comparison: src/server/daemon/httplistener.c
src/server/daemon/httplistener.c
- changeset 441
- 797aeb31a2c6
- parent 440
- d77b8f3e14e2
- child 444
- 96d2ba2f28db
equal
deleted
inserted
replaced
| 440:d77b8f3e14e2 | 441:797aeb31a2c6 |
|---|---|
| 179 } | 179 } |
| 180 | 180 |
| 181 int ret; | 181 int ret; |
| 182 char errbuf[512]; | 182 char errbuf[512]; |
| 183 | 183 |
| 184 // get TLS cert | |
| 184 error = 0; | 185 error = 0; |
| 185 if(!conf->chainfile.ptr) { | 186 if(conf->chainfile.ptr) { |
| 187 ret = SSL_CTX_use_certificate_chain_file(ctx, conf->chainfile.ptr); | |
| 188 if(!ret) { | |
| 189 ERR_error_string(ERR_get_error(), errbuf); | |
| 190 log_ereport(LOG_MISCONFIG, "Cannot load ssl cert file: %s", errbuf); | |
| 191 error = 1; | |
| 192 } | |
| 193 } else if(conf->certfile.ptr) { | |
| 186 ret = SSL_CTX_use_certificate_file(ctx, conf->certfile.ptr, SSL_FILETYPE_PEM); | 194 ret = SSL_CTX_use_certificate_file(ctx, conf->certfile.ptr, SSL_FILETYPE_PEM); |
| 187 if(!ret) { | 195 if(!ret) { |
| 188 ERR_error_string(ERR_get_error(), errbuf); | 196 ERR_error_string(ERR_get_error(), errbuf); |
| 189 log_ereport(LOG_MISCONFIG, "Cannot load ssl chain file: %s", errbuf); | 197 log_ereport(LOG_MISCONFIG, "Cannot load ssl chain file: %s", errbuf); |
| 190 error = 1; | 198 error = 1; |
| 191 } | 199 } |
| 192 } else { | 200 } else { |
| 193 ret = SSL_CTX_use_certificate_chain_file(ctx, conf->chainfile.ptr); | 201 log_ereport(LOG_MISCONFIG, "Listener %s: no CertChain/Cert specified", conf->name.ptr); |
| 194 if(!ret) { | 202 error = 1; |
| 195 ERR_error_string(ERR_get_error(), errbuf); | 203 } |
| 196 log_ereport(LOG_MISCONFIG, "Cannot load ssl cert file: %s", errbuf); | 204 |
| 197 error = 1; | 205 // get private key |
| 198 } | |
| 199 } | |
| 200 | |
| 201 ret = SSL_CTX_use_PrivateKey_file(ctx, conf->privkeyfile.ptr, SSL_FILETYPE_PEM); | 206 ret = SSL_CTX_use_PrivateKey_file(ctx, conf->privkeyfile.ptr, SSL_FILETYPE_PEM); |
| 202 if(!ret) { | 207 if(!ret) { |
| 203 ERR_error_string(ERR_get_error(), errbuf); | 208 ERR_error_string(ERR_get_error(), errbuf); |
| 204 log_ereport(LOG_MISCONFIG, "Cannot load ssl key file: %s", errbuf); | 209 log_ereport(LOG_MISCONFIG, "Cannot load ssl key file: %s", errbuf); |
| 205 error = 1; | 210 error = 1; |
| 209 SSL_CTX_free(ctx); | 214 SSL_CTX_free(ctx); |
| 210 return NULL; | 215 return NULL; |
| 211 } | 216 } |
| 212 | 217 |
| 213 HttpSSL *ssl = pool_malloc(conf->cfg->pool, sizeof(HttpSSL)); | 218 HttpSSL *ssl = pool_malloc(conf->cfg->pool, sizeof(HttpSSL)); |
| 219 if(!ssl) { | |
| 220 SSL_CTX_free(ctx); | |
| 221 return NULL; | |
| 222 } | |
| 214 ZERO(ssl, sizeof(HttpSSL)); | 223 ZERO(ssl, sizeof(HttpSSL)); |
| 215 ssl->sslctx = ctx; | 224 ssl->sslctx = ctx; |
| 216 | 225 |
| 217 return NULL; | 226 return ssl; |
| 218 } | 227 } |
| 219 | 228 |
| 220 static WSSocket* create_socket(ListenerConfig *conf, const char *protocol) { | 229 static WSSocket* create_socket(ListenerConfig *conf, const char *protocol) { |
| 221 WSBool ipv4 = !strcmp(protocol, "ipv4") ? TRUE : FALSE; | 230 WSBool ipv4 = !strcmp(protocol, "ipv4") ? TRUE : FALSE; |
| 222 | 231 |
