void conn_config_ssl (CfgGroup *grp) { Octstr *ssl_client_certkey_file = NULL; Octstr *ssl_server_cert_file = NULL; Octstr *ssl_server_key_file = NULL; Octstr *ssl_trusted_ca_file = NULL; /* * check if SSL is desired for HTTP servers and then * load SSL client and SSL server public certificates * and private keys */ ssl_client_certkey_file = cfg_get(grp, octstr_imm("ssl-client-certkey-file")); if (ssl_client_certkey_file != NULL) use_global_client_certkey_file(ssl_client_certkey_file); ssl_server_cert_file = cfg_get(grp, octstr_imm("ssl-server-cert-file")); ssl_server_key_file = cfg_get(grp, octstr_imm("ssl-server-key-file")); if (ssl_server_cert_file != NULL && ssl_server_key_file != NULL) { use_global_server_certkey_file(ssl_server_cert_file, ssl_server_key_file); } ssl_trusted_ca_file = cfg_get(grp, octstr_imm("ssl-trusted-ca-file")); use_global_trusted_ca_file(ssl_trusted_ca_file); octstr_destroy(ssl_client_certkey_file); octstr_destroy(ssl_server_cert_file); octstr_destroy(ssl_server_key_file); octstr_destroy(ssl_trusted_ca_file); }
int main(int argc, char **argv) { int i, opt, use_threads; struct sigaction act; char *filename; Octstr *log_filename; Octstr *file_contents; #ifdef HAVE_LIBSSL Octstr *ssl_server_cert_file = NULL; Octstr *ssl_server_key_file = NULL; #endif char *whitelist_name; char *blacklist_name; int white_asked, black_asked; long threads[MAX_THREADS]; FILE *fp; gwlib_init(); act.sa_handler = sigterm; sigemptyset(&act.sa_mask); act.sa_flags = 0; sigaction(SIGTERM, &act, NULL); sigaction(SIGINT, &act, NULL); port = 8080; use_threads = 1; verbose = 1; run = 1; filename = NULL; log_filename = NULL; blacklist_name = NULL; whitelist_name = NULL; white_asked = 0; black_asked = 0; reply_text = octstr_create("Sent."); while ((opt = getopt(argc, argv, "hqv:p:t:f:l:sc:k:b:w:r:H:")) != EOF) { switch (opt) { case 'v': log_set_output_level(atoi(optarg)); break; case 'q': verbose = 0; break; case 'h': help(); exit(0); case 'p': port = atoi(optarg); break; case 't': use_threads = atoi(optarg); if (use_threads > MAX_THREADS) use_threads = MAX_THREADS; break; case 'c': #ifdef HAVE_LIBSSL octstr_destroy(ssl_server_cert_file); ssl_server_cert_file = octstr_create(optarg); #endif break; case 'k': #ifdef HAVE_LIBSSL octstr_destroy(ssl_server_key_file); ssl_server_key_file = octstr_create(optarg); #endif break; case 's': #ifdef HAVE_LIBSSL ssl = 1; #endif break; case 'f': filename = optarg; break; case 'l': octstr_destroy(log_filename); log_filename = octstr_create(optarg); break; case 'w': whitelist_name = optarg; if (whitelist_name == NULL) whitelist_name = ""; white_asked = 1; break; case 'b': blacklist_name = optarg; if (blacklist_name == NULL) blacklist_name = ""; black_asked = 1; break; case 'r': octstr_destroy(reply_text); reply_text = octstr_create(optarg); break; case 'H': { Octstr *cont; fp = fopen(optarg, "a"); if (fp == NULL) panic(0, "Cannot open header text file %s", optarg); cont = octstr_read_file(optarg); if (cont == NULL) panic(0, "Cannot read header text"); debug("", 0, "headers are"); octstr_dump(cont, 0); split_headers(cont, &extra_headers); fclose(fp); octstr_destroy(cont); break; } case '?': default: error(0, "Invalid option %c", opt); help(); panic(0, "Stopping."); } } if (log_filename != NULL) { log_open(octstr_get_cstr(log_filename), GW_DEBUG, GW_NON_EXCL); octstr_destroy(log_filename); } if (filename == NULL) file_contents = NULL; else file_contents = octstr_read_file(filename); if (white_asked) { whitelist = octstr_read_file(whitelist_name); if (whitelist == NULL) panic(0, "Cannot read the whitelist"); } if (black_asked) { blacklist = octstr_read_file(blacklist_name); if (blacklist == NULL) panic(0, "Cannot read the blacklist"); } #ifdef HAVE_LIBSSL /* * check if we are doing a SSL-enabled server version here * load the required cert and key file */ if (ssl) { if (ssl_server_cert_file != NULL && ssl_server_key_file != NULL) { use_global_server_certkey_file(ssl_server_cert_file, ssl_server_key_file); octstr_destroy(ssl_server_cert_file); octstr_destroy(ssl_server_key_file); } else { panic(0, "certificate and public key need to be given!"); } } #endif if (http_open_port(port, ssl) == -1) panic(0, "http_open_server failed"); /* * Do the real work in a separate thread so that the main * thread can catch signals safely. */ for (i = 0; i < use_threads; ++i) threads[i] = gwthread_create(client_thread, file_contents); /* wait for all working threads */ for (i = 0; i < use_threads; ++i) gwthread_join(threads[i]); octstr_destroy(reply_text); gwlist_destroy(extra_headers, octstr_destroy_item); debug("test.http", 0, "Program exiting normally."); gwlib_shutdown(); return 0; }