lib/libhttp
1
0
Fork 0
mirror of https://github.com/lammertb/libhttp.git synced 2025-08-07 16:02:55 +03:00
Code Activity

ssl_protocol_version now fast option

Browse Source
This commit is contained in:
Lammert Bies
2016-12-28 07:13:34 +01:00
parent 6c168937b4
commit 19008c14d4
6 changed files with 8 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
include/libhttp.h
View File

@@ -454,7 +454,6 @@ struct httplib_option {
enum {
CONFIG_TYPE_UNKNOWN = 0x0,
CONFIG_TYPE_NUMBER = 0x1,
CONFIG_TYPE_STRING = 0x2,
CONFIG_TYPE_FILE = 0x3,
CONFIG_TYPE_DIRECTORY = 0x4,

1
src/httplib_config_options.c
View File

@@ -55,7 +55,6 @@ struct httplib_option XX_httplib_config_options[] = {
{ "ssl_ca_path", CONFIG_TYPE_DIRECTORY, NULL },
{ "ssl_ca_file", CONFIG_TYPE_FILE, NULL },
{ "ssl_cipher_list", CONFIG_TYPE_STRING, NULL },
{ "ssl_protocol_version", CONFIG_TYPE_NUMBER, "0" },
{ "websocket_root", CONFIG_TYPE_DIRECTORY, NULL },
{ "access_control_allow_origin", CONFIG_TYPE_STRING, "*" },
{ "error_pages", CONFIG_TYPE_DIRECTORY, NULL },

2
src/httplib_main.h
View File

@@ -414,7 +414,6 @@ enum {
SSL_CA_PATH,
SSL_CA_FILE,
SSL_CIPHER_LIST,
SSL_PROTOCOL_VERSION,
WEBSOCKET_ROOT,
ACCESS_CONTROL_ALLOW_ORIGIN,
ERROR_PAGES,
@@ -598,6 +597,7 @@ struct httplib_context {
#endif
int num_threads;
int request_timeout;
int ssl_protocol_version;
int ssl_verify_depth;
int static_file_max_age;
int websocket_timeout;

6
src/httplib_set_ssl_option.c
View File

@@ -46,7 +46,6 @@ bool XX_httplib_set_ssl_option( struct httplib_context *ctx ) {
struct timespec now_mt;
md5_byte_t ssl_context_id[16];
md5_state_t md5state;
int protocol_ver;
/*
* If PEM file is not specified and the init_ssl callback
@@ -84,10 +83,7 @@ bool XX_httplib_set_ssl_option( struct httplib_context *ctx ) {
SSL_CTX_clear_options( ctx->ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 );
if ( ctx->cfg[SSL_PROTOCOL_VERSION] != NULL ) protocol_ver = atoi( ctx->cfg[SSL_PROTOCOL_VERSION] );
else protocol_ver = 0;
SSL_CTX_set_options( ctx->ssl_ctx, XX_httplib_ssl_get_protocol( protocol_ver ) );
SSL_CTX_set_options( ctx->ssl_ctx, XX_httplib_ssl_get_protocol( ctx->ssl_protocol_version ) );
SSL_CTX_set_options( ctx->ssl_ctx, SSL_OP_SINGLE_DH_USE );
SSL_CTX_set_options( ctx->ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE );
SSL_CTX_set_ecdh_auto( ctx->ssl_ctx, 1 );

2
src/httplib_start.c
View File

@@ -288,6 +288,7 @@ static bool process_options( struct httplib_context *ctx, const struct httplib_o
ctx->enable_keep_alive = false;
ctx->num_threads = 50;
ctx->request_timeout = 30000;
ctx->ssl_protocol_version = 0;
ctx->ssl_short_trust = false;
ctx->ssl_verify_depth = 9;
ctx->ssl_verify_paths = true;
@@ -304,6 +305,7 @@ static bool process_options( struct httplib_context *ctx, const struct httplib_o
if ( check_bool( ctx, options, "enable_keep_alive", & ctx->enable_keep_alive ) ) return true;
if ( check_int( ctx, options, "num_threads", & ctx->num_threads, 1, INT_MAX ) ) return true;
if ( check_int( ctx, options, "request_timeout", & ctx->request_timeout, 0, INT_MAX ) ) return true;
if ( check_int( ctx, options, "ssl_protocol_version", & ctx->ssl_protocol_version, 0, 4 ) ) return true;
if ( check_bool( ctx, options, "ssl_short_trust", & ctx->ssl_short_trust ) ) return true;
if ( check_int( ctx, options, "ssl_verify_depth", & ctx->ssl_verify_depth, 0, 9 ) ) return true;
if ( check_bool( ctx, options, "ssl_verify_paths", & ctx->ssl_verify_paths ) ) return true;

2
src/main.c
View File

@@ -355,7 +355,7 @@ static int set_option( struct httplib_option_t *options, const char *name, const
case CONFIG_TYPE_UNKNOWN:
/* unknown option */
return 0;
case CONFIG_TYPE_NUMBER:
case 0x1 : /* CONFIG_TYPE_NUMBER: */
/* integer number > 0, e.g. number of threads */
if (atol(value) < 0) {
/* invalid number */