-
Notifications
You must be signed in to change notification settings - Fork 1
/
rdapd
executable file
·127 lines (97 loc) · 3.38 KB
/
rdapd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
#!/usr/bin/env php
<?php declare(strict_types=1);
namespace rdap_org;
error_reporting(E_ALL);
ini_set('display_startup_errors', false);
ini_set('display_errors', 'off');
ini_set('log_errors', true);
ini_set('error_log', '/dev/stderr');
ini_set('memory_limit', -1);
ini_set('max_execution_time', 0);
require __DIR__.'/lib/server.php';
use OpenSwoole\Constant;
if (realpath(__FILE__) == realpath(array_shift($argv))) {
rdapd::main($argv);
}
final class rdapd {
const SSL_PROTOCOLS = Constant::SSL_TLSv1_3 | Constant::SSL_TLSv1_2;
const SSL_CIPHERS = [
'ECDHE-ECDSA-AES128-GCM-SHA256',
'ECDHE-RSA-AES128-GCM-SHA256',
'ECDHE-ECDSA-AES256-GCM-SHA384',
'ECDHE-RSA-AES256-GCM-SHA384',
'ECDHE-ECDSA-CHACHA20-POLY1305',
'ECDHE-RSA-CHACHA20-POLY1305',
'DHE-RSA-AES128-GCM-SHA256',
'DHE-RSA-AES256-GCM-SHA384',
'DHE-RSA-CHACHA20-POLY1305'
];
/**
* @param string[] $argv
*/
public static function main(array $argv) : void {
$opt = getopt('', [
'help',
'addr:',
'port:',
'tls',
]);
if (array_key_exists('help', $opt)) self::help();
$tls = array_key_exists('tls', $opt);
self::start(
addr: $opt['addr'] ?? '::', // @phpstan-ignore-line
port: intval($opt['port'] ?? ($tls ? 443 : 8080)),
tls: $tls,
);
}
private static function start(string $addr, int $port, bool $tls) : void {
$server = new server(
host: $addr,
port: $port,
sock_type: ($tls ? Constant::SOCK_TCP | Constant::SSL : Constant::SOCK_TCP),
);
fprintf(STDERR, "%s(): configuring server...\n", __METHOD__);
if ($tls) {
$file = sys_get_temp_dir().'/server.pem';
$fh = fopen($file, 'w');
if (false === $fh) {
$e = (object)error_get_last();
fprintf(STDERR, "Unable to open %s for writing: %s\n", $file, $e->message);
exit(1);
}
chmod($file, 0400);
fwrite($fh, getenv('TLS_KEY')."\n".getenv('TLS_CERT')."\n");
fclose($fh);
$server->set([
'ssl_protocols' => self::SSL_PROTOCOLS,
'ssl_ciphers' => implode(':', self::SSL_CIPHERS),
'ssl_key_file' => $file,
'ssl_cert_file' => $file,
]);
}
$server->on('Start', function() use ($server) {
foreach ($server->ports as $port) {
fprintf(STDERR, "now listening on [%s]:%u\n", $port->host, $port->port);
}
});
fprintf(STDERR, "%s(): starting server...\n", __METHOD__);
$server->start();
}
private static function help() : void {
$file = __FILE__;
echo <<<END
Usage: {$file} [OPTIONS]
--help show this help
--tls enable TLS
--addr=ADDR specify IP address (default: ::)
--port=PORT specify TCP port (default: 443 when TLS is enabled,
8080 otherwise)
If the --tls argument is provided, the key and certificate will be read
from the TLS_KEY and TLS_CERT environment variables.
END;
exit(0);
}
// disallow object instantation
private function __construct() {
}
}