fixed a bug in ssl handling

This commit is contained in:
hyung-hwan 2012-09-15 14:27:14 +00:00
parent 2179c2a88b
commit 99f1b5453b
4 changed files with 53 additions and 42 deletions

View File

@ -286,7 +286,6 @@ struct qse_httpd_client_t
/* == PRIVATE == */
qse_htrd_t* htrd;
int secure;
int status;
qse_httpd_task_trigger_t trigger[QSE_HTTPD_TASK_TRIGGER_MAX];
qse_ntime_t last_active;

View File

@ -379,10 +379,10 @@ qse_httpd_t* qse_httpd_openstdwithmmgr (qse_mmgr_t* mmgr, qse_size_t xtnsize)
if (httpd == QSE_NULL) return QSE_NULL;
xtn = (httpd_xtn_t*)qse_httpd_getxtn (httpd);
QSE_MEMSET (xtn, 0, xtnsize);
#if defined(HAVE_SSL)
xtn->ssl_ctx = QSE_NULL;
init_xtn_ssl (xtn, "http01.pem", "http01.key");
/*init_xtn_ssl (xtn, "http01.pem", "http01.key");*/
#endif
qse_httpd_pushecb (httpd, &std_ecb);
@ -396,12 +396,23 @@ void* qse_httpd_getxtnstd (qse_httpd_t* httpd)
/* ------------------------------------------------------------------- */
static int sockaddr_to_nwad (
const struct sockaddr_storage* addr, qse_nwad_t* nwad)
union sockaddr_t
{
struct sockaddr_in in4;
#if defined(AF_INET6)
struct sockaddr_in6 in6;
#endif
};
typedef union sockaddr_t sockaddr_t;
#define SOCKADDR_FAMILY(x) (((struct sockaddr_in*)(x))->sin_family)
static int sockaddr_to_nwad (const sockaddr_t* addr, qse_nwad_t* nwad)
{
int addrsize = -1;
switch (addr->ss_family)
switch (SOCKADDR_FAMILY(addr))
{
case AF_INET:
{
@ -436,8 +447,7 @@ static int sockaddr_to_nwad (
return addrsize;
}
static int nwad_to_sockaddr (
const qse_nwad_t* nwad, struct sockaddr_storage* addr)
static int nwad_to_sockaddr (const qse_nwad_t* nwad, sockaddr_t* addr)
{
int addrsize = -1;
@ -483,9 +493,7 @@ static int nwad_to_sockaddr (
static int server_open (qse_httpd_t* httpd, qse_httpd_server_t* server)
{
int fd = -1, flag;
/* TODO: if AF_INET6 is not defined sockaddr_storage is not available...
* create your own union or somehting similar... */
struct sockaddr_storage addr;
sockaddr_t addr;
int addrsize;
addrsize = nwad_to_sockaddr (&server->nwad, &addr);
@ -495,7 +503,7 @@ static int server_open (qse_httpd_t* httpd, qse_httpd_server_t* server)
return -1;
}
fd = socket (addr.ss_family, SOCK_STREAM, IPPROTO_TCP);
fd = socket (SOCKADDR_FAMILY(&addr), SOCK_STREAM, IPPROTO_TCP);
if (fd <= -1) goto oops;
flag = fcntl (fd, F_GETFD);
@ -518,7 +526,7 @@ static int server_open (qse_httpd_t* httpd, qse_httpd_server_t* server)
if (bind (fd, (struct sockaddr*)&addr, addrsize) <= -1)
{
#if defined(IPV6_V6ONLY)
if (errno == EADDRINUSE && addr.ss_family == AF_INET6)
if (errno == EADDRINUSE && SOCKADDR_FAMILY(&addr) == AF_INET6)
{
int on = 1;
setsockopt (fd, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on));
@ -552,7 +560,7 @@ static int server_accept (
qse_httpd_t* httpd,
qse_httpd_server_t* server, qse_httpd_client_t* client)
{
struct sockaddr_storage addr;
sockaddr_t addr;
#ifdef HAVE_SOCKLEN_T
socklen_t addrlen;
@ -619,9 +627,7 @@ qse_fprintf (QSE_STDERR, QSE_T("Error: too many client?\n"));
static int peer_open (qse_httpd_t* httpd, qse_httpd_peer_t* peer)
{
int fd = -1, flag;
/* TODO: if AF_INET6 is not defined sockaddr_storage is not available...
* create your own union or somehting similar... */
struct sockaddr_storage addr;
sockaddr_t addr;
int addrsize;
int connected = 1;
@ -632,7 +638,7 @@ static int peer_open (qse_httpd_t* httpd, qse_httpd_peer_t* peer)
return -1;
}
fd = socket (addr.ss_family, SOCK_STREAM, IPPROTO_TCP);
fd = socket (SOCKADDR_FAMILY(&addr), SOCK_STREAM, IPPROTO_TCP);
if (fd <= -1) goto oops;
flag = fcntl (fd, F_GETFD);
@ -1093,7 +1099,7 @@ static qse_ssize_t client_recv (
qse_httpd_t* httpd, qse_httpd_client_t* client,
qse_mchar_t* buf, qse_size_t bufsize)
{
if (client->secure)
if (client->status & CLIENT_SECURE)
{
#if defined(HAVE_SSL)
int ret = SSL_read (client->handle2.ptr, buf, bufsize);
@ -1121,7 +1127,7 @@ static qse_ssize_t client_send (
qse_httpd_t* httpd, qse_httpd_client_t* client,
const qse_mchar_t* buf, qse_size_t bufsize)
{
if (client->secure)
if (client->status & CLIENT_SECURE)
{
#if defined(HAVE_SSL)
int ret = SSL_write (client->handle2.ptr, buf, bufsize);
@ -1149,7 +1155,7 @@ static qse_ssize_t client_sendfile (
qse_httpd_t* httpd, qse_httpd_client_t* client,
qse_ubi_t handle, qse_foff_t* offset, qse_size_t count)
{
if (client->secure)
if (client->status & CLIENT_SECURE)
{
#if defined(HAVE_SSL)
return xsendfile_ssl (client->handle2.ptr, handle.i, offset, count);
@ -1167,23 +1173,27 @@ static int client_accepted (qse_httpd_t* httpd, qse_httpd_client_t* client)
{
httpd_xtn_t* xtn = (httpd_xtn_t*) qse_httpd_getxtn (httpd);
if (client->secure)
if (client->status & CLIENT_SECURE)
{
#if defined(HAVE_SSL)
int ret;
SSL* ssl;
if (!xtn->ssl_ctx)
{
/* delayed initialization of ssl */
if (init_xtn_ssl (xtn, "http01.pem", "http01.key") <= -1)
{
return -1;
}
}
QSE_ASSERT (xtn->ssl_ctx != QSE_NULL);
if (client->handle2.ptr)
{
ssl = client->handle2.ptr;
}
else if (!xtn->ssl_ctx)
{
/* no ssl */
qse_printf (QSE_T("NO SSL\n"));
qse_fflush (QSE_STDOUT);
return -1;
}
else
{
ssl = SSL_new (xtn->ssl_ctx);
@ -1224,7 +1234,7 @@ qse_fflush (QSE_STDOUT);
static void client_closed (qse_httpd_t* httpd, qse_httpd_client_t* client)
{
if (client->secure)
if (client->status & CLIENT_SECURE)
{
#if defined(HAVE_SSL)
if (client->handle2.ptr)

