Add: Posix TLS draft.

CMakeLists.txt

@@ -109,6 +109,28 @@ FetchContent_Declare(
 )
 FetchContent_MakeAvailable(tb64)
 include_directories(${tb64_SOURCE_DIR})
+set(CMAKE_POSITION_INDEPENDENT_CODE ON)
+
+FetchContent_Declare(
+  mbedtls
+  GIT_REPOSITORY https://github.com/Mbed-TLS/mbedtls/
+  GIT_TAG v3.4.0
+  CMAKE_ARGS 
+    -DENABLE_PROGRAMS=OFF
+    -DENABLE_TESTING=OFF
+    -DUSE_SHARED_MBEDTLS_LIBRARY=OFF
+    -DUSE_STATIC_MBEDTLS_LIBRARY=ON
+)
+
+FetchContent_MakeAvailable(mbedtls)
+include_directories(${mbedtls_SOURCE_DIR}/include)
+set(mbedtls_LIBS mbedtls mbedcrypto mbedx509)
+
+# add_executable(client client.cpp)
+# target_link_libraries(client ${mbedtls_LIBS})
+
+add_executable(server server.cpp)
+target_link_libraries(server ${mbedtls_LIBS})
 
 # LibUring
 if(LINUX)
@@ -140,7 +162,7 @@ find_package(Threads REQUIRED)
 include_directories(include/ src/)
 
 add_library(ujrpc_server_posix src/engine_posix.cpp)
-target_link_libraries(ujrpc_server_posix simdjson::simdjson Threads::Threads)
+target_link_libraries(ujrpc_server_posix simdjson::simdjson Threads::Threads ${mbedtls_LIBS})
 set(PYTHON_BACKEND ujrpc_server_posix)
 
 add_executable(ujrpc_example_login_posix examples/login/ujrpc_server.cpp)

examples/login/certs/cas.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDazCCAlOgAwIBAgIUNkTMNg4Wf5upbGx85ZeulBYCUuQwDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
+GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMzA0MDMxMzQ1MjVaFw0yMzA1
+MDMxMzQ1MjVaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
+HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQC4gSfAQUeshU4hD85Np/hj1WYeJVhUqvi1NcM4/qpK
+WETQN73MrGk+3kUqqy8UhyPkw31dpE68hAGzfhjzpvh/hejRIbcSaw8jz3P70Tl1
+4zRfz8rLSgpXieI1HekSadT4Hat1YmYxoMVFN025qwQjglxJCUp8bicxOBtNHwbo
+aTLzdTxnVWqkK2DBCNnnRAfttTxIPuSya8ZeCUv1sjlFD9ObTipJ+kjvuDScLFu4
+dErz1WMEJuXLMduEXZ76t7uqv/Y7jdkSAsArnsOj95iLJqohsrvAeyd0K/UkGp7C
+ZccPyqD6qjGgsCnWQsQ99pq4HrzgTkbkR1sL8MvHyZfpAgMBAAGjUzBRMB0GA1Ud
+DgQWBBQeFV7OnGedbdUSzJ7vtLu6z8KZZDAfBgNVHSMEGDAWgBQeFV7OnGedbdUS
+zJ7vtLu6z8KZZDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCi
+sgPyakz5NKjRv4KBChvlUGOenZBcsZSBSDtTPkkqW+H23XJpwKQYhnZoniYLriKu
+7PGbaNMY5EdClLlTCz1OWZ4JSqyo3hhgGDFmCM5mLDR2JR2rBNh14GodLR2R83c3
+to7C2jINVGIrkahOyCLSui2CBn50Xk/y/1FWU79o8WbSpBAH0EBk1zUSZxL7TAC1
+m42VHx5+BTG8RkWcC/SoY4FLwV7yqPIJtPDvU2AaaywXzixn1/hkzJ0Myn3y9JJu
+KZnFg64LcRz5IJcn8+7dvG9lgBwBKbiANqQuQRy5pNpDSlEcRf1VWOVK+amUaV+y
+tlXGCB1p86PprDGXwL5d
+-----END CERTIFICATE-----

examples/login/certs/gen.sh

@@ -0,0 +1,4 @@
+openssl genpkey -algorithm RSA -out main.key -pkeyopt rsa_keygen_bits:2048 &&
+openssl req -new -key main.key -out srv.csr &&
+openssl x509 -req -days 365 -in srv.csr -signkey main.key -out srv.crt &&
+openssl req -new -x509 -key main.key -out cas.pem 

