aboutsummaryrefslogtreecommitdiff
path: root/src/zenserver/config/config.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/zenserver/config/config.cpp')
-rw-r--r--src/zenserver/config/config.cpp122
1 files changed, 122 insertions, 0 deletions
diff --git a/src/zenserver/config/config.cpp b/src/zenserver/config/config.cpp
index e36352dae..ef9c6b7b8 100644
--- a/src/zenserver/config/config.cpp
+++ b/src/zenserver/config/config.cpp
@@ -144,10 +144,15 @@ ZenServerConfiguratorBase::AddCommonConfigOptions(LuaConfig::Options& LuaOptions
////// network
+ LuaOptions.AddOption("network.httpclientbackend"sv, ServerOptions.HttpClient.Backend, "httpclient"sv);
LuaOptions.AddOption("network.httpserverclass"sv, ServerOptions.HttpConfig.ServerClass, "http"sv);
LuaOptions.AddOption("network.httpserverthreads"sv, ServerOptions.HttpConfig.ThreadCount, "http-threads"sv);
LuaOptions.AddOption("network.port"sv, ServerOptions.BasePort, "port"sv);
LuaOptions.AddOption("network.forceloopback"sv, ServerOptions.HttpConfig.ForceLoopback, "http-forceloopback"sv);
+ LuaOptions.AddOption("network.unixsocket"sv, ServerOptions.HttpConfig.UnixSocketPath, "unix-socket"sv);
+ LuaOptions.AddOption("network.https.port"sv, ServerOptions.HttpConfig.HttpsPort, "https-port"sv);
+ LuaOptions.AddOption("network.https.certfile"sv, ServerOptions.HttpConfig.CertFile, "cert-file"sv);
+ LuaOptions.AddOption("network.https.keyfile"sv, ServerOptions.HttpConfig.KeyFile, "key-file"sv);
#if ZEN_WITH_HTTPSYS
LuaOptions.AddOption("network.httpsys.async.workthreads"sv,
@@ -159,6 +164,10 @@ ZenServerConfiguratorBase::AddCommonConfigOptions(LuaConfig::Options& LuaOptions
LuaOptions.AddOption("network.httpsys.requestlogging"sv,
ServerOptions.HttpConfig.HttpSys.IsRequestLoggingEnabled,
"httpsys-enable-request-logging"sv);
+ LuaOptions.AddOption("network.httpsys.httpsport"sv, ServerOptions.HttpConfig.HttpSys.HttpsPort, "httpsys-https-port"sv);
+ LuaOptions.AddOption("network.httpsys.certthumbprint"sv, ServerOptions.HttpConfig.HttpSys.CertThumbprint, "httpsys-cert-thumbprint"sv);
+ LuaOptions.AddOption("network.httpsys.certstorename"sv, ServerOptions.HttpConfig.HttpSys.CertStoreName, "httpsys-cert-store"sv);
+ LuaOptions.AddOption("network.httpsys.httpsonly"sv, ServerOptions.HttpConfig.HttpSys.HttpsOnly, "httpsys-https-only"sv);
#endif
#if ZEN_WITH_TRACE
@@ -304,6 +313,34 @@ ZenServerCmdLineOptions::AddCliOptions(cxxopts::Options& options, ZenServerConfi
options.add_option("network",
"",
+ "unix-socket",
+ "Unix domain socket path to listen on (in addition to TCP)",
+ cxxopts::value<std::string>(ServerOptions.HttpConfig.UnixSocketPath),
+ "<path>");
+
+ options.add_option("network",
+ "",
+ "https-port",
+ "HTTPS listen port (0 = disabled)",
+ cxxopts::value<int>(ServerOptions.HttpConfig.HttpsPort)->default_value("0"),
+ "<port>");
+
+ options.add_option("network",
+ "",
+ "cert-file",
+ "Path to PEM certificate chain file for HTTPS",
+ cxxopts::value<std::string>(ServerOptions.HttpConfig.CertFile),
+ "<path>");
+
+ options.add_option("network",
+ "",
+ "key-file",
+ "Path to PEM private key file for HTTPS",
+ cxxopts::value<std::string>(ServerOptions.HttpConfig.KeyFile),
+ "<path>");
+
+ options.add_option("network",
+ "",
"security-config-path",
"Path to http security configuration file",
cxxopts::value<std::string>(SecurityConfigPath),
@@ -330,10 +367,45 @@ ZenServerCmdLineOptions::AddCliOptions(cxxopts::Options& options, ZenServerConfi
"Enables Httpsys request logging",
cxxopts::value<bool>(ServerOptions.HttpConfig.HttpSys.IsRequestLoggingEnabled),
"<httpsys request logging>");
