SSL_write` to send data.
+
+  ```c
+  int bytes = SSL_read(SSL *ssl, void *buf, int num);
+  int bytes = SSL_write(SSL *ssl, const void *buf, int num);
+  ```
+
+  Reads and writes encrypted data.
+
+- **Shutdown**: The SSL connection is properly closed using `SSL_shutdown` to ensure all encrypted data is properly transmitted and received before the connection is terminated.
+
+  ```c
+  int result = SSL_shutdown(SSL *ssl);
+  ```
+
+  Properly shuts down the SSL connection.
+
+- **Cleanup**: When the connection is no longer needed, `SSL_free` is called to free the `SSL` object and release associated resources.
+
+  ```c
+  SSL_free(SSL *ssl);
+  ```
+
+  Frees the `SSL` object and associated resources.
+
+### Structure of the SSL Object
+
+The `SSL` object in OpenSSL is a structure. Here is a partial definition to give you an idea of its components. For the complete structure, refer to the OpenSSL source code.
+
+```c
+struct ssl_st {
+    // SSL session information
+    SSL_CTX *ctx;
+    // Underlying BIOs for network communication
+    BIO *rbio; /* used by SSL_read */
+    BIO *wbio; /* used by SSL_write */
+    BIO *bbio; /* used during session-id reuse to concatenate messages */
+
+    // SSL connection state
+    int state;
+    int rwstate;
+    int in_handshake;
+    int server; /* are we the server side? - mostly used by SSL_clear */
+    int new_session; /* flag to indicate a new session */
+    int quiet_shutdown;
+    int shutdown; /* we have shut things down, 0x01 sent, 0x02 for received */
+    int init_num; /* number of bytes in init_buf */
+    int init_off; /* offset into init_buf */
+    // and many more...
+};
+```
+
+### Example
+
+```cpp
+SSL *ssl = SSL_new(ctx);          // Create a new SSL object
+SSL_set_fd(ssl, socket_fd);       // Associate the SSL object with a socket
+if (SSL_accept(ssl) <= 0) {       // Perform the SSL handshake
+    // Handle error
+}
+SSL_write(ssl, data, data_len);   // Send encrypted data
+SSL_read(ssl, buffer, buf_len);   // Receive encrypted data
+SSL_shutdown(ssl);                // Properly close the SSL connection
+SSL_free(ssl);                    // Free the SSL object and resources
+```
+
+## Further Information
+
+For detailed information on the `SSL` object and related functions, refer to the following resources:
+
+- [OpenSSL Documentation](https://www.openssl.org/docs/)
+- [OpenSSL `SSL` Object Manual](https://www.openssl.org/docs/man1.1.1/man3/SSL_new.html)
+- [OpenSSL Source Code](https://github.com/openssl/openssl) (particularly the `ssl/ssl.h` file)

include/webserv.hpp

@@ -1,6 +1,8 @@
 #ifndef WEBSERV_H
 #define WEBSERV_H
 
+#include <openssl/ssl.h>
+#include <openssl/err.h>
 #include <string>
 #include <sstream>
 #include <cstdlib>