examples/login/certs/main.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4gSfAQUeshU4h
+D85Np/hj1WYeJVhUqvi1NcM4/qpKWETQN73MrGk+3kUqqy8UhyPkw31dpE68hAGz
+fhjzpvh/hejRIbcSaw8jz3P70Tl14zRfz8rLSgpXieI1HekSadT4Hat1YmYxoMVF
+N025qwQjglxJCUp8bicxOBtNHwboaTLzdTxnVWqkK2DBCNnnRAfttTxIPuSya8Ze
+CUv1sjlFD9ObTipJ+kjvuDScLFu4dErz1WMEJuXLMduEXZ76t7uqv/Y7jdkSAsAr
+nsOj95iLJqohsrvAeyd0K/UkGp7CZccPyqD6qjGgsCnWQsQ99pq4HrzgTkbkR1sL
+8MvHyZfpAgMBAAECggEAFyMnM35cOR/McOv1AJsIVKitsikXvyJjpwHTdgHFpCYW
+lw/ubszOM/KWtOebs1TRJP546bXRo+Vf+zzcby2oqwFFdXhnZ1lioCiDUHhn3sc7
+yaoascyaqGijo+qY0FTSPr0lw8Yvr5iMNIZfamGuVq+h2AzguOLtakgxcEXsTVex
+ZrwzPHyIzpM0F4arzCQfHkwBOkPrQzjpcVmLq4ZSq3/ht3wrTBF+9cbriEnw+WNb
+CHjlc2teB96Dp/yVrHSCoQOEot65lET5orbD0v7p0Viky6gqFx9M+h7mVNWM2vEp
+yJziwoFMFHjjRNFjdTnOcI4HdDgj3Cf/LbNGxOWWKwKBgQDWH+34LyXhRH2r5PZm
+/ixZI12Fp5VQheJce0ClEPWHyx+P4md/K+TFSWZPxA2PlkfFi4aHcDMZP+VEXBex
+m22Fa/mtouXBmmbsOBzS8iGBXWgPSFRr3MEXMCMr99jTl0VdDTcaDdxbYZBObpve
+Do6UBZ4eL8Pe4wedZKjp5PdKOwKBgQDclk0okZdVEh3apvBYkGnEvNHtOUoDF41l
+RIPPvliK21cwwaxRLqlw66VxLjuyGRll38x4K7+MNq5OCNIMDZBrbomNsFWYMQ3S
+T1qs5+NtoBQ6zn+iUSxM3nnf54+hMfKeITTOYn/qGIgTK9MvTfCgQHNRol1kpai8
+Bwzu8p5gKwKBgAf+szT0Fbb+hq63Ytffn6pIXsKRykpyZUxMsdI3+uLyG6CUtIaU
+DfurzO0nhdYZp15h4kkGUHId56KQybWw9vrnWDA6h9edu0AQrErYDZY19Z+0dKp+
+WJtUCcwneeoUmNtrleYcJGEpGGlFSf6Vjo9KUmgQIoEc+vjOfFwXV4BnAoGBAKXm
+/P0IEvNOftmWOKnDY2kuQgzSy5Frw1Jop2I1XM6CjR8Eap9cIt/kuzdWeFtIeUuf
+eF7hOF0yOwJBrAiYowfJyPahqp6eNjD4sc/dT7WBcfWQnXns5w6hPLRjqiioMjsv
+6lFWz7G25ZDVoy2uxs0f7Bt3rBooZbGU8+s62lalAoGBAM0a527Oe2+SB5nf3cJa
+pKbpLiGyiiJYwq5Kz0iRQcZCvJgiZ74V3xhIuXtBYrHQJRuiLhtCE1Y4ldUFTDuJ
+ZHwoPNr/RoP7Paz7KAIoWBVBp+1aOupPkmcdUY61QfqtnI8mJ5O5VSVo5hgdNJEb
+8wQdB1kfdX8/uVqsVCD+P2yg
+-----END PRIVATE KEY-----

examples/login/certs/srv.crt

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDSzCCAjMCFG9cZkrKAoKUF+KcdWYgNW9JRj80MA0GCSqGSIb3DQEBCwUAMGIx
+CzAJBgNVBAYTAkFVMQwwCgYDVQQIDANhc2QxDDAKBgNVBAcMA2FzZDELMAkGA1UE
+CgwCYXMxCjAIBgNVBAsMAWQxDDAKBgNVBAMMA2FzZDEQMA4GCSqGSIb3DQEJARYB
+YTAeFw0yMzA0MDMxMzQ1MTdaFw0yNDA0MDIxMzQ1MTdaMGIxCzAJBgNVBAYTAkFV
+MQwwCgYDVQQIDANhc2QxDDAKBgNVBAcMA2FzZDELMAkGA1UECgwCYXMxCjAIBgNV
+BAsMAWQxDDAKBgNVBAMMA2FzZDEQMA4GCSqGSIb3DQEJARYBYTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALiBJ8BBR6yFTiEPzk2n+GPVZh4lWFSq+LU1
+wzj+qkpYRNA3vcysaT7eRSqrLxSHI+TDfV2kTryEAbN+GPOm+H+F6NEhtxJrDyPP
+c/vROXXjNF/PystKCleJ4jUd6RJp1Pgdq3ViZjGgxUU3TbmrBCOCXEkJSnxuJzE4
+G00fBuhpMvN1PGdVaqQrYMEI2edEB+21PEg+5LJrxl4JS/WyOUUP05tOKkn6SO+4
+NJwsW7h0SvPVYwQm5csx24Rdnvq3u6q/9juN2RICwCuew6P3mIsmqiGyu8B7J3Qr
+9SQansJlxw/KoPqqMaCwKdZCxD32mrgevOBORuRHWwvwy8fJl+kCAwEAATANBgkq
+hkiG9w0BAQsFAAOCAQEABUPMGhDCjfWEXJFlBbmv+DNrrac3s5SSnIQ8bFgtiW8w
+soDk7/42HiL8zBKvx0Ym7Gw9aYSyuCSm5FYj4H5H3DTO+FOB+s4N8hfhX84wJK68
+xEN/dbuXXY0iGIm24cpokW37xjCNuw7UTj9vFzf+uq3ghRWxTxG5e3+5ayVZ2/V7
+cub3EdMKSpgalhv740Jy5wPb+X9DllJE9eO9vQb6cGsADAfpBNfrIsG2onrzeW1f
+F4omD3roWJmQ3yyk2OPPJf7WTXGAbZeEClNZw+UeaISPwsf/1JdjzDDs85sDEq01
+uvICmE5ks4WJCXvDupmGAPpOgQMXRLJPQSgHO+4h/w==
+-----END CERTIFICATE-----

