| Rev | Line | |
|---|
| [11] | 1 | /* $Id: ssl.c 20 2024-09-14 09:59:15Z nishi $ */
|
|---|
| 2 |
|
|---|
| [16] | 3 | #define SOURCE
|
|---|
| 4 |
|
|---|
| [11] | 5 | #include "tw_ssl.h"
|
|---|
| [12] | 6 |
|
|---|
| 7 | #include "tw_config.h"
|
|---|
| 8 |
|
|---|
| 9 | #include <stdio.h>
|
|---|
| 10 |
|
|---|
| 11 | #include <cm_log.h>
|
|---|
| 12 |
|
|---|
| 13 | extern struct tw_config config;
|
|---|
| 14 |
|
|---|
| 15 | int tw_ssl_cert_cb(SSL* ssl, void* arg) {
|
|---|
| 16 | const char* s = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
|
|---|
| 17 | if(s != NULL) {
|
|---|
| 18 | cm_log("SSL", "Certificate request for %s", s);
|
|---|
| 19 | } else {
|
|---|
| 20 | s = config.hostname;
|
|---|
| 21 | cm_log("SSL", "Could not get the servername, defaulting to the hostname: %s", s);
|
|---|
| 22 | }
|
|---|
| 23 | struct tw_config_entry* e = tw_vhost_match(s, (uint64_t)arg);
|
|---|
| 24 | if(e != NULL && e->sslkey != NULL && e->sslcert != NULL) {
|
|---|
| 25 | SSL_use_PrivateKey_file(ssl, e->sslkey, SSL_FILETYPE_PEM);
|
|---|
| 26 | SSL_use_certificate_file(ssl, e->sslcert, SSL_FILETYPE_PEM);
|
|---|
| 27 | return 1;
|
|---|
| [19] | 28 | } else if(config.root.sslkey != NULL && config.root.sslcert != NULL) {
|
|---|
| 29 | SSL_use_PrivateKey_file(ssl, config.root.sslkey, SSL_FILETYPE_PEM);
|
|---|
| 30 | SSL_use_certificate_file(ssl, config.root.sslcert, SSL_FILETYPE_PEM);
|
|---|
| [20] | 31 | return 1;
|
|---|
| [12] | 32 | } else {
|
|---|
| 33 | return 0;
|
|---|
| 34 | }
|
|---|
| 35 | }
|
|---|
| 36 |
|
|---|
| 37 | SSL_CTX* tw_create_ssl_ctx(uint64_t port) {
|
|---|
| 38 | SSL_CTX* ctx = SSL_CTX_new(TLS_server_method());
|
|---|
| 39 | SSL_CTX_set_cert_cb(ctx, tw_ssl_cert_cb, (void*)port);
|
|---|
| 40 | return ctx;
|
|---|
| 41 | }
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
