void conn_config_ssl (CfgGroup *grp)
{
Octstr *ssl_client_certkey_file = NULL;
Octstr *ssl_server_cert_file = NULL;
Octstr *ssl_server_key_file = NULL;
Octstr *ssl_trusted_ca_file = NULL;
/*
* check if SSL is desired for HTTP servers and then
* load SSL client and SSL server public certificates
* and private keys
*/
ssl_client_certkey_file = cfg_get(grp, octstr_imm("ssl-client-certkey-file"));
if (ssl_client_certkey_file != NULL)
use_global_client_certkey_file(ssl_client_certkey_file);
ssl_server_cert_file = cfg_get(grp, octstr_imm("ssl-server-cert-file"));
ssl_server_key_file = cfg_get(grp, octstr_imm("ssl-server-key-file"));
if (ssl_server_cert_file != NULL && ssl_server_key_file != NULL) {
use_global_server_certkey_file(ssl_server_cert_file,
ssl_server_key_file);
}
ssl_trusted_ca_file = cfg_get(grp, octstr_imm("ssl-trusted-ca-file"));
use_global_trusted_ca_file(ssl_trusted_ca_file);
octstr_destroy(ssl_client_certkey_file);
octstr_destroy(ssl_server_cert_file);
octstr_destroy(ssl_server_key_file);
octstr_destroy(ssl_trusted_ca_file);
}
int main(int argc, char **argv) {
int i, opt, use_threads;
struct sigaction act;
char *filename;
Octstr *log_filename;
Octstr *file_contents;
#ifdef HAVE_LIBSSL
Octstr *ssl_server_cert_file = NULL;
Octstr *ssl_server_key_file = NULL;
#endif
char *whitelist_name;
char *blacklist_name;
int white_asked,
black_asked;
long threads[MAX_THREADS];
FILE *fp;
gwlib_init();
act.sa_handler = sigterm;
sigemptyset(&act.sa_mask);
act.sa_flags = 0;
sigaction(SIGTERM, &act, NULL);
sigaction(SIGINT, &act, NULL);
port = 8080;
use_threads = 1;
verbose = 1;
run = 1;
filename = NULL;
log_filename = NULL;
blacklist_name = NULL;
whitelist_name = NULL;
white_asked = 0;
black_asked = 0;
reply_text = octstr_create("Sent.");
while ((opt = getopt(argc, argv, "hqv:p:t:f:l:sc:k:b:w:r:H:")) != EOF) {
switch (opt) {
case 'v':
log_set_output_level(atoi(optarg));
break;
case 'q':
verbose = 0;
break;
case 'h':
help();
exit(0);
case 'p':
port = atoi(optarg);
break;
case 't':
use_threads = atoi(optarg);
if (use_threads > MAX_THREADS)
use_threads = MAX_THREADS;
break;
case 'c':
#ifdef HAVE_LIBSSL
octstr_destroy(ssl_server_cert_file);
ssl_server_cert_file = octstr_create(optarg);
#endif
break;
case 'k':
#ifdef HAVE_LIBSSL
octstr_destroy(ssl_server_key_file);
ssl_server_key_file = octstr_create(optarg);
#endif
break;
case 's':
#ifdef HAVE_LIBSSL
ssl = 1;
#endif
break;
case 'f':
filename = optarg;
break;
case 'l':
octstr_destroy(log_filename);
log_filename = octstr_create(optarg);
break;
case 'w':
whitelist_name = optarg;
if (whitelist_name == NULL)
whitelist_name = "";
white_asked = 1;
break;
case 'b':
blacklist_name = optarg;
if (blacklist_name == NULL)
blacklist_name = "";
black_asked = 1;
break;
case 'r':
octstr_destroy(reply_text);
reply_text = octstr_create(optarg);
break;
case 'H': {
Octstr *cont;
fp = fopen(optarg, "a");
if (fp == NULL)
panic(0, "Cannot open header text file %s", optarg);
cont = octstr_read_file(optarg);
if (cont == NULL)
panic(0, "Cannot read header text");
debug("", 0, "headers are");
octstr_dump(cont, 0);
split_headers(cont, &extra_headers);
fclose(fp);
octstr_destroy(cont);
break;
}
case '?':
default:
error(0, "Invalid option %c", opt);
help();
panic(0, "Stopping.");
}
}
if (log_filename != NULL) {
log_open(octstr_get_cstr(log_filename), GW_DEBUG, GW_NON_EXCL);
octstr_destroy(log_filename);
}
if (filename == NULL)
file_contents = NULL;
else
file_contents = octstr_read_file(filename);
if (white_asked) {
whitelist = octstr_read_file(whitelist_name);
if (whitelist == NULL)
panic(0, "Cannot read the whitelist");
}
if (black_asked) {
blacklist = octstr_read_file(blacklist_name);
if (blacklist == NULL)
panic(0, "Cannot read the blacklist");
}
#ifdef HAVE_LIBSSL
/*
* check if we are doing a SSL-enabled server version here
* load the required cert and key file
*/
if (ssl) {
if (ssl_server_cert_file != NULL && ssl_server_key_file != NULL) {
use_global_server_certkey_file(ssl_server_cert_file, ssl_server_key_file);
octstr_destroy(ssl_server_cert_file);
octstr_destroy(ssl_server_key_file);
} else {
panic(0, "certificate and public key need to be given!");
}
}
#endif
if (http_open_port(port, ssl) == -1)
panic(0, "http_open_server failed");
/*
* Do the real work in a separate thread so that the main
* thread can catch signals safely.
*/
for (i = 0; i < use_threads; ++i)
threads[i] = gwthread_create(client_thread, file_contents);
/* wait for all working threads */
for (i = 0; i < use_threads; ++i)
gwthread_join(threads[i]);
octstr_destroy(reply_text);
gwlist_destroy(extra_headers, octstr_destroy_item);
debug("test.http", 0, "Program exiting normally.");
gwlib_shutdown();
return 0;
}
