--- a/src/server/daemon/httplistener.c Wed Oct 28 17:59:34 2015 +0100
+++ b/src/server/daemon/httplistener.c Sat Oct 31 15:01:07 2015 +0100
@@ -159,6 +159,34 @@
listener->port = conf->port;
listener->ref = 1;
listener->next = NULL;
+ listener->ssl = NULL;
+ if(conf->ssl) {
+ listener->ssl = malloc(sizeof(HttpSSL));
+
+ SSL_CTX *ctx = SSL_CTX_new( SSLv23_server_method());
+ SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
+
+ sstr_t file = sstrdup(conf->certfile);
+ int ret = SSL_CTX_use_certificate_file(ctx, file.ptr, SSL_FILETYPE_PEM);
+ free(file.ptr);
+ if(!ret) {
+ // TODO: cleanup
+ return NULL;
+ }
+
+ file = sstrdup(conf->privkeyfile);
+ ret = SSL_CTX_use_PrivateKey_file(ctx, file.ptr, SSL_FILETYPE_PEM);
+ free(file.ptr);
+ if(!ret) {
+ // TODO: cleanup
+ return NULL;
+ }
+
+ // TODO: chain
+ listener->ssl->sslctx = ctx;
+ }
+
+
ucx_map_sstr_put(listener_map, listener->name, listener);
struct sockaddr_in servaddr; /* server address */
@@ -288,13 +316,32 @@
conn->address = ca;
conn->fd = clientfd;
conn->listener = ls;
+ if(ls->ssl) {
+ SSL *ssl = SSL_new(ls->ssl->sslctx);
+ SSL_set_fd(ssl, clientfd);
+ if(SSL_accept(ssl) <= 0) {
+ free(conn);
+ conn = NULL;
+ } else {
+ conn->ssl = ssl;
+ conn->read = connection_ssl_read;
+ conn->write = connection_ssl_write;
+ conn->close = connection_ssl_close;
+ }
+ } else {
+ conn->read = connection_read;
+ conn->write = connection_write;
+ conn->close = connection_close;
+ }
- cfg_ref(ls->cfg);
+ if(conn) {
+ cfg_ref(ls->cfg);
- /* enqueue the connection */
- ls->session_handler->enqueue_connection(
- ls->session_handler,
- conn);
+ /* enqueue the connection */
+ ls->session_handler->enqueue_connection(
+ ls->session_handler,
+ conn);
+ }
/* ready for new connection */