+
+ options.add_option("httpsys",
+ "",
+ "httpsys-https-port",
+ "HTTPS listen port for http.sys (0 = disabled)",
+ cxxopts::value<int>(ServerOptions.HttpConfig.HttpSys.HttpsPort)->default_value("0"),
+ "<port>");
+
+ options.add_option("httpsys",
+ "",
+ "httpsys-cert-thumbprint",
+ "SHA-1 certificate thumbprint for auto SSL binding",
+ cxxopts::value<std::string>(ServerOptions.HttpConfig.HttpSys.CertThumbprint),
+ "<thumbprint>");
+
+ options.add_option("httpsys",
+ "",
+ "httpsys-cert-store",
+ "Windows certificate store name for SSL binding",
+ cxxopts::value<std::string>(ServerOptions.HttpConfig.HttpSys.CertStoreName)->default_value("MY"),
+ "<store name>");
+
+ options.add_option("httpsys",
+ "",
+ "httpsys-https-only",
+ "Disable HTTP listener when HTTPS is active",
+ cxxopts::value<bool>(ServerOptions.HttpConfig.HttpSys.HttpsOnly)->default_value("false"),
+ "");
#endif
options.add_option("network",
"",
+ "httpclient",
+ "Select HTTP client implementation (e.g. 'curl', 'cpr')",
+ cxxopts::value<std::string>(ServerOptions.HttpClient.Backend)->default_value("cpr"),
+ "<http client>");
+
+ options.add_option("network",
+ "",
"http",
"Select HTTP server implementation (asio|"
#if ZEN_WITH_HTTPSYS
@@ -397,6 +469,56 @@ ZenServerCmdLineOptions::ApplyOptions(cxxopts::Options& options, ZenServerConfig
ServerOptions.SecurityConfigPath = MakeSafeAbsolutePath(SecurityConfigPath);
LoggingOptions.ApplyOptions(ServerOptions.LoggingConfig);
+
+#if ZEN_WITH_HTTPSYS
+ // Validate HTTPS options
+ const auto& HttpSys = ServerOptions.HttpConfig.HttpSys;
+ if (HttpSys.HttpsOnly && HttpSys.HttpsPort == 0)
+ {
+ throw OptionParseException("'--httpsys-https-only' requires '--httpsys-https-port' to be set", options.help());
+ }
+ if (!HttpSys.CertThumbprint.empty() && HttpSys.CertThumbprint.size() != 40)
+ {
+ throw OptionParseException("'--httpsys-cert-thumbprint' must be exactly 40 hex characters (SHA-1)", options.help());
+ }
+ if (!HttpSys.CertThumbprint.empty())
+ {
+ for (char Ch : HttpSys.CertThumbprint)
+ {
+ if (!((Ch >= '0' && Ch <= '9') || (Ch >= 'a' && Ch <= 'f') || (Ch >= 'A' && Ch <= 'F')))
+ {
+ throw OptionParseException("'--httpsys-cert-thumbprint' contains non-hex characters", options.help());
+ }
+ }
+ }
+ if (HttpSys.HttpsPort > 0 && HttpSys.HttpsPort == ServerOptions.BasePort && !HttpSys.HttpsOnly)
+ {
+ throw OptionParseException("'--httpsys-https-port' must differ from '--port' when both HTTP and HTTPS are active", options.help());
+ }
+#endif
+
+ // Validate generic HTTPS options (used by ASIO backend)
+ if (ServerOptions.HttpConfig.HttpsPort > 0)
+ {
+ if (ServerOptions.HttpConfig.CertFile.empty() || ServerOptions.HttpConfig.KeyFile.empty())
+ {
+ throw OptionParseException("'--https-port' requires both '--cert-file' and '--key-file' to be set", options.help());
+ }
+ if (!std::filesystem::exists(ServerOptions.HttpConfig.CertFile))
+ {
+ throw OptionParseException(fmt::format("'--cert-file' path '{}' does not exist", ServerOptions.HttpConfig.CertFile),
+ options.help());
+ }
+ if (!std::filesystem::exists(ServerOptions.HttpConfig.KeyFile))
+ {
+ throw OptionParseException(fmt::format("'--key-file' path '{}' does not exist", ServerOptions.HttpConfig.KeyFile),
+ options.help());
+ }
+ if (ServerOptions.HttpConfig.HttpsPort == ServerOptions.BasePort)
+ {
+ throw OptionParseException("'--https-port' must differ from '--port'", options.help());
+ }
+ }
}
//////////////////////////////////////////////////////////////////////////
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-24 15:49:52 +0000