/*
function set provider(name: String): Void
*/
static EjsObj *http_set_provider(Ejs *ejs, EjsHttp *hp, int argc, EjsObj **argv)
{
if (!hp->ssl) {
hp->ssl = mprCreateSsl(0);
}
mprSetSslProvider(hp->ssl, ejsToMulti(ejs, argv[0]));
return 0;
}
/*
Initialize the MPR SSL layer
*/
PUBLIC int mprSslInit(void *unused, MprModule *module)
{
RandBuf randBuf;
int i;
randBuf.now = mprGetTime();
randBuf.pid = getpid();
RAND_seed((void*) &randBuf, sizeof(randBuf));
#if ME_UNIX_LIKE
RAND_load_file("/dev/urandom", 256);
#endif
if ((openProvider = mprAllocObj(MprSocketProvider, manageOpenProvider)) == NULL) {
return MPR_ERR_MEMORY;
}
openProvider->name = sclone("openssl");
openProvider->upgradeSocket = upgradeOss;
openProvider->closeSocket = closeOss;
openProvider->disconnectSocket = disconnectOss;
openProvider->flushSocket = flushOss;
openProvider->socketState = getOssState;
openProvider->readSocket = readOss;
openProvider->writeSocket = writeOss;
mprSetSslProvider(openProvider);
/*
Configure the SSL library. Use the crypto ID as a one-time test. This allows
users to configure the library and have their configuration used instead.
*/
mprGlobalLock();
if (CRYPTO_get_id_callback() == 0) {
numLocks = CRYPTO_num_locks();
if ((olocks = mprAlloc(numLocks * sizeof(MprMutex*))) == 0) {
return MPR_ERR_MEMORY;
}
for (i = 0; i < numLocks; i++) {
olocks[i] = mprCreateLock();
}
CRYPTO_set_id_callback(sslThreadId);
CRYPTO_set_locking_callback(sslStaticLock);
CRYPTO_set_dynlock_create_callback(sslCreateDynLock);
CRYPTO_set_dynlock_destroy_callback(sslDestroyDynLock);
CRYPTO_set_dynlock_lock_callback(sslDynLock);
#if !ME_WIN_LIKE
OpenSSL_add_all_algorithms();
#endif
/*
WARNING: SSL_library_init() is not reentrant. Caller must ensure safety.
*/
SSL_library_init();
SSL_load_error_strings();
}
mprGlobalUnlock();
return 0;
}
static int parseArgs(int argc, char **argv)
{
char *argp, *key, *value;
int i, setWorkers, nextArg, ssl;
setWorkers = 0;
ssl = 0;
for (nextArg = 1; nextArg < argc; nextArg++) {
argp = argv[nextArg];
if (*argp != '-') {
break;
}
if (smatch(argp, "--auth")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->authType = slower(argv[++nextArg]);
}
} else if (smatch(argp, "--benchmark") || smatch(argp, "-b")) {
app->benchmark++;
} else if (smatch(argp, "--ca")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->ca = sclone(argv[++nextArg]);
if (!mprPathExists(app->ca, R_OK)) {
mprError("Cannot find ca file %s", app->ca);
return MPR_ERR_BAD_ARGS;
}
}
ssl = 1;
} else if (smatch(argp, "--cert")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->cert = sclone(argv[++nextArg]);
if (!mprPathExists(app->cert, R_OK)) {
mprError("Cannot find cert file %s", app->cert);
return MPR_ERR_BAD_ARGS;
}
}
ssl = 1;
} else if (smatch(argp, "--chunk")) {
if (nextArg >= argc) {
return showUsage();
} else {
value = argv[++nextArg];
app->chunkSize = atoi(value);
if (app->chunkSize < 0) {
mprError("Bad chunksize %d", app->chunkSize);
return MPR_ERR_BAD_ARGS;
}
}
} else if (smatch(argp, "--ciphers")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->ciphers = sclone(argv[++nextArg]);
}
ssl = 1;
} else if (smatch(argp, "--continue") || smatch(argp, "-c")) {
app->continueOnErrors++;
} else if (smatch(argp, "--cookie")) {
if (nextArg >= argc) {
return showUsage();
} else {
mprAddItem(app->headers, mprCreateKeyPair("Cookie", argv[++nextArg], 0));
}
} else if (smatch(argp, "--data")) {
if (nextArg >= argc) {
return showUsage();
} else {
if (app->bodyData == 0) {
app->bodyData = mprCreateBuf(-1, -1);
}
mprPutStringToBuf(app->bodyData, argv[++nextArg]);
}
} else if (smatch(argp, "--debugger") || smatch(argp, "-D")) {
mprSetDebugMode(1);
app->retries = 0;
app->timeout = MAXINT;
} else if (smatch(argp, "--delete")) {
app->method = "DELETE";
} else if (smatch(argp, "--form") || smatch(argp, "-f")) {
if (nextArg >= argc) {
return showUsage();
} else {
