SSL support is enabled by default, it can be disabled by passing the
`--disable-ssl` switch on the command line or by setting `ssl.enable`
property in loolwsd.xml config file.
It is still possible to build loolwsd with no SSL support at all.
Change-Id: I00f952edc64f87f61505af44fdc2a715780dc44c
Reviewed-on: https://gerrit.libreoffice.org/27288
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
Tested-by: Jan Holesovsky <kendy@collabora.com>
The server can now be configured at build time
to limit the total number of connections and/or
the number of open documents, at a given time.
./configure --with-max-documents=10 --with-max-connections=20
will limit the number of documents to 10 and total
number of connections (on one or all documents) to 20.
Change-Id: I0c73a7e906c4f567cb3da480e885524815c9cc89
Reviewed-on: https://gerrit.libreoffice.org/27203
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Remove command-line arguments in favor of the config file.
Settings can be overridden using the command-line flag
--override (or --o) followed by the full XML path=value.
Change-Id: I902a145f4d2bd0256e31a3e70b0382c0261aecc8
Reviewed-on: https://gerrit.libreoffice.org/26669
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Support overriding config settings via the command-line.
By using --o:name=value (or --override:name=value) the
setting called 'name' can be replaced by 'value'.
Ex. --o:per_document.max_concurrency=12
The above will override the max_concurrency to 12,
regardless of what the XML has set.
Change-Id: If7ffa5dcdc9ce2a8d1a89c8203b8ba870cb624ac
Reviewed-on: https://gerrit.libreoffice.org/26668
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Loading documents from the local filesystem
opens the door to security issues.
By default filesystem storage is disabled,
even if enabled in the config file. The
only way to enable it is to set the
allowlocalstorage command-line argument.
Change-Id: Ib8f57377260817436d101a16757aab38276cbdcd
Reviewed-on: https://gerrit.libreoffice.org/23881
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Most all configuration values can now be defined
in the configuration XML. The command-line arguments
can be used to override some of these values (for
the convenience of developement and testing) and,
in a few cases, as a security measure to avoid
storing sensitive data in the configuration file.
Change-Id: I040b807b1a59a3537bb94646150d3c7d711f8b62
Reviewed-on: https://gerrit.libreoffice.org/23880
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
A new command-line argument, admincreds, must be provided
to set the Admin Console credentials.
The new command-line argument specifies the username
and password in the following format: username/password
If not provided, Admin Console is disabled for security
reasons. A warning is emitted at startup and an error
on every invocation of Admin Console is logged when
no credentials are defined.
Change-Id: I348623949fd0b292f5066e4955759c708204540f
Reviewed-on: https://gerrit.libreoffice.org/23878
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
This reverts commit 97c8f35ddf.
Since the Broker design has been extremely simplified,
all communication between Broker <-> Kit are gone.
Only a pipe between WSD and Broker remain.
Temporarily reverting this to apply the Broker redesign,
after which this patch can be reviewed and merged.
This will be easier than trying to merge the redesigned
Broker on top of this.
Change-Id: Ia901fad604008654c01841df62e88918adad45e1
Reviewed-on: https://gerrit.libreoffice.org/23769
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
It is not a good idea to have the same string somewhat arbitrarily
both as a static const members of the LOOLWSD class and then as a
file-local static const in another file. Or defined as a separate
local const static in each compilation unit that includes
Common.hpp. Use constexpr instead, in Common.hpp.
This is C++, not Java. Or is there a school of thought for C++ style
that says one should avoid plain "C-style" file-local static
variables, and instead put everything always in a class, even as
static members? Do we want to follow that?
Configuration XML is added with SSL as sample use-case.
A 'desc' attribute can be used to describe the fields,
and another 'type' to help define the corresponding data
type in the code.
Since Poco allows accessing group nodes (that have the
same name) by index, order can be preserved.
SSL initialization refactored and cert/key file
paths moved to the config file.
Change-Id: I259826a19697bd851587bebcc4f0cd233ab6848b
Reviewed-on: https://gerrit.libreoffice.org/23464
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Renamed DocumentStoreManager to DocumentBroker and
restructured the handshake process.
Currently, at first client connection to a given doc
a DocumentBroker is created to serve as the clearing house
of all client-side activities on the document.
Prime goals is loading and saving of the document, but
also to guarantee race-free management of the doc.
Each doc has a unique DocKey based on the URL (the path,
without queries). This DocKey is used as key into a map
of all DocumentBrokers. The latter is shared among
MasterProcessSession instances.
Change-Id: I569f2d235676e88ddc690147f3cb89faa60388c2
Reviewed-on: https://gerrit.libreoffice.org/23216
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
The current format is more flexible and standard.
/loolwsd/child?sessionId=xxx&jailId=yyy
The sessionId is the client-specific connection ID (which
is originally passed to the child via the Broker.
The jailId is the PID of the child.
Change-Id: I69c88e84114f9678addf795896ca2da15ca1221b
Reviewed-on: https://gerrit.libreoffice.org/23211
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