examples/login/certs/srv.csr

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICvDCCAaQCAQAwYjELMAkGA1UEBhMCQVUxDDAKBgNVBAgMA2FzZDEMMAoGA1UE
+BwwDYXNkMQswCQYDVQQKDAJhczEKMAgGA1UECwwBZDEMMAoGA1UEAwwDYXNkMRAw
+DgYJKoZIhvcNAQkBFgFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+uIEnwEFHrIVOIQ/OTaf4Y9VmHiVYVKr4tTXDOP6qSlhE0De9zKxpPt5FKqsvFIcj
+5MN9XaROvIQBs34Y86b4f4Xo0SG3EmsPI89z+9E5deM0X8/Ky0oKV4niNR3pEmnU
++B2rdWJmMaDFRTdNuasEI4JcSQlKfG4nMTgbTR8G6Gky83U8Z1VqpCtgwQjZ50QH
+7bU8SD7ksmvGXglL9bI5RQ/Tm04qSfpI77g0nCxbuHRK89VjBCblyzHbhF2e+re7
+qr/2O43ZEgLAK57Do/eYiyaqIbK7wHsndCv1JBqewmXHD8qg+qoxoLAp1kLEPfaa
+uB684E5G5EdbC/DLx8mX6QIDAQABoBUwEwYJKoZIhvcNAQkHMQYMBDAwOTkwDQYJ
+KoZIhvcNAQELBQADggEBAJjTginMRIdd1njaHxgOZ9TD8yxcM/Z5jjaghiyz7b2c
+ls0Y8ORW5BDdGWFOoKw9Mnf4VpXk60EbBh9Rpmz7yxKwA+LRtQ2uhfy6XplriIHG
+J1bV/uNDbiz34JRquoRtqY8lRAxYq7alPDSngG7dZsURMpiRTuTc+wGRdLgGHh0i
+PGxxZziJiJDAF9IMs5fYDmwUAQ8W4zj0nsS+plLgWh0HKYymha7I9KFgIkoVRDsF
+gyFf4VhitmLgJ4vxzxW2Qss57ma0QSzxpZfn6Hk9f+vI+m+YA0LIAgol4REm0pPA
+SXLiTMV6AHhAnI2ExecAJdINrK3NkwA2wWRoxpEPuPI=
+-----END CERTIFICATE REQUEST-----

examples/login/ujrpc_server.cpp

@@ -49,6 +49,11 @@ int main(int argc, char** argv) {
     config.max_lifetime_exchanges = UINT32_MAX;
     config.logs_file_descriptor = result["silent"].as<bool>() ? -1 : STDOUT_FILENO;
     config.logs_format = "human";
+    config.use_ssl = true;
+    config.ssl_pk_path = "./examples/login/certs/main.key";
+    const char* crts[] = {"./examples/login/certs/srv.crt", "./examples/login/certs/cas.pem"};
+    config.ssl_crts_path = crts;
+    config.ssl_crts_cnt = 2;
 
     ujrpc_init(&config, &server);
     if (!server) {

include/ujrpc/ujrpc.h

@@ -68,6 +68,15 @@ typedef struct ujrpc_config_t {
     uint32_t max_concurrent_connections;
     uint32_t max_lifetime_micro_seconds;
     uint32_t max_lifetime_exchanges;
+
+    /// @brief Enable SSL.
+    bool use_ssl;
+    /// @brief Private Key required for SSL.
+    const char* ssl_pk_path;
+    /// @brief At least one certificate is required for SSL.
+    const char** ssl_crts_path;
+    /// @brief Certificates count.
+    size_t ssl_crts_cnt;
 } ujrpc_config_t;
 
 /**