| Line | |
|---|
| 1 | /* $Id: ssl.c 12 2024-09-13 13:36:03Z nishi $ */
|
|---|
| 2 |
|
|---|
| 3 | #include "tw_ssl.h"
|
|---|
| 4 |
|
|---|
| 5 | #include "tw_config.h"
|
|---|
| 6 |
|
|---|
| 7 | #include <stdio.h>
|
|---|
| 8 |
|
|---|
| 9 | #include <cm_log.h>
|
|---|
| 10 |
|
|---|
| 11 | extern struct tw_config config;
|
|---|
| 12 |
|
|---|
| 13 | int tw_ssl_cert_cb(SSL* ssl, void* arg) {
|
|---|
| 14 | const char* s = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
|
|---|
| 15 | if(s != NULL) {
|
|---|
| 16 | cm_log("SSL", "Certificate request for %s", s);
|
|---|
| 17 | } else {
|
|---|
| 18 | s = config.hostname;
|
|---|
| 19 | cm_log("SSL", "Could not get the servername, defaulting to the hostname: %s", s);
|
|---|
| 20 | }
|
|---|
| 21 | struct tw_config_entry* e = tw_vhost_match(s, (uint64_t)arg);
|
|---|
| 22 | if(e != NULL && e->sslkey != NULL && e->sslcert != NULL) {
|
|---|
| 23 | SSL_use_PrivateKey_file(ssl, e->sslkey, SSL_FILETYPE_PEM);
|
|---|
| 24 | SSL_use_certificate_file(ssl, e->sslcert, SSL_FILETYPE_PEM);
|
|---|
| 25 | return 1;
|
|---|
| 26 | } else {
|
|---|
| 27 | return 0;
|
|---|
| 28 | }
|
|---|
| 29 | }
|
|---|
| 30 |
|
|---|
| 31 | SSL_CTX* tw_create_ssl_ctx(uint64_t port) {
|
|---|
| 32 | SSL_CTX* ctx = SSL_CTX_new(TLS_server_method());
|
|---|
| 33 | SSL_CTX_set_cert_cb(ctx, tw_ssl_cert_cb, (void*)port);
|
|---|
| 34 | return ctx;
|
|---|
| 35 | }
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