if (app->formData == 0) {
app->formData = mprCreateList(-1, 0);
}
addFormVars(argv[++nextArg]);
}
} else if (smatch(argp, "--header")) {
if (nextArg >= argc) {
return showUsage();
} else {
key = argv[++nextArg];
if ((value = strchr(key, ':')) == 0) {
mprError("Bad header format. Must be \"key: value\"");
return MPR_ERR_BAD_ARGS;
}
*value++ = '\0';
while (isspace((uchar) *value)) {
value++;
}
mprAddItem(app->headers, mprCreateKeyPair(key, value, 0));
}
} else if (smatch(argp, "--host")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->host = argv[++nextArg];
if (*app->host == ':') {
app->host = &app->host[1];
}
if (isPort(app->host)) {
app->host = sfmt("http://127.0.0.1:%s", app->host);
} else {
app->host = sclone(app->host);
}
}
} else if (smatch(argp, "--iterations") || smatch(argp, "-i")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->iterations = atoi(argv[++nextArg]);
}
} else if (smatch(argp, "--key")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->key = sclone(argv[++nextArg]);
if (!mprPathExists(app->key, R_OK)) {
mprError("Cannot find key file %s", app->key);
return MPR_ERR_BAD_ARGS;
}
}
ssl = 1;
} else if (smatch(argp, "--log") || smatch(argp, "-l")) {
if (nextArg >= argc) {
return showUsage();
} else {
mprStartLogging(argv[++nextArg], 0);
}
} else if (smatch(argp, "--method") || smatch(argp, "-m")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->method = argv[++nextArg];
}
} else if (smatch(argp, "--out") || smatch(argp, "-o")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->outFilename = sclone(argv[++nextArg]);
}
} else if (smatch(argp, "--noout") || smatch(argp, "-n") ||
smatch(argp, "--quiet") || smatch(argp, "-q")) {
app->noout++;
} else if (smatch(argp, "--nofollow")) {
app->nofollow++;
} else if (smatch(argp, "--password") || smatch(argp, "-p")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->password = sclone(argv[++nextArg]);
}
} else if (smatch(argp, "--post")) {
app->method = "POST";
} else if (smatch(argp, "--printable")) {
app->printable++;
} else if (smatch(argp, "--protocol")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->protocol = supper(argv[++nextArg]);
}
} else if (smatch(argp, "--provider")) {
/* Undocumented SSL provider selection */
if (nextArg >= argc) {
return showUsage();
} else {
app->provider = sclone(argv[++nextArg]);
}
ssl = 1;
} else if (smatch(argp, "--put")) {
app->method = "PUT";
} else if (smatch(argp, "--range")) {
if (nextArg >= argc) {
return showUsage();
} else {
if (app->ranges == 0) {
app->ranges = sfmt("bytes=%s", argv[++nextArg]);
} else {
app->ranges = srejoin(app->ranges, ",", argv[++nextArg], NULL);
}
}
} else if (smatch(argp, "--retries") || smatch(argp, "-r")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->retries = atoi(argv[++nextArg]);
}
} else if (smatch(argp, "--self")) {
/* Undocumented. Allow self-signed certs. Users should just not set --verify */
app->verifyIssuer = 0;
ssl = 1;
} else if (smatch(argp, "--sequence")) {
app->sequence++;
} else if (smatch(argp, "--showHeaders") || smatch(argp, "--show") || smatch(argp, "-s")) {
app->showHeaders++;
} else if (smatch(argp, "--showStatus") || smatch(argp, "--showCode")) {
app->showStatus++;
} else if (smatch(argp, "--single") || smatch(argp, "-s")) {
app->singleStep++;
} else if (smatch(argp, "--text")) {
app->text++;
} else if (smatch(argp, "--threads") || smatch(argp, "-t")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->loadThreads = atoi(argv[++nextArg]);
}
} else if (smatch(argp, "--timeout")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->timeout = atoi(argv[++nextArg]) * MPR_TICKS_PER_SEC;
}
} else if (smatch(argp, "--upload") || smatch(argp, "-u")) {
app->upload++;
} else if (smatch(argp, "--user") || smatch(argp, "--username")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->username = argv[++nextArg];
}
// DEPRECATE validate. Preserve verify.
