comparison: src/server/daemon/httplistener.c
src/server/daemon/httplistener.c
- changeset 106
- b122f34ddc80
- parent 101
- 7fbcdbad0baa
- child 111
- c93be34fde76
equal
deleted
inserted
replaced
| 105:63d9051fe35c | 106:b122f34ddc80 |
|---|---|
| 157 listener->session_handler = create_event_session_handler(); | 157 listener->session_handler = create_event_session_handler(); |
| 158 listener->nacceptors = conf->nacceptors; | 158 listener->nacceptors = conf->nacceptors; |
| 159 listener->port = conf->port; | 159 listener->port = conf->port; |
| 160 listener->ref = 1; | 160 listener->ref = 1; |
| 161 listener->next = NULL; | 161 listener->next = NULL; |
| 162 listener->ssl = NULL; | |
| 163 if(conf->ssl) { | |
| 164 listener->ssl = malloc(sizeof(HttpSSL)); | |
| 165 | |
| 166 SSL_CTX *ctx = SSL_CTX_new( SSLv23_server_method()); | |
| 167 SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE); | |
| 168 | |
| 169 sstr_t file = sstrdup(conf->certfile); | |
| 170 int ret = SSL_CTX_use_certificate_file(ctx, file.ptr, SSL_FILETYPE_PEM); | |
| 171 free(file.ptr); | |
| 172 if(!ret) { | |
| 173 // TODO: cleanup | |
| 174 return NULL; | |
| 175 } | |
| 176 | |
| 177 file = sstrdup(conf->privkeyfile); | |
| 178 ret = SSL_CTX_use_PrivateKey_file(ctx, file.ptr, SSL_FILETYPE_PEM); | |
| 179 free(file.ptr); | |
| 180 if(!ret) { | |
| 181 // TODO: cleanup | |
| 182 return NULL; | |
| 183 } | |
| 184 | |
| 185 // TODO: chain | |
| 186 listener->ssl->sslctx = ctx; | |
| 187 } | |
| 188 | |
| 189 | |
| 162 ucx_map_sstr_put(listener_map, listener->name, listener); | 190 ucx_map_sstr_put(listener_map, listener->name, listener); |
| 163 | 191 |
| 164 struct sockaddr_in servaddr; /* server address */ | 192 struct sockaddr_in servaddr; /* server address */ |
| 165 | 193 |
| 166 /* init address structure */ | 194 /* init address structure */ |
| 286 /* create Connection object */ | 314 /* create Connection object */ |
| 287 Connection *conn = malloc(sizeof(Connection)); | 315 Connection *conn = malloc(sizeof(Connection)); |
| 288 conn->address = ca; | 316 conn->address = ca; |
| 289 conn->fd = clientfd; | 317 conn->fd = clientfd; |
| 290 conn->listener = ls; | 318 conn->listener = ls; |
| 291 | 319 if(ls->ssl) { |
| 292 cfg_ref(ls->cfg); | 320 SSL *ssl = SSL_new(ls->ssl->sslctx); |
| 293 | 321 SSL_set_fd(ssl, clientfd); |
| 294 /* enqueue the connection */ | 322 if(SSL_accept(ssl) <= 0) { |
| 295 ls->session_handler->enqueue_connection( | 323 free(conn); |
| 296 ls->session_handler, | 324 conn = NULL; |
| 297 conn); | 325 } else { |
| 326 conn->ssl = ssl; | |
| 327 conn->read = connection_ssl_read; | |
| 328 conn->write = connection_ssl_write; | |
| 329 conn->close = connection_ssl_close; | |
| 330 } | |
| 331 } else { | |
| 332 conn->read = connection_read; | |
| 333 conn->write = connection_write; | |
| 334 conn->close = connection_close; | |
| 335 } | |
| 336 | |
| 337 if(conn) { | |
| 338 cfg_ref(ls->cfg); | |
| 339 | |
| 340 /* enqueue the connection */ | |
| 341 ls->session_handler->enqueue_connection( | |
| 342 ls->session_handler, | |
| 343 conn); | |
| 344 } | |
| 298 | 345 |
| 299 /* ready for new connection */ | 346 /* ready for new connection */ |
| 300 | 347 |
| 301 if(acceptor_exit) { | 348 if(acceptor_exit) { |
| 302 // this acceptor is outdated | 349 // this acceptor is outdated |
