Fix #1793

2025-06-13 18:41:30 +03:00 · 2024-03-09 22:26:17 -05:00
parent 6791a8364d
commit 548dfff0ae
3 changed files with 76 additions and 35 deletions
--- a/httplib.h
+++ b/httplib.h
@ -145,11 +145,11 @@ using ssize_t = long;
 #endif // _MSC_VER

 #ifndef S_ISREG
-#define S_ISREG(m) (((m) & S_IFREG) == S_IFREG)
+#define S_ISREG(m) (((m)&S_IFREG) == S_IFREG)
 #endif // S_ISREG

 #ifndef S_ISDIR
-#define S_ISDIR(m) (((m) & S_IFDIR) == S_IFDIR)
+#define S_ISDIR(m) (((m)&S_IFDIR) == S_IFDIR)
 #endif // S_ISDIR

 #ifndef NOMINMAX
@ -1745,10 +1745,12 @@ public:

  explicit SSLClient(const std::string &host, int port,
                     const std::string &client_cert_path,
-                     const std::string &client_key_path);
+                     const std::string &client_key_path,
+                     const std::string &private_key_password = std::string());

  explicit SSLClient(const std::string &host, int port, X509 *client_cert,
-                     EVP_PKEY *client_key);
+                     EVP_PKEY *client_key,
+                     const std::string &private_key_password = std::string());

  ~SSLClient() override;

@ -2700,8 +2702,8 @@ inline bool mmap::open(const char *path) {
  if (!::GetFileSizeEx(hFile_, &size)) { return false; }
  size_ = static_cast<size_t>(size.QuadPart);

-  hMapping_ = ::CreateFileMappingFromApp(hFile_, NULL, PAGE_READONLY, size_,
-                                         NULL);
+  hMapping_ =
+      ::CreateFileMappingFromApp(hFile_, NULL, PAGE_READONLY, size_, NULL);

  if (hMapping_ == NULL) {
    close();
@ -8438,7 +8440,6 @@ inline SSLServer::SSLServer(const char *cert_path, const char *private_key_path,

    SSL_CTX_set_min_proto_version(ctx_, TLS1_1_VERSION);

-    // add default password callback before opening encrypted private key
    if (private_key_password != nullptr && (private_key_password[0] != '\0')) {
      SSL_CTX_set_default_passwd_cb_userdata(
          ctx_,
@ -8544,7 +8545,8 @@ inline SSLClient::SSLClient(const std::string &host, int port)

 inline SSLClient::SSLClient(const std::string &host, int port,
                            const std::string &client_cert_path,
-                            const std::string &client_key_path)
+                            const std::string &client_key_path,
+                            const std::string &private_key_password)
    : ClientImpl(host, port, client_cert_path, client_key_path) {
  ctx_ = SSL_CTX_new(TLS_client_method());

@ -8554,6 +8556,12 @@ inline SSLClient::SSLClient(const std::string &host, int port,
                });

  if (!client_cert_path.empty() && !client_key_path.empty()) {
+    if (!private_key_password.empty()) {
+      SSL_CTX_set_default_passwd_cb_userdata(
+          ctx_, reinterpret_cast<void *>(
+                    const_cast<char *>(private_key_password.c_str())));
+    }
+
    if (SSL_CTX_use_certificate_file(ctx_, client_cert_path.c_str(),
                                     SSL_FILETYPE_PEM) != 1 ||
        SSL_CTX_use_PrivateKey_file(ctx_, client_key_path.c_str(),
@ -8565,7 +8573,8 @@ inline SSLClient::SSLClient(const std::string &host, int port,
 }

 inline SSLClient::SSLClient(const std::string &host, int port,
-                            X509 *client_cert, EVP_PKEY *client_key)
+                            X509 *client_cert, EVP_PKEY *client_key,
+                            const std::string &private_key_password)
    : ClientImpl(host, port) {
  ctx_ = SSL_CTX_new(TLS_client_method());

@ -8575,6 +8584,12 @@ inline SSLClient::SSLClient(const std::string &host, int port,
                });

  if (client_cert != nullptr && client_key != nullptr) {
+    if (!private_key_password.empty()) {
+      SSL_CTX_set_default_passwd_cb_userdata(
+          ctx_, reinterpret_cast<void *>(
+                    const_cast<char *>(private_key_password.c_str())));
+    }
+
    if (SSL_CTX_use_certificate(ctx_, client_cert) != 1 ||
        SSL_CTX_use_PrivateKey(ctx_, client_key) != 1) {
      SSL_CTX_free(ctx_);