| 1 |
nishi |
1.1 |
/* $Id: ssl.c 31 2024-09-16 07:52:02Z nishi $ */ |
| 2 |
|
|
|
| 3 |
|
|
#define SOURCE |
| 4 |
|
|
|
| 5 |
|
|
#include "tw_ssl.h" |
| 6 |
|
|
|
| 7 |
|
|
#include "tw_config.h" |
| 8 |
|
|
|
| 9 |
|
|
#include <stdio.h> |
| 10 |
|
|
|
| 11 |
|
|
#include <cm_log.h> |
| 12 |
|
|
|
| 13 |
|
|
extern struct tw_config config; |
| 14 |
|
|
|
| 15 |
|
|
int tw_ssl_cert_cb(SSL* ssl, void* arg) { |
| 16 |
|
|
const char* s = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); |
| 17 |
|
|
if(s != NULL) { |
| 18 |
|
|
cm_log("SSL", "Certificate request for %s", s); |
| 19 |
|
|
} else { |
| 20 |
|
|
s = config.hostname; |
| 21 |
|
|
cm_log("SSL", "Could not get the servername, defaulting to the hostname: %s", s); |
| 22 |
|
|
} |
| 23 |
|
|
struct tw_config_entry* e = tw_vhost_match(s, (__UINTPTR_TYPE__)arg); |
| 24 |
|
|
if(e != NULL && e->sslkey != NULL && e->sslcert != NULL) { |
| 25 |
|
|
SSL_use_PrivateKey_file(ssl, e->sslkey, SSL_FILETYPE_PEM); |
| 26 |
|
|
SSL_use_certificate_file(ssl, e->sslcert, SSL_FILETYPE_PEM); |
| 27 |
|
|
return 1; |
| 28 |
|
|
} else if(config.root.sslkey != NULL && config.root.sslcert != NULL) { |
| 29 |
|
|
SSL_use_PrivateKey_file(ssl, config.root.sslkey, SSL_FILETYPE_PEM); |
| 30 |
|
|
SSL_use_certificate_file(ssl, config.root.sslcert, SSL_FILETYPE_PEM); |
| 31 |
|
|
return 1; |
| 32 |
|
|
} else { |
| 33 |
|
|
return 0; |
| 34 |
|
|
} |
| 35 |
|
|
} |
| 36 |
|
|
|
| 37 |
|
|
SSL_CTX* tw_create_ssl_ctx(__UINTPTR_TYPE__ port) { |
| 38 |
|
|
SSL_CTX* ctx = SSL_CTX_new(TLS_server_method()); |
| 39 |
|
|
SSL_CTX_set_cert_cb(ctx, tw_ssl_cert_cb, (void*)port); |
| 40 |
|
|
return ctx; |
| 41 |
|
|
} |
Parent Directory
| 
Revision Log
| 
Revision Graph