} else if (smatch(argp, "--validate") || smatch(argp, "--verify")) {
app->verifyPeer = 1;
ssl = 1;
} else if (smatch(argp, "--verbose") || smatch(argp, "-v")) {
app->verbose++;
} else if (smatch(argp, "--version") || smatch(argp, "-V")) {
mprEprintf("%s %s\n"
"Copyright (C) Embedthis Software 2003-2013\n"
"Copyright (C) Michael O'Brien 2003-2013\n",
BIT_TITLE, BIT_VERSION);
exit(0);
} else if (smatch(argp, "--workerTheads") || smatch(argp, "-w")) {
if (nextArg >= argc) {
return showUsage();
} else {
app->workers = atoi(argv[++nextArg]);
}
setWorkers++;
} else if (smatch(argp, "--zero")) {
app->zeroOnErrors++;
} else if (smatch(argp, "--")) {
nextArg++;
break;
} else if (smatch(argp, "-")) {
break;
} else {
return showUsage();
}
}
if (argc == nextArg) {
return showUsage();
}
app->nextArg = nextArg;
argc = argc - nextArg;
argv = &argv[nextArg];
app->target = argv[argc - 1];
if (--argc > 0) {
/*
Files present on command line
*/
app->files = mprCreateList(argc, MPR_LIST_STATIC_VALUES);
for (i = 0; i < argc; i++) {
mprAddItem(app->files, argv[i]);
}
}
if (!setWorkers) {
app->workers = app->loadThreads + 2;
}
if (app->method == 0) {
if (app->bodyData || app->formData || app->upload) {
app->method = "POST";
} else if (app->files) {
app->method = "PUT";
} else {
app->method = "GET";
}
}
#if BIT_PACK_SSL
{
HttpUri *uri = httpCreateUri(app->target, 0);
if (uri->secure || ssl) {
app->ssl = mprCreateSsl(0);
if (app->provider) {
mprSetSslProvider(app->ssl, app->provider);
}
if (app->cert) {
if (!app->key) {
mprError("Must specify key file");
return 0;
}
mprSetSslCertFile(app->ssl, app->cert);
mprSetSslKeyFile(app->ssl, app->key);
}
if (app->ca) {
mprLog(4, "Using CA: \"%s\"", app->ca);
mprSetSslCaFile(app->ssl, app->ca);
}
if (app->verifyIssuer == -1) {
app->verifyIssuer = app->verifyPeer ? 1 : 0;
}
mprVerifySslPeer(app->ssl, app->verifyPeer);
mprVerifySslIssuer(app->ssl, app->verifyIssuer);
if (app->ciphers) {
mprSetSslCiphers(app->ssl, app->ciphers);
}
} else {
mprVerifySslPeer(NULL, 0);
}
}
#else
/* Suppress comp warning */
mprNop(&ssl);
#endif
return 0;
}
