static
DWORD
_VMCARestServerInitHTTPS(
VOID
)
{
DWORD dwError = 0;
REST_CONF config = {0};
PREST_PROCESSOR pHandlers = &sVMCARestApiHandlers;
PREST_API_MODULE pModule = NULL;
PVMREST_HANDLE pHTTPSHandle = NULL;
config.serverPort = VMCA_HTTPS_V2_PORT_NUM;
config.connTimeoutSec = VMCA_REST_CONN_TIMEOUT_SEC;
config.maxDataPerConnMB = VMCA_MAX_DATA_PER_CONN_MB;
config.pSSLContext = gVMCAServerGlobals.gpVMCASslCtx;
config.nWorkerThr = VMCA_REST_WORKERTHCNT;
config.nClientCnt = VMCA_REST_CLIENTCNT;
config.SSLCtxOptionsFlag = 0;
config.pszSSLCertificate = NULL;
config.pszSSLKey = NULL;
config.pszSSLCipherList = NULL;
config.pszDebugLogFile = NULL;
config.pszDaemonName = VMCA_DAEMON_NAME;
config.isSecure = TRUE;
config.useSysLog = TRUE;
config.debugLogLevel = VMCAToCRestEngineLogLevel();
dwError = VmRESTInit(&config, &pHTTPSHandle);
BAIL_ON_VMCA_ERROR(dwError);
for (pModule = gpVMCARestApiDef->pModules; pModule; pModule = pModule->pNext)
{
PREST_API_ENDPOINT pEndPoint = pModule->pEndPoints;
for (; pEndPoint; pEndPoint = pEndPoint->pNext)
{
dwError = VmRESTRegisterHandler(
pHTTPSHandle, pEndPoint->pszName, pHandlers, NULL);
BAIL_ON_VMCA_ERROR(dwError);
}
}
dwError = VmRESTStart(pHTTPSHandle);
BAIL_ON_VMCA_ERROR(dwError);
gpVMCARestHTTPSHandle = pHTTPSHandle;
cleanup:
return dwError;
error:
if (_VMCAStopRestHandle(pHTTPSHandle) == 0)
{
_VMCAFreeRestHandle(pHTTPSHandle, gpVMCARestApiDef);
}
VMCA_LOG_ERROR(
"%s failed, error (%d)",
__FUNCTION__,
dwError);
goto cleanup;
}
static
DWORD
_VMCAHttpsServiceStartup(
VOID
)
{
DWORD dwError = 0;
DWORD iter = 0;
DWORD endPointCnt = 0;
REST_CONF config = {0};
PSTR pszCert = NULL;
PSTR pszKey = NULL;
DWORD dwPort = 0;
PREST_PROCESSOR pHandlers = &sVmcaRestHandlers;
PVMREST_HANDLE pHTTPSHandle = NULL;
(VOID)VMCAGetRegKeyValueDword(
VMCA_KEY_PARAMETERS,//VMCA_CONFIG_PARAMETER_KEY_PATH,
VMCA_HTTPS_PORT_REG_KEY,
&dwPort,
VMCA_HTTPS_PORT_NUM
);
// port value '0' indicates don't start HTTPS service
if (dwPort == 0)
{
goto cleanup;
}
config.serverPort = dwPort;
config.connTimeoutSec = VMCA_REST_CONN_TIMEOUT_SEC;
config.maxDataPerConnMB = VMCA_MAX_DATA_PER_CONN_MB;
config.pSSLContext = NULL;
config.nWorkerThr = VMCA_REST_WORKER_TH_CNT;
config.nClientCnt = VMCA_REST_CLIENT_CNT;
config.SSLCtxOptionsFlag = 0;
config.pszSSLCertificate = NULL;
config.pszSSLKey = NULL;
config.pszSSLCipherList = NULL;
config.pszDebugLogFile = NULL;
config.pszDaemonName = VMCA_DAEMON_NAME;
config.isSecure = TRUE;
config.useSysLog = TRUE;
config.debugLogLevel = VMREST_LOG_LEVEL_ERROR;
//Get Certificate and Key from VECS and Set it to Rest Engine
dwError = VMCAGetVecsMachineCert(&pszCert, &pszKey);
BAIL_ON_VMREST_ERROR(dwError);
dwError = VmRESTInit(&config, &pHTTPSHandle);
BAIL_ON_VMREST_ERROR(dwError);
dwError = VmRESTSetSSLInfo(pHTTPSHandle, pszCert, VMCAStringLenA(pszCert)+1, SSL_DATA_TYPE_CERT);
BAIL_ON_VMREST_ERROR(dwError);
dwError = VmRESTSetSSLInfo(pHTTPSHandle, pszKey, VMCAStringLenA(pszKey)+1, SSL_DATA_TYPE_KEY);
BAIL_ON_VMREST_ERROR(dwError);
endPointCnt = ARRAY_SIZE(restEndPoints);
for (iter = 0; iter < endPointCnt; iter++)
{
dwError = VmRESTRegisterHandler(
pHTTPSHandle,
restEndPoints[iter],
pHandlers,
NULL);
BAIL_ON_VMREST_ERROR(dwError);
}
dwError = VmRESTStart(pHTTPSHandle);
BAIL_ON_VMREST_ERROR(dwError);
gpVMCAHTTPSHandle = pHTTPSHandle;
cleanup:
VMCA_SAFE_FREE_MEMORY(pszCert);
VMCA_SAFE_FREE_MEMORY(pszKey);
return dwError;
error:
_VMCARestFreeHandle(pHTTPSHandle);
VMCA_LOG_ERROR("%s: failure while starting REST HTTPS service, error: %d", __FUNCTION__, dwError);
goto cleanup;
}
static
DWORD
_VmDirRESTServerInitHTTPS(
VOID
)
{
DWORD dwError = 0;
