redboltz
commented
1 year ago This PR also contains #982 revert.
Closed redboltz closed 1 year ago
redboltz
commented
1 year ago This PR also contains #982 revert.
codecov[bot]
commented
1 year ago Merging #983 (e38fc28) into master (35a14f7) will decrease coverage by
20.89%. The diff coverage is68.75%.
The first problem is the callback function that is set by set_verifycallback() is not called the first accept. But the second accept and later one is called. I analyzed the problem. server.hpp calls ctx.set_verify_callback() int doaccept(). ctx is moved from user at the constructor. Then it is passed to sockett parameter (actual type is ssl::stream). The type of parameter is
ssl::context&but it behaves as copy in the constructor. So ctx configuration must be finished before socket_t is created. I updated the order. Then the first problem is solved.However, the second problem is appared. The username that is set by the callback is wrong. This is caused by ctx_.set_verify_callback() overwriting. The second do_accept() is called when the first TCP async_accept (lowest_layer) is finished. It is too early. Because in the doaccept(), ctx.set_verify_callback() is called with the new username memory. Then the callback is called. The expected behavior is the callback is the first one, but the second one is called. To solve this problem, I moved the next do_accept() call to after the all handshake sequences are finished. It would cause degrade connecting performance but so far, there is no way.
Ideally, create the new ctx for each accept, but it requires a big breaking change. So I don't do that.
NOTE: async_mqtt solves the problem using this way https://github.com/redboltz/async_mqtt/blob/04748f1311f3dff6c2d418f1ac9d39b64f4da0a0/tool/broker.cpp#L322