View File

@ -42,17 +42,6 @@ QSE_IMPLEMENT_COMMON_FUNCTIONS (httpd)
#define DEFAULT_PORT 80
#define DEFAULT_SECURE_PORT 443
/* client->status */
#define CLIENT_BAD (1 << 0)
#define CLIENT_READY (1 << 1)
#define CLIENT_SECURE (1 << 2)
#define CLIENT_MUTE (1 << 3)
#define CLIENT_MUTE_DELETED (1 << 4)
#define CLIENT_HANDLE_READ_IN_MUX (1 << 5)
#define CLIENT_HANDLE_WRITE_IN_MUX (1 << 6)
#define CLIENT_HANDLE_IN_MUX (CLIENT_HANDLE_READ_IN_MUX|CLIENT_HANDLE_WRITE_IN_MUX)
#define CLIENT_TASK_TRIGGER_IN_MUX(i) (1 << ((i) + 7))
static void free_server_list (
qse_httpd_t* httpd, qse_httpd_server_t* server);
static int perform_client_task (
@ -316,10 +305,11 @@ static qse_httpd_client_t* new_client (
qse_htrd_setoption (client->htrd, QSE_HTRD_REQUEST | QSE_HTRD_TRAILERS | QSE_HTRD_CANONQPATH);
client->status = tmpl->status;
if (httpd->scb->client.accepted == QSE_NULL)
client->status |= CLIENT_READY;
client->status = tmpl->status;
client->handle = tmpl->handle;
client->handle2 = tmpl->handle2;
client->remote_addr = tmpl->remote_addr;

View File

@ -69,6 +69,18 @@ struct qse_httpd_t
#define MAX_SEND_SIZE 4096
/* client->status */
#define CLIENT_BAD (1 << 0)
#define CLIENT_READY (1 << 1)
#define CLIENT_SECURE (1 << 2)
#define CLIENT_MUTE (1 << 3)
#define CLIENT_MUTE_DELETED (1 << 4)
#define CLIENT_HANDLE_READ_IN_MUX (1 << 5)
#define CLIENT_HANDLE_WRITE_IN_MUX (1 << 6)
#define CLIENT_HANDLE_IN_MUX (CLIENT_HANDLE_READ_IN_MUX|CLIENT_HANDLE_WRITE_IN_MUX)
#define CLIENT_TASK_TRIGGER_IN_MUX(i) (1 << ((i) + 7))
#ifdef __cplusplus
extern "C" {
#endif