lib/libhttp
1
0
Fork 0
mirror of https://github.com/lammertb/libhttp.git synced 2026-01-03 16:02:30 +03:00
Code Activity

added -ssl_chain_file option

Browse Source
This commit is contained in:
valenok
2010-08-31 21:19:27 +01:00
parent 5a0376488d
commit 0f89d437d5
1 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
mongoose.c
View File

@@ -267,6 +267,8 @@ struct ssl_func {
#define ERR_get_error() (* (unsigned long (*)(void)) ssl_sw[15].ptr)()
#define ERR_error_string(x, y) (* (char * (*)(unsigned long, char *)) ssl_sw[16].ptr)((x), (y))
#define SSL_load_error_strings() (* (void (*)(void)) ssl_sw[17].ptr)()
#define SSL_CTX_use_certificate_chain_file(x,y,z) \
(* (int (*)(SSL_CTX *, const char *, int)) ssl_sw[18].ptr)((x), (y), (z))
#define CRYPTO_num_locks() (* (int (*)(void)) crypto_sw[0].ptr)()
#define CRYPTO_set_locking_callback(x) \
@@ -298,6 +300,7 @@ static struct ssl_func ssl_sw[] = {
{"ERR_get_error", NULL},
{"ERR_error_string", NULL},
{"SSL_load_error_strings", NULL},
{"SSL_CTX_use_certificate_chain_file", NULL},
{NULL, NULL}
};
@@ -350,7 +353,8 @@ struct socket {
enum {
CGI_EXTENSIONS, CGI_ENVIRONMENT, PUT_DELETE_PASSWORDS_FILE, CGI_INTERPRETER,
PROTECT_URI, AUTHENTICATION_DOMAIN, SSI_EXTENSIONS, ACCESS_LOG_FILE,
ENABLE_DIRECTORY_LISTING, ERROR_LOG_FILE, GLOBAL_PASSWORDS_FILE, INDEX_FILES,
SSL_CHAIN_FILE, ENABLE_DIRECTORY_LISTING, ERROR_LOG_FILE,
GLOBAL_PASSWORDS_FILE, INDEX_FILES,
ENABLE_KEEP_ALIVE, ACCESS_CONTROL_LIST, EXTRA_MIME_TYPES, LISTENING_PORTS,
DOCUMENT_ROOT, SSL_CERTIFICATE, NUM_THREADS, RUN_AS_USER,
NUM_OPTIONS
@@ -365,6 +369,7 @@ static const char *config_options[] = {
"R", "authentication_domain", "mydomain.com",
"S", "ssi_extensions", ".shtml,.shtm",
"a", "access_log_file", NULL,
"c", "ssl_chain_file", NULL,
"d", "enable_directory_listing", "yes",
"e", "error_log_file", NULL,
"g", "global_passwords_file", NULL,
@@ -3431,6 +3436,7 @@ static int set_ssl_option(struct mg_context *ctx) {
SSL_CTX *CTX;
int i, size;
const char *pem = ctx->config[SSL_CERTIFICATE];
const char *chain = ctx->config[SSL_CHAIN_FILE];
if (pem == NULL) {
return 1;
@@ -3461,6 +3467,12 @@ static int set_ssl_option(struct mg_context *ctx) {
return 0;
}
if (CTX != NULL && chain != NULL &&
SSL_CTX_use_certificate_chain_file(CTX, chain, SSL_FILETYPE_PEM) == 0) {
cry(fc(ctx), "%s: cannot open %s: %s", NULL, chain, ssl_error());
return 0;
}
// Initialize locking callbacks, needed for thread safety.
// http://www.openssl.org/support/faq.html#PROG1
size = sizeof(pthread_mutex_t) * CRYPTO_num_locks();