REST_CONF config = {0};
PREST_PROCESSOR pHandlers = &sVmDirHTTPSHandlers;
PREST_API_MODULE pModule = NULL;
PVMREST_HANDLE pHTTPSHandle = NULL;
/*
* If dwHTTPSListenPort is '0' user wants to disable HTTPS service
* Initializing openssl context is treated as soft fail, gpVdirSslCtx can be NULL
* If gpVdirSslCtx NULL, don't start the service
*/
if (gVmdirGlobals.dwHTTPSListenPort == 0 || gVmdirGlobals.gpVdirSslCtx == NULL)
{
VMDIR_LOG_WARNING(
VMDIR_LOG_MASK_ALL,
"%s : not listening in HTTPS port",
__FUNCTION__);
goto cleanup;
}
config.serverPort = gVmdirGlobals.dwHTTPSListenPort;
config.connTimeoutSec = VMDIR_REST_CONN_TIMEOUT_SEC;
config.maxDataPerConnMB = VMDIR_MAX_DATA_PER_CONN_MB;
config.pSSLContext = gVmdirGlobals.gpVdirSslCtx;
config.nWorkerThr = gVmdirServerGlobals.dwRESTWorker;
config.nClientCnt = gVmdirServerGlobals.dwRESTWorker;
config.SSLCtxOptionsFlag = 0;
config.pszSSLCertificate = NULL;
config.pszSSLKey = NULL;
config.pszSSLCipherList = NULL;
config.pszDebugLogFile = NULL;
config.pszDaemonName = VMDIR_DAEMON_NAME;
config.isSecure = TRUE;
config.useSysLog = TRUE;
config.debugLogLevel = VmDirToCRestEngineLogLevel();
dwError = VmRESTInit(&config, &pHTTPSHandle);
BAIL_ON_VMDIR_ERROR(dwError);
for (pModule = gpVdirRestApiDef->pModules; pModule; pModule = pModule->pNext)
{
PREST_API_ENDPOINT pEndPoint = pModule->pEndPoints;
for (; pEndPoint; pEndPoint = pEndPoint->pNext)
{
dwError = VmRESTRegisterHandler(
pHTTPSHandle, pEndPoint->pszName, pHandlers, NULL);
BAIL_ON_VMDIR_ERROR(dwError);
}
}
dwError = VmRESTStart(pHTTPSHandle);
BAIL_ON_VMDIR_ERROR(dwError);
gpVdirRestHTTPSHandle = pHTTPSHandle;
cleanup:
return dwError;
error:
if (_VmDirStopRESTHandle(pHTTPSHandle) == 0)
{
_VmDirFreeRESTHandle(pHTTPSHandle);
}
VMDIR_LOG_ERROR(
VMDIR_LOG_MASK_ALL,
"%s failed with error %d, not going to listen on REST port (expected before promote)",
__FUNCTION__,
dwError);
goto cleanup;
}
static
DWORD
_VmDirRESTServerInitHTTP(
VOID
)
{
DWORD dwError = 0;
REST_CONF config = {0};
PREST_PROCESSOR pHandlers = &sVmDirRESTLdapHandlers;
PREST_API_MODULE pModule = NULL;
PVMREST_HANDLE pHTTPHandle = NULL;
/*
* dwHTTPListenPort is '0' then user wants to disable HTTP endpoint
*/
if (gVmdirGlobals.dwHTTPListenPort == 0)
{
VMDIR_LOG_WARNING(
VMDIR_LOG_MASK_ALL,
"%s : not listening in HTTP port",
__FUNCTION__);
goto cleanup;
}
config.serverPort = gVmdirGlobals.dwHTTPListenPort;
config.connTimeoutSec = VMDIR_REST_CONN_TIMEOUT_SEC;
config.maxDataPerConnMB = VMDIR_MAX_DATA_PER_CONN_MB;
config.pSSLContext = NULL;
config.nWorkerThr = VMDIR_REST_WORKERTHCNT;
config.nClientCnt = VMDIR_REST_CLIENTCNT;
config.SSLCtxOptionsFlag = 0;
config.pszSSLCertificate = NULL;
config.pszSSLKey = NULL;
config.pszSSLCipherList = NULL;
config.pszDebugLogFile = NULL;
config.pszDaemonName = VMDIR_DAEMON_NAME;
config.isSecure = FALSE;
config.useSysLog = TRUE;
config.debugLogLevel = VmDirToCRestEngineLogLevel();
dwError = VmRESTInit(&config, &pHTTPHandle);
BAIL_ON_VMDIR_ERROR(dwError);
for (pModule = gpVdirRestApiDef->pModules; pModule; pModule = pModule->pNext)
{
PREST_API_ENDPOINT pEndPoint = pModule->pEndPoints;
for (; pEndPoint; pEndPoint = pEndPoint->pNext)
{
dwError = VmRESTRegisterHandler(
pHTTPHandle, pEndPoint->pszName, pHandlers, NULL);
BAIL_ON_VMDIR_ERROR(dwError);
}
}
dwError = VmRESTStart(pHTTPHandle);
BAIL_ON_VMDIR_ERROR(dwError);
gpVdirRestHTTPHandle = pHTTPHandle;
cleanup:
return dwError;
error:
if (_VmDirStopRESTHandle(pHTTPHandle) == 0)
{
_VmDirFreeRESTHandle(pHTTPHandle, gpVdirRestApiDef);
}
VMDIR_LOG_ERROR(
VMDIR_LOG_MASK_ALL,
"%s failed, error (%d)",
__FUNCTION__,
dwError);
goto cleanup